Secure Map Reduce

UniNE’s Secure Map Reduce is a proof-of-concept map-reduce implementation specially tailored
for small- to medium-footprint batch processing micro-services. It is aimed at providing
support for privacy sensitive applications defined by map and reduce
routines expressed in Lua, an extension language. Lua is a lightweight and embedded scripting
language, which makes it a natural fit for small applications as well as for running inside
enclaves. The constraint that disallows
system calls from secure enclaves is exploited in favor of security. By putting the language
interpreter inside the protected area, besides the given application protection (privacy,
integrity and data freshness) we also shield
the system from malicious user code that diverts the purpose of defining computation on data
(either map or reduce) to attempts of accessing peripherals (e.g., storage or network
interface accesses). Our approach does not require
any particular knowledge from the programmer of cryptographic mechanisms for implementing the
map and reduce functions. Also, preserving privacy and integrity is not dependent in any way
on the specific characteristics of the
functions, simply taking advantage in this purpose of the standard trusted characteristics of
the enclaves. Besides these advantages, our solution is easily maintainable relying on a
standard Lua interpreter for code execution.