Vincent Lefebvre
ABSTRACT
With SDN/NFV, the telecom industry embraces operational flexibility and cost optimization, while facing new risks from off-premise cloud computing, known as introspection by malicious operators. Introspection is identified as a serious risk only by the IT industry in general when considering cloud operation. To mitigate it, processor vendors have invested in the last decade to design Trusted Execution Environments (TEEs) plugged into their processor architectures. TEEs bring a quantum hardware-level security higher than any software-based security. They are all essentially aimed at protecting data and code when executed and processed in the cloud or in untrusted environment. In this paper, we emphasize on the blocking factors for the use of TEEs today: processor market fragmentation, major architectural and design deviations between TEEs from various CPU vendors and finally, a relatively complex enablement of these TEE technologies for non-security experts. We describe a code interpretation solution to break those blocking factors by providing a universal abstraction layer for TEEs. The paper gives a conceptual blueprint of a solution that enables Intel's SGX and AMD's SEV, defined as the most contemplated candidates in this paper for SDN/NFV or 5G deployment. Our study presents the key challenges and advanced functionalities we view as essential for meeting key SDN/NFV requirements and which are deploy ability, software performance and easy setup. Innovative directions are given to deal efficiently with these upcoming requirements.
- Checkoway, S., and Shacham, H. Iago attacks: why the system call API is a bad untrusted RPC interface. In Architectural Support for Programming Languages and Operating Systems, ASPLOS '13, Houston, TX, USA - March 16-20, 2013 (2013), ACM, pp. 253--264. Google Scholar
Digital Library
- Costan, V., and Devadas, S. Intel SGX explained. IACR Cryptology ePrint Archive 2016 (2016), 86.Google Scholar
- Du, Z.-H., Ying, Z., Ying, Z., Ying, Z., and Ying, Z. Secured encrypted virtualizatin is unsecure.Google Scholar
- Gavrilovska, M.-W. S. M. K. T. K. A. S-nfv: Securing nfv states by using sgxcache attack. In Proceedings of the SDN-NFVSec, March 11 2016, New Orleans, LA, USA (2016), ACM. Google ScholarDigital Library
- Hiser, J., Nguyen-Tuong, A., Co, M., Hall, M., and Davidson, J. W. ILR: where'd my gadgets go? In IEEE Symposium on Security and Privacy, SP 2012, 21-23 May 2012, San Francisco, California, USA (2012), IEEE Computer Society, pp. 571--585. Google ScholarDigital Library
- Maene, P., Götzfried, J., de Clercq, R., Müller, T., Freiling, F., and Verbauwhede, I. Hardware-based trusted computing architectures for isolation and attestation. In IEEE Transactions on Computers 67 (2017), pp. 361--374.Google ScholarCross Ref
- Moghimi, A., Irazoqui, G., and Eisenbarth, T. Cachezoom: How SGX amplifies the power of cache attacks. In Cryptographic Hardware and Embedded Systems - CHES 2017 - 19th International Conference, Taipei, Taiwan, September 25-28, 2017, Proceedings (2017), vol. 10529 of Lecture Notes in Computer Science, Springer, pp. 69--90.Google ScholarCross Ref
- Richter, L., Götzfried, J., and Müller, T. Isolating operating system components with intel sgx. In 1st Workshop on System Software for Trusted Execution (SysTEX'16), Trento, Italy (2016), ACM, pp. 8:1--8:6. Google ScholarDigital Library
- Sánchez-Vílchez, J. M., Yahia, I. G. B., Crespi, N., RASHEED, T., AND SIRACUSA, D. Softwarized 5g networks resiliency with self-healing. In 1st International Conference on 5G for Ubiquitous Connectivity, 5GU 2014, Levi, Finland, November 26-27, 2014 (2014), ICST, pp. 229--233.Google Scholar
- Schuster, F., Costa, M., Fournet, C, Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., AND RUSSINOVICH, M. VC3: trustworthy data analytics in the cloud using SGX. In 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, May 17-21, 2015 (2015), IEEE Computer Society, pp. 38--54. Google ScholarDigital Library
- Seitzer, M., Gruhn, M., and Müller, T. In A Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory (2015), SBA, pp. 376--395.Google Scholar
- Seo, J., Lee, B., Kim, S. M., Shih, M., Shin, I., Han, D., AND Kim, T. Sgx-shield: Enabling address space layout randomization for SGX programs. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26-March 1, 2017 (2017).Google ScholarCross Ref
- Shih, M., Kumar, M., Kim, T., and Gavrilovska, A. S-NFV: securing NFV states by using SGX. In Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, SDN-NFV@CODASPY 2016, New Orleans, LA, USA, March 11, 2016 (2016), ACM. Google ScholarDigital Library
- Shih, M., Lee, S., Kim, T., and Peinado, M. T-SGX: eradicating controlled-channel attacks against enclave programs. In 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, February 26-March 1, 2017 (2017), The Internet Society.Google ScholarCross Ref
- Szekeres, L., Payer, M., Wei, T., and Song, D. Sok: Eternal war in memory. In 2013 IEEE Symposium on Security and Privacy, SP 2013, Berkeley, CA, USA, May 19-22, 2013 (2013), IEEE Computer Society, pp. 48--62. Google ScholarDigital Library
- Übler, D., Götzfried, J., and Müller, T. Secure remote computation using intel sgx. In Sicherheit, Schutz und Zuverlässigkeit (SICHERHEIT 2018), Bonn (2017), Gesellschaft für Informatik (GI).Google Scholar
Recommendations
TEEv: virtualizing trusted execution environments on mobile platforms
VEE 2019: Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution EnvironmentsTrusted Execution Environments (TEE) are widely deployed, especially on smartphones. A recent trend in TEE development is the transition from vendor-controlled, single-purpose TEEs to open TEEs that host Trusted Applications (TAs) from multiple sources ...
A Secure IIoT Gateway Architecture based on Trusted Execution Environments
AbstractIndustrial Internet of Things (IIoT) gateways are affected by many cybersecurity threats, compromising their security and dependability. These gateways usually represent single points of failure on the IIoT infrastructure. When compromised, they ...
Comments