发布求助
文献互助 智能选刊 最新文献

Proceedings of the 3rd Workshop on System Software for Trusted Execution最新文献

筛选
英文 中文
Proceedings of the 3rd Workshop on System Software for Trusted Execution 第三届可信执行系统软件研讨会论文集
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-10-15 DOI: 10.1145/3268935
{"title":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","authors":"","doi":"10.1145/3268935","DOIUrl":"https://doi.org/10.1145/3268935","url":null,"abstract":"","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121374209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the Detectability of Control Flow Using Memory Access Patterns 基于内存访问模式的控制流可检测性研究
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268941
Robert Buhren, Felicitas Hetzelt, Niklas Pirnay
{"title":"On the Detectability of Control Flow Using Memory Access Patterns","authors":"Robert Buhren, Felicitas Hetzelt, Niklas Pirnay","doi":"10.1145/3268935.3268941","DOIUrl":"https://doi.org/10.1145/3268935.3268941","url":null,"abstract":"Shielding systems such as AMD's Secure Encrypted Virtualization aim to protect a virtual machine from a higher privileged entity such as the hypervisor. A cornerstone of these systems is the ability to protect the memory from unauthorized accesses. Despite this protection mechanism, previous attacks leveraged the control over memory resources to infer control flow of applications running in a shielded system. While previous works focused on a specific target application, there has been no general analysis on how the control flow of a protected application can be inferred. This paper tries to overcome this gap by providing a detailed analysis on the detectability of control flow using memory access patterns. To that end, we do not focus on a specific shielding system or a specific target application, but present a framework which can be applied to different types of shielding systems as well as to different types of attackers. By training a random forest classifier on the memory accesses emitted by syscalls of a shielded entity, we show that it is possible to infer the control flow of shielded entities with a high degree of accuracy.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133419158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Switchless Calls Made Practical in Intel SGX 在英特尔SGX中实现无交换机呼叫
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268942
H. Tian, Qiong Zhang, Shoumeng Yan, Alex Rudnitsky, Liron Shacham, Ron Yariv, Noam Milshten
{"title":"Switchless Calls Made Practical in Intel SGX","authors":"H. Tian, Qiong Zhang, Shoumeng Yan, Alex Rudnitsky, Liron Shacham, Ron Yariv, Noam Milshten","doi":"10.1145/3268935.3268942","DOIUrl":"https://doi.org/10.1145/3268935.3268942","url":null,"abstract":"Intel Software Guard Extensions (SGX) is an extension to x86 architecture that enables user-level code to create trusted memory regions, called enclaves. However, the security provided by enclaves is not free: one primary performance overhead is enclave switches, which are expensive and can be triggered frequently by cross-enclave function calls. Previous works propose a technique named Switchless Calls, which avoids enclave switches by using worker threads/cores to execute function calls asynchronously. But we find this technique is questionable in terms of efficiency: is it always wise to trade extra CPU cores for reduced enclave switches? In this paper, we make Switchless Calls a practical technique by ensuring that it improves performance efficiently. To this end, we investigate on what conditions can Switchless Calls improve performance efficiently by establishing a performance model via both mathematical and simulation analysis. Then, we formulate the notion of worker efficiency and design an efficiency-based scheduling algorithm that can automatically adjust the number of workers in response to changing workloads. Guided by the insights obtained from our performance modeling and worker scheduling, we integrate Switchless Calls into Intel SGX SDK as an official feature. We evaluate the performance of our implementation in various benchmarks and the results demonstrate the practicality of Switchless Calls.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133760709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 45
Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization 利用控制流随机化减轻对Intel SGX的分支阴影攻击
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268940
Shohreh Hosseinzadeh, Hans Liljestrand, V. Leppänen, Andrew J. Paverd
{"title":"Mitigating Branch-Shadowing Attacks on Intel SGX using Control Flow Randomization","authors":"Shohreh Hosseinzadeh, Hans Liljestrand, V. Leppänen, Andrew J. Paverd","doi":"10.1145/3268935.3268940","DOIUrl":"https://doi.org/10.1145/3268935.3268940","url":null,"abstract":"Intel Software Guard Extensions (SGX) is a promising hardware-based technology for protecting sensitive computation from potentially compromised system software. However, recent research has shown that SGX is vulnerable to branch-shadowing -- a side channel attack that leaks the fine-grained (branch granularity) control flow of an enclave (SGX protected code), potentially revealing sensitive data to the attacker. The previously-proposed defense mechanism, called Zigzagger, attempted to hide the control flow, but has been shown to be ineffective if the attacker can single-step through the enclave using the recent SGX-Step framework. Taking into account these stronger attacker capabilities, we propose a new defense against branch-shadowing, based on control flow randomization. Our scheme is inspired by Zigzagger, but provides quantifiable security guarantees with respect to a tunable security parameter. Specifically, we eliminate conditional branches and hide the targets of unconditional branches using a combination of compile-time modifications and run-time code randomization. We evaluated the performance of our approach using ten benchmarks from SGX-Nbench. Although we considered the worst-case scenario (whole program instrumentation), our results show that, on average, our approach results in less than 18% performance loss and less than 1.2 times code size increase.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"193 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114989353","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Challenges for Combining Smart Contracts with Trusted Computing 智能合约与可信计算相结合的挑战
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268944
Marcus Brandenburger, C. Cachin
