Advanced search
Start date
Betweenand

Offloading of crypto functions to smartNICS in cloud-native environments

Grant number: 23/04750-6
Support Opportunities:Scholarships in Brazil - Master
Effective date (Start): May 01, 2023
Effective date (End): March 31, 2024
Field of knowledge:Physical Sciences and Mathematics - Computer Science - Computer Systems
Principal Investigator:Fabio Luciano Verdi
Grantee:Felipe Aparecido dos Santos Novais
Host Institution: Centro de Ciências em Gestão e Tecnologia (CCGT). Universidade Federal de São Carlos (UFSCAR). Campus de Sorocaba. Sorocaba , SP, Brazil
Host Company:Universidade Estadual de Campinas (UNICAMP). Faculdade de Engenharia Elétrica e de Computação (FEEC)
Associated research grant:21/00199-8 - SMART NEtworks and ServiceS for 2030 (SMARTNESS), AP.PCPE

Abstract

Microservices are a software architecture approach that allows to divide applications into smaller, independent services, making system maintenance and scalability easier. With the growth of cloud-native environments, microservices have become a fundamental part of distributed applications and their efficiency and scalability are even more critical for the operation of cloud infrastructures. In addition, we have recently observed a growing adoption of the concept related to offloading. Offloading is a technique used to lighten the processing load, allowing other processing units to be used. Network offloading has been widely used to ease the CPU load on network servers, allowing the CPU to perform other critical tasks. With the growing number of microservices, offloading has become an even greater necessity to ensure the efficiency of these distributed applications. In this sense, and still in line with offloading, TLS (Transport Layer Security) is a security protocol used to protect network communications and is especially important in Web applications. With the evolution of web applications, the use of the TLS protocol has become even more important, being an integral part of HTTP/2. Offloading via kTLS is a technique that allows hardware acceleration to process secure TLS communications, allowing to alleviate the CPU. This technique can be especially beneficial in cloud-native environments, where the demand for secure communications is high and efficiency is crucial in handling large amounts of traffic. There are academic works proposing what would become the kTLS kernel module, but in the academic scenario, so far, there are no comparisons of real use of the technology, although it is possible to find ta few echnical works for this purpose. Some works document the proposal of a kernel module capable of abstracting the cryptographic functions and allowing the offload via software and hardware. The purpose of this master's project is precisely to demonstrate the benefits of this module from the perspective of Web applications with microservices architecture. Observing the academic and commercial panorama available in the literature, it is possible to notice that there is an effort focused on the communication of microservices. However, current revised references do not focus on microservices environments with kTLS. Therefore, in this master's project, a solution capable of offloading encryption to NICs using kTLS will be developed.

News published in Agência FAPESP Newsletter about the scholarship:
More itemsLess items
Articles published in other media outlets ( ):
More itemsLess items
VEICULO: TITULO (DATA)
VEICULO: TITULO (DATA)

Please report errors in scientific publications list using this form.