{"id":907098,"date":"2022-12-12T13:41:00","date_gmt":"2022-12-12T21:41:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?post_type=msr-project&p=907098"},"modified":"2023-01-16T13:33:13","modified_gmt":"2023-01-16T21:33:13","slug":"zeta-2","status":"publish","type":"msr-project","link":"https:\/\/www.microsoft.com\/en-us\/research\/project\/zeta-2\/","title":{"rendered":"Zeta: Towards Zero-Trust Applications"},"content":{"rendered":"
\n\t
\n\t\t
\n\t\t\t\t\t<\/div>\n\t\t\n\t\t
\n\t\t\t\n\t\t\t
\n\t\t\t\t\n\t\t\t\t
\n\t\t\t\t\t\n\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\n

Zeta: Towards Zero-Trust Applications<\/h2>\n\n\n\n

<\/p>\n\n\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/div>\n<\/section>\n\n\n\n\n\n

A client using a cloud service today trusts the cloud provider to implement and run the service correctly. A service typically depends on millions of lines of code, a multitude of engineers developing the software, administrators managing the service infrastructure, and security mechanisms protecting the platform the service runs on. A single bug, misconfiguration, or a rogue insider can break the service guarantees and mishandle client data. The trust management relies on manual processes such as external audits and hard-to-quantify notions such as “best practices” and provider reputation.<\/p>\n\n\n\n

In the Zeta project, we envision making a cloud service untrusted by removing the cloud provider from the trust boundary for some of the guarantees of the service. A client needs only trust standard cryptography, the hardware provided guarantees of Trusted Execution Environments (TEEs), and service-agnostic toolchain such as compilers and SAT-solvers. Our insight is that the execution of a complex, stateful service can be validated by a simple, nearly stateless, “monitor” process. The service is modified to interact with the monitor that runs within a TEE to “prove” its correct execution. The responses from the service are signed by the monitor and verified at the client. The implementation of the monitor and the end-to-end runtime guarantees of the service are formally verified to be correct using the F* proof-oriented programming language (opens in new tab)<\/span><\/a>.<\/p>\n\n\n\n

<\/p>\n\n\n\n

We have implemented a verifiable key-value store called FastVer, by extending the FASTER (opens in new tab)<\/span><\/a> system. (We are working on making the FastVer code open source.) We are also working on extending other similar systems and hope to publish details soon.<\/p>\n\n\n","protected":false},"excerpt":{"rendered":"

A client using a cloud service today trusts the cloud provider to implement and run the service correctly. A service typically depends on millions of lines of code, a multitude of engineers developing the software, administrators managing the service infrastructure, and security mechanisms protecting the platform the service runs on. A single bug, misconfiguration, or […]<\/p>\n","protected":false},"featured_media":0,"template":"","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"footnotes":""},"research-area":[13563,13560,13558],"msr-locale":[268875],"msr-impact-theme":[],"msr-pillar":[],"class_list":["post-907098","msr-project","type-msr-project","status-publish","hentry","msr-research-area-data-platform-analytics","msr-research-area-programming-languages-software-engineering","msr-research-area-security-privacy-cryptography","msr-locale-en_us","msr-archive-status-active"],"msr_project_start":"","related-publications":[739885,900732],"related-downloads":[],"related-videos":[],"related-groups":[],"related-events":[],"related-opportunities":[],"related-posts":[],"related-articles":[],"tab-content":[],"slides":[],"related-researchers":[{"type":"user_nicename","display_name":"Esha Ghosh","user_id":37851,"people_section":"Section name 1","alias":"esghosh"},{"type":"user_nicename","display_name":"Tahina Ramananandro","user_id":36293,"people_section":"Section name 1","alias":"taramana"},{"type":"user_nicename","display_name":"Aseem Rastogi","user_id":36021,"people_section":"Section name 1","alias":"aseemr"},{"type":"user_nicename","display_name":"Srinath Setty","user_id":33709,"people_section":"Section name 1","alias":"srinath"},{"type":"user_nicename","display_name":"Nikhil Swamy","user_id":33138,"people_section":"Section name 1","alias":"nswamy"}],"msr_research_lab":[199562,199565],"msr_impact_theme":[],"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/907098"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/msr-project"}],"version-history":[{"count":6,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/907098\/revisions"}],"predecessor-version":[{"id":913413,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/907098\/revisions\/913413"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=907098"}],"wp:term":[{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=907098"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=907098"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=907098"},{"taxonomy":"msr-pillar","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-pillar?post=907098"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}