Secure Serverless Computing Using Dynamic Information Flow Control

TL;DR

This paper introduces a novel dynamic information flow control approach tailored for serverless computing, combining static and dynamic labeling to enhance security guarantees while maintaining low performance overhead.

Contribution

It presents a new IFC method for serverless systems that addresses termination channel amplification, using static process labels and dynamic data labels, implemented on AWS Lambda and OpenWhisk.

Findings

Enforces strong IFC security properties in serverless environments.

Achieves low overhead in real-world case studies.

Addresses termination channel amplification issues.

Abstract

The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger termination-sensitive non-interference guarantee, which we achieve using a combination of static labeling of serverless processes and dynamic faceted labeling of persistent data. We describe our implementation of this approach on top of JavaScript for AWS Lambda and OpenWhisk serverless platforms, and present three realistic case studies showing that it can enforce important IFC security properties with low overhead.