S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX

Function-as-a-Service (FaaS) is a recent and popular cloud computing paradigm in which the function provider specifies a function to be run and is billed only for the computational resources used by that function. Compared to other cloud paradigms, FaaS requires significantly more fine-grained measurement of functions' compute time and memory usage. Since functions are short and stateless, small ephemeral entities (e.g. individuals or underutilized data centers) can become FaaS service providers. However, this exacerbates the already substantial challenges of 1) ensuring integrity of computation, 2) minimizing information revealed to the service provider, and 3) accurately measuring computational resource usage. To address these challenges, we introduce S-FaaS, the first architecture and implementation of FaaS to provide strong security and accountability guarantees using Intel SGX. To match the dynamic event-driven nature of FaaS, we introduce a new key distribution enclave and a novel transitive attestation protocol. A core contribution of S-FaaS is our set of reusable resource measurement mechanisms that securely measure compute time and memory usage inside an enclave. We have integrated S-FaaS into the OpenWhisk FaaS framework and provide this as open source software.