A comparative analysis of emerging approaches for securing java software with Intel SGX

Abstract Intel SGX enables developers to protect security critical parts of their application code and data even from privileged software. This type of protection is needed in all cases where applications run on untrusted infrastructures, including public clouds. Since a significant fraction of current applications is written in Java, the research strand on how to fully unleash the potential of SGX in Java is flourishing, and multiple techniques have been proposed. In this paper, we review such techniques, and select the most promising ones – namely SCONE, SGX-LKL, and SGX-JNI Bridge – for an experimental comparison with respect to effort, security, and performance. We use a benchmark application from a real-world case study based on microservices – possibly the most prominent software architecture for current applications – and built on the widely adopted Vert.x development framework. We focus on specific microservices characterized by three different profiles in terms of resource usage – I/O-, CPU-, and Memory-intensive – and assess the trade-offs of the three aforementioned techniques for SGX integration. The results of the analysis can be used as a reference by practitioners willing to identify the best approach for integrating SGX in their Java applications, based on priorities of their particular context.

[1]  Erik Westring,et al.  A Survey of Industrial Control System Testbeds , 2015, NordSec.

[2]  Reinhold Weicker,et al.  An overview of common benchmarks , 1990, Computer.

[3]  Chunxiao Xing,et al.  On the Performance of Intel SGX , 2016, 2016 13th Web Information Systems and Applications Conference (WISA).

[4]  Ion Stoica,et al.  Opaque: An Oblivious and Encrypted Distributed Analytics Platform , 2017, NSDI.

[5]  Luigi Coppolino,et al.  Exploiting New CPU Extensions for Secure Exchange of eHealth Data at the EU Level , 2018, 2018 14th European Dependable Computing Conference (EDCC).

[6]  Nicolae Tapus,et al.  LKL: The Linux kernel library , 2010, 9th RoEduNet IEEE International Conference.

[7]  Christof Fetzer,et al.  SecureKeeper: Confidential ZooKeeper using Intel SGX , 2016, Middleware.

[8]  Rubby Casallas,et al.  Evaluating the monolithic and the microservice architecture pattern to deploy web applications in the cloud , 2015, 2015 10th Computing Colombian Conference (10CCC).

[9]  Emmett Witchel,et al.  Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data , 2016, OSDI.

[10]  Gianfranco Cerullo,et al.  A Secure Cloud-Based SCADA Application: The Use Case of a Water Supply Network , 2016, SoMeT.

[11]  Martin Garriga,et al.  Towards a Taxonomy of Microservices Architectures , 2017, SEFM Workshops.

[12]  Donald E. Porter,et al.  Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX , 2017, USENIX Annual Technical Conference.

[13]  Steven Furnell,et al.  Assessing the Feasibility of Security Metrics , 2013, TrustBus.

[14]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[15]  David M. Eyers,et al.  SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[16]  Giovanni Mazzeo,et al.  Integrating Reactive Cloud Applications in SERECA , 2017, ARES.

[17]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[18]  Rüdiger Kapitza,et al.  Secure Cloud Micro Services Using Intel SGX , 2017, DAIS.

[19]  Gianfranco Cerullo,et al.  IoT and Sensor Networks Security , 2018 .

[20]  Shweta Shinde,et al.  Panoply: Low-TCB Linux Applications With SGX Enclaves , 2017, NDSS.