{"title":"Challenges for Combining Smart Contracts with Trusted Computing","authors":"Marcus Brandenburger, C. Cachin","doi":"10.1145/3268935.3268944","DOIUrl":"https://doi.org/10.1145/3268935.3268944","url":null,"abstract":"Modern Trusted Execution Environments (TEEs), such as Intel SGX, gain more and more popularity in the blockchain community and their adoption has already been started. Combining smart-contract execution with TEEs promises efficient solutions for protecting data privacy in distributed ledgers, as an alternative to much more costly cryptographic protocols. This paper describes practical challenges that arise from the combination of smart contracts with TEEs. In particular, we discuss existing solutions and their conceptional differences of on-chain and off-chain execution followed by technical challenges on attestation, key management, and non-deterministic execution.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"307 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121589507","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Secure Compute-VM: Secure Big Data Processing with SGX and Compute Accelerators 安全计算- vm:安全的大数据处理与SGX和计算加速器
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268945
See-hwan Yoo, Hyunik Kim, Joongheon Kim
{"title":"Secure Compute-VM: Secure Big Data Processing with SGX and Compute Accelerators","authors":"See-hwan Yoo, Hyunik Kim, Joongheon Kim","doi":"10.1145/3268935.3268945","DOIUrl":"https://doi.org/10.1145/3268935.3268945","url":null,"abstract":"This paper considers secure big data processing. With the architectural support, big data processing with compute accelerators can efficiently preserve privacy concern.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"128 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115195862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into TEEs 转移:通过选择性地将函数转移到tee中来保护代码的机密性
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268938
Titouan Lazard, J. Götzfried, Tilo Müller, Gianni Santinelli, Vincent Lefebvre
{"title":"TEEshift: Protecting Code Confidentiality by Selectively Shifting Functions into TEEs","authors":"Titouan Lazard, J. Götzfried, Tilo Müller, Gianni Santinelli, Vincent Lefebvre","doi":"10.1145/3268935.3268938","DOIUrl":"https://doi.org/10.1145/3268935.3268938","url":null,"abstract":"We present TEEshift, a tool suite that protects the confiden- tiality and integrity of code by shifting selected functions into TEEs. Our approach works entirely on binary-level and does not require the adaption of source code projects or build environments, nor does it require compiler-level patches. Programmers provide a list of ELF symbols pointing to the functions that should be protected. After post-processing an ELF binary with TEEshift, the selected functions are not present in cleartext anymore. Only after attesting to a re- mote party that the loading enclave behaves with integrity, the functions are decrypted, but remain inside the enclave protected against reverse engineering. An online connection is only required when a program starts for the first time on a PC. Afterwards, sealing is used to securely store the decryption key and bind it to the PC. By allowing program- mers to move selected function into TEEs, without patching their source code, we provide a convenient way to enable TEEs in existing projects while preserving the flexibility for a finegrained security and performance tradeoff. We evaluated our tool using a real world gaming application, confirming the practicability of our approach for existing projects. We overcome the limitation of the fragmented TEE landscape by building on top of Asylo, an open framework by Google for apps which aim to support different TEEs such as Intel SGX and AMD SEV using a unified API.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121821948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Trusted Execution, and the Impact of Security on Performance 可信执行,以及安全性对性能的影响
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268943
Stefan Brenner, Michael Behlendorf, R. Kapitza
{"title":"Trusted Execution, and the Impact of Security on Performance","authors":"Stefan Brenner, Michael Behlendorf, R. Kapitza","doi":"10.1145/3268935.3268943","DOIUrl":"https://doi.org/10.1145/3268935.3268943","url":null,"abstract":"Due to increasing success of cloud computing offerings, the demand for sensitive data processing and security in the cloud has also increased. By incorporation of trusted execution technologies such as the broadly available Intel Software Guard Extensions (SGX), applications can be secured. However, software engineers need to align their development process with the capabilities and properties of such a technology, in order to correctly secure applications while achieving good performance. In this paper, we identify relevant aspects for partitioning applications and discuss two complementary designs optimising for performance or security respectively. Additionally, our contribution comprises a performance and security measurement, at the example of two established real-world applications, that we both partitioned according to the above two distinct design approaches. We consider this paper as a guideline for the partitioning process of mainly data-handling services for usage of trusted execution and as a collection of relevant characteristics during the development of applications with trusted execution environments.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121326360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
SAFES: Sand-boxed Architecture for Frequent Environment Self-measurement SAFES:用于频繁环境自我测量的沙盒架构
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268939
Toshiki Kobayashi, Takayuki Sasaki, Astha Jada, D. E. Asoni, A. Perrig
{"title":"SAFES: Sand-boxed Architecture for Frequent Environment Self-measurement","authors":"Toshiki Kobayashi, Takayuki Sasaki, Astha Jada, D. E. Asoni, A. Perrig","doi":"10.1145/3268935.3268939","DOIUrl":"https://doi.org/10.1145/3268935.3268939","url":null,"abstract":"Monitoring software of low-end devices is a key part of defense in depth for IoT systems. These devices are particularly susceptible to memory corruption vulnerabilities because the limited computational resources restrict the types of countermeasures that can be implemented. Run-time monitoring therefore is fundamental for the security of these devices. We propose a monitoring architecture for untrusted software at the I/O event granularity for TrustZone-enabled devices. The architecture enables us to measure the integrity of the code immediately before its execution is triggered by any input. To verify the integrity in a lightweight manner, we statically determine the minimal code region that needs to be measured based on the I/O operation. We develop a prototype of the architecture using