End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs

This paper presents an approach to provide strong assurance of the secure execution of distributed event-driven applications on shared infrastructures, while relying on a small Trusted Computing Base. We build upon and extend security primitives provided by Trusted Execution Environments (TEEs) to guarantee authenticity and integrity properties of applications, and to secure control of input and output devices. More specifically, we guarantee that if an output is produced by the application, it was allowed to be produced by the application’s source code based on an authentic trace of inputs. We present an integrated open-source framework to develop, deploy, and use such applications across heterogeneous TEEs. Beyond authenticity and integrity, our framework optionally provides confidentiality and a notion of availability, and facilitates software development at a high level of abstraction over the platform-specific TEE layer. We support event-driven programming to develop distributed enclave applications in Rust and C for heterogeneous TEE, including Intel SGX, ARM TrustZone and Sancus. In this article we discuss the workings of our approach, the extensions we made to the Sancus processor, and the integration of our development model with commercial TEEs. Our evaluation of security and performance aspects show that TEEs, together with our programming model, form a basis for powerful security architectures for dependable systems in domains such as Industrial Control Systems and the Internet of Things, illustrating our framework’s unique suitability for a broad range of use cases which combine cloud processing, mobile and edge devices, and lightweight sensing and actuation.

[1]  Frank Piessens,et al.  Aion: Enabling Open Systems through Strong Availability Guarantees for Enclaves , 2021, CCS.

[2]  Frank Piessens,et al.  Securing Interruptible Enclaved Execution on Small Microprocessors , 2021, ACM Trans. Program. Lang. Syst..

[3]  Frank Piessens,et al.  Compiler-Assisted Hardening of Embedded Software Against Interrupt Latency Side-Channel Attacks , 2021, 2021 IEEE European Symposium on Security and Privacy (EuroS&P).

[4]  Bill Tomlinson,et al.  How Sustainable is the Smart Farm? , 2021 .

[5]  Owen Arden,et al.  Secure Distributed Applications the Decent Way , 2020, ASSS@AsiaCCS.

[6]  Dawn Song,et al.  Keystone: an open framework for architecting trusted execution environments , 2020, EuroSys.

[7]  Gianluca Scopelliti Securing Smart Environments with Authentic Execution , 2020 .

[8]  Daniel Genkin,et al.  SGAxe: How SGX Fails in Practice , 2020 .

[9]  Mingyu Li,et al.  Establishing Trusted I/O Paths for SGX Client Systems With Aurora , 2020, IEEE Transactions on Information Forensics and Security.

[10]  Wenliang Du,et al.  TruZ-View: Developing TrustZone User Interface for Mobile OS Using Delegation Integration Model , 2019, CODASPY.

[11]  Dan Boneh,et al.  Fidelius: Protecting User Secrets from Compromised Browsers , 2018, 2019 IEEE Symposium on Security and Privacy (SP).

[12]  Roberto Blanco,et al.  Journey Beyond Full Abstraction: Exploring Robust Property Preservation for Secure Compilation , 2018, 2019 IEEE 32nd Computer Security Foundations Symposium (CSF).

[13]  Frank Piessens,et al.  Nemesis: Studying Microarchitectural Timing Leaks in Rudimentary CPU Interrupt Logic , 2018, CCS.

[14]  Thomas F. Wenisch,et al.  Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution , 2018, USENIX Security Symposium.

[15]  Thomas F. Wenisch,et al.  Foreshadow-NG: Breaking the virtual memory abstraction with transient out-of-order execution , 2018 .

[16]  Yubin Xia,et al.  VButton: Practical Attestation of User-driven Operations in Mobile Apps , 2018, MobiSys.

[17]  Wenliang Du,et al.  TruZ-Droid: Integrating TrustZone with Mobile Operating System , 2018, MobiSys.

[18]  David Kotz,et al.  BASTION-SGX: Bluetooth and Architectural Support for Trusted I/O on SGX , 2018, HASP@ISCA.

[19]  N. Asokan,et al.  Migrating SGX Enclaves with Persistent State , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[20]  Johannes Götzfried,et al.  Hardware-Based Trusted Computing Architectures for Isolation and Attestation , 2018, IEEE Transactions on Computers.

[21]  Frank Piessens,et al.  VulCAN: Efficient Component Authentication and Software Isolation for Automotive Control Networks , 2017, ACSAC.

[22]  Frank Piessens,et al.  Authentic Execution of Distributed Event-Driven Applications with a Small TCB , 2017, STM.

[23]  Yeongjin Jang,et al.  Building trust in the user I/O in computer systems , 2017 .

[24]  Johannes Götzfried,et al.  Cache Attacks on Intel SGX , 2017, EUROSEC.

[25]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[26]  Mario Werner,et al.  SGXIO: Generic Trusted I/O Path for Intel SGX , 2017, CODASPY.

[27]  Daniel Martin,et al.  TrustZone Explained: Architectural Features and Use Cases , 2016, 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC).

[28]  Frank Piessens,et al.  An Implementation of a High Assurance Smart Meter Using Protected Module Architectures , 2016, WISTP.

[29]  Alec Wolman,et al.  fTPM: A Software-Only Implementation of a TPM Chip , 2016, USENIX Security Symposium.

[30]  Dan Meng,et al.  TrustPAY: Trusted mobile payment on security enhanced ARM TrustZone platforms , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[31]  Bill Tomlinson,et al.  Computational Agroecology: Sustainable Food Ecosystem Design , 2016, CHI Extended Abstracts.

[32]  Bogdan Warinschi,et al.  Foundations of Hardware-Based Attested Computation and Application to SGX , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[33]  Carlos V. Rozas,et al.  Intel® Software Guard Extensions: EPID Provisioning and Attestation Services , 2016 .

[34]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[35]  Yuewu Wang,et al.  TrustOTP: Transforming Smartphones into Secure One-Time Password Tokens , 2015, CCS.

[36]  Yubin Xia,et al.  AdAttester: Secure Online Mobile Advertisement Attestation Using TrustZone , 2015, MobiSys.

[37]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[38]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[39]  Miao Yu,et al.  Dancing with Giants: Wimpy Kernels for On-Demand I/O Isolation , 2015, IEEE Security & Privacy.

[40]  Yubin Xia,et al.  Building trusted path on untrusted device drivers for mobile devices , 2014, APSys.

[41]  Landon P. Cox,et al.  VeriUI: attested login for mobile devices , 2014, HotMobile.

[42]  Frank Piessens,et al.  Sancus: Low-cost Trustworthy Extensible Networked Devices with a Zero-software Trusted Computing Base , 2013, USENIX Security Symposium.

[43]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[44]  Carsten Willems,et al.  Practical Timing Side Channel Attacks against Kernel Space ASLR , 2013, 2013 IEEE Symposium on Security and Privacy.

[45]  Thomas C. Schmidt,et al.  RIOT OS: Towards an OS for the Internet of Things , 2013, 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[46]  Andrey Bogdanov,et al.  SPONGENT: The Design Space of Lightweight Cryptographic Hashing , 2011, IEEE Transactions on Computers.

[47]  Frank Piessens,et al.  Protected Software Module Architectures , 2013, ISSE.

[48]  James Newsome,et al.  Building Verifiable Trusted Path on Commodity x86 Computers , 2012, 2012 IEEE Symposium on Security and Privacy.

[49]  Robert H. Deng,et al.  DriverGuard: A Fine-Grained Protection on I/O Flows , 2011, ESORICS.

[50]  Guido Bertoni,et al.  Duplexing the sponge: single-pass authenticated encryption and other applications , 2011, IACR Cryptol. ePrint Arch..

[51]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[52]  Michael K. Reiter,et al.  Safe Passage for Passwords and Other Sensitive Data , 2009, NDSS.

[53]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[54]  Michael K. Reiter,et al.  Bump in the Ether: A Framework for Securing Sensitive User Input , 2006, USENIX Annual Technical Conference, General Track.

[55]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[56]  Jan Vitek,et al.  Secure Internet Programming: Security Issues for Mobile and Distributed Objects , 1999 .

[57]  Martín Abadi,et al.  Protection in Programming-Language Translations , 1998, ICALP.

[58]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).