Research On Energy Management And Privacy Protection In Cloud Environment

In recent years,with the popularity of cloud computing and the expansion of cloud data centers,energy management mechanisms and privacy protection issues in cloud computing environments have received increasing attention.The energy loss of high-performance data centers has become crucial to the total operation and maintenance costs.However,the lack of data integrity and data privacy guarantees in traditional public clouds increases the risk of data leakage.The issues of energy management and data security have become two major obstacles to the development of cloud computing.To solve the above two issues and to enable the further development of cloud computing,this paper conducts related research on energy management and privacy protection in cloud computing environments from three aspects:virtual machine(VM)scheduling,data scheduling,and code scheduling.From the level of virtual machine scheduling,this paper studies the impact of different VM placements on VM performance and energy consumption,and it innovatively proposes to combine VM scheduling and dynamic voltage and frequency scaling(DVFS),therefore manages to reduce the energy consumption of VMs without affecting the performance of VMs.From the level of data scheduling,in order to provide guarantees on data security and privacy in multi-tenant public clouds,current research takes advantage of Intel's new processor instruction extensions named SGX and stores all the tenants' data into SGX enclaves.This paper proposes a design that only stores tenant's encryption key inside the trusted memory,while the encrypted data is stored in the non-SGX protected common memory space.Based on this design,this paper implemented an in-memory key-value database named EnclaveCache,which achieves high performance and good scalability while ensuring the privacy and isolation for tenants' data within SGX's limited enclave space.From the level of code scheduling,to address the problem of enclave switches when performing network communication from SGX enclaves,this paper proposes a network I/O mechanism based on a user-level TCP/IP stack mTCP and a user-level packet processing tool DPDK.With reasonable partitioning and scheduling of codes in and outside the enclaves,our network I/O mechanism effectively improves the performance for transmitting private data in SGX enclaves,eliminating the overhead of enclave switches.The main contributions and innovations of this paper are as follows:This paper proposes a power-performance balancing mechanism in cloud en-vironments.It is the first to integrate a software-based mechanism named VM scheduling technology with a hardware-based mechanism named DVF-S.In addition,different from the existing VM management mechanisms,this paper takes both the performance impact of frequency scaling and the heterogeneity of cloud computing platforms into consideration,and per-forms VM scheduling to reduce the energy consumption and also maintains the performance of VMs.This paper proposes a privacy protection mechanism in multi-tenant public clouds.Different from the existing approaches based on SGX and loads the entire data inside SGX enclaves,this paper designs a reasonable enclave data scheduling mechanism which only stores the tenant's core privacy data inside the enclaves,thus maintains a small trusted code base and increases the generality of our mechanism,while ensuring the isolation and privacy of tenants' data in clouds.This paper proposes an efficient privacy-preserving network I/O mechanis-m in cloud environments.Different from the existing methods which utilize additional worker threads to avoid enclave switches,this paper achieves a new user-mode network I/O mechanism based on reasonable code schedul-ing on top of a user-level TCP/IP stack mTCP and a user-level packet processing tool DPDK.Our mechanism fundamentally avoids the overhead of enclave switches caused by network-related system calls when transmit-ting privacy data inside SGX enclaves.