论文信息 - Trusted Execution Environments: Properties, Applications, and Challenges

Trusted Execution Environments: Properties, Applications, and Challenges

Software attacks on modern computer systems have been a persisting challenge for several decades, leading to a continuous arms race between attacks and defenses. As a first line of defense, operating system kernels enforce process isolation to limit potential attacks to only the code containing the vulnerabilities. However, vulnerabilities in the kernel itself (for example, various vulnerabilities found by Google Project Zero), side-channel attacks,1 or even physical attacks2 can be used to undermine process isolation.

[1] Weidong Shi,et al. A comparison study of intel SGX and AMD memory encryption technology , 2018, HASP@ISCA.

[2] Srinivas Devadas,et al. Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[3] Ahmad-Reza Sadeghi,et al. SANCTUARY: ARMing TrustZone with User-space Enclaves , 2019, NDSS.

[4] Frank Piessens,et al. A Systematic Evaluation of Transient Execution Attacks and Defenses , 2018, USENIX Security Symposium.

[5] Jeyavijayan Rajendran,et al. HardFails: Insights into Software-Exploitable Hardware Bugs , 2019, USENIX Security Symposium.

[6] Srdjan Capkun,et al. Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.