P59: Secure Enclaves: An Isolation-Centric Approach for Creating Secure High-Performance Computing Environments
Abstract: High performance computing environments are used for a wide variety of workloads. These systems may process data at various security levels but in so doing are often enclaved at the highest security posture, which may limit usability or performance. The traditional approach used to provide isolation is effective at the creation of secure enclaves, but poses significant challenges with respect to the use of shared infrastructure in HPC environments. We evaluate the use of system-level (i.e., hypervisor-based) and operating system level (i.e., containers) virtualization as well as software defined networking (SDN) as possible mechanisms for secure, isolation-centric enclaves (secure enclaves). We describe our approach to secure HPC enclaves and provide benchmark results for three focus areas (compute, network and data storage) where isolation mechanisms are most significant.
Award: Best Poster Finalist (BP): no
Two-page extended abstract: pdf