One of the great advances in computation over the last 20 years is the availability, connectivity, and growth of datacenters. These advances in the datacenter have motivated research, development, and adoption of new techniques to improve the overall performance of datacenter activities. Such techniques include virtualization, software defined networking (SDN), distributed computing, platform-as-a-service (PaaS), serverless computing, and many more. Continued improvements and support for all these datacenter applications has required a re-imagining of the current connected environment into one that is more data focused, where computation is everywhere, and high performance networks connect all resources together. A key part of this evolution is making network fabrics more intelligent by substituting traditional network interface cards (NICs) with SmartNICs; these create opportunities to move computation away from compute nodes and into the network. Field programmable gate arrays (FPGAs) play a significant role in realizing these new opportunities in the network fabric as they have both compute and communication hardware. In this thesis, we investigate performance and usability of network FPGAs and demonstrate their utility with case studies in security and privacy for tenants in the datacenter.
We propose an approach to achieve a new level of security and performance through the use of reconfigurable hardware available with network attached FPGA SmartNICs. We first show how FPGAs directly connected to high-bandwidth network resources can reduce the network load through function offload onto FPGAs. We then demonstrate the capabilities of FPGA SmartNICs to perform in-line packet acceleration functions as well as application acceleration without host processing. Next, we improve the security of the datacenter through network isolation techniques and secure data processing between tenants co-located in the same datacenter. To this end, we accelerate a state-of-the-art cryptographic algorithm, Secret Sharing Multi-Party Computation (MPC), using FPGAs. Our FPGA accelerated Secret Sharing MPC uses at least a 10x less computing resources compared to the original design using CPUs.
To demonstrate the real-world advantages of leveraging network-attached FPGA SmartNICs, we present three unique applications of these FPGAs specifically for security. First, we improve the performance of datacenter nodes on CPUs by offloading common packet functions such as remote memory access and packet fragmentation. Second, towards the goal of providing private cloud enclaves, we propose a method of securing tenant private networks with FPGA SmartNICs. Finally, we leverage FPGA SmartNICs to efficiently perform joint confidential data processing between cooperating organizations.
| Identifer | oai:union.ndltd.org:bu.edu/oai:open.bu.edu:2144/45061 |
| Date | 26 August 2022 |
| Creators | Patel, Rushi |
| Contributors | Herbordt, Martin C. |
| Source Sets | Boston University |
| Language | en_US |
| Detected Language | English |
| Type | Thesis/Dissertation |
Page generated in 0.0021 seconds