VeriCount: Verifiable Resource Accounting Using Hardware and Software Isolation

In cloud computing, where clients are billed based on the consumed
resources for outsourced tasks, both the cloud providers and the clients have the
incentive to manipulate claims about resource usage. Both desire an accurate and
verifiable resource accounting system, which is neutral and can be trusted to refute
any disputes. In this work, we present VERICOUNT —a verifiable resource
accounting system coupled with refutable billing support for Linux container based
applications. To protect VERICOUNT logic, we propose a novel approach
called self-accounting that combines hardware-based isolation guarantees from
trusted computing mechanisms and software fault isolation techniques. The self-accounting
engine in VERICOUNT leverages security features present in trusted
computing solutions, such as Intel SGX, to measure user CPU time, memory,
I/O bytes and network bandwidth while simultaneously detecting resource usage
inflation attacks. We claim three main results. First, VERICOUNT incurs an average
performance overhead of 3.62% and 16.03% over non-accounting but SGX compatible
applications in hardware and simulation mode respectively. Next, it
contributes only an additional 542 lines of code to the trusted computing base.
Lastly, it generates highly accurate, fine-grained resource accounting, with no
discernible difference to the resource measuring tool available with the OS.