Summary:
Security is a core responsibility for Function-as-a-Service (FaaS) providers. The prevailing approach has each function execute in its own container to isolate concurrent executions of different functions. However, successive invocations of the same function commonly reuse the runtime state of a previous invocation in order to avoid container cold-start delays when invoking a function. Although efficient, this container reuse has security implications for functions that are invoked on behalf of differently privileged users or administrative domains: bugs in a function’s implementation, third-party library, or the language runtime may leak private data from one invocation of the function to subsequent invocations of the same function.
In this episode, Mohamed Alzayat tells us about Groundhog, which isolates sequential invocations of a function by efficiently reverting to a clean state, free from any private data, after each invocation. Tune in to learn more about how Groundhog works and how it improves security in FaaS!
Links:
Hosted on Acast. See acast.com/privacy for more information.
Related Episodes
Introducing the High Impact Series...
Introducing the High Impact Series! Hey folks, we have a new series coming soon inspired by a blog post “ Most Influential Database Papers " by Ryan Marcus . The series will feature interviews with the authors of some of the most impactful work in the field of databases. We will talk about the stor...
Eleni Zapridou | Oligolithic Cross-task Optimizations across Isolated Workloads | #51
In this episode, we talk to Eleni Zapridou and delve into the challenges of data processing within enterprises, where multiple applications operate concurrently on shared resources. Traditional resource boundaries between applications often lead to increased costs and resource consumption. However,...
Pat Helland | Scalable OLTP in the Cloud: What’s the BIG DEAL? | #50
In this thought-provoking podcast episode, we dive into the world of scalable OLTP (OnLine Transaction Processing) systems with the insightful Pat Helland. As a seasoned expert in the field, Pat shares his insights on the critical role of isolation semantics in the scalability of OLTP systems, emph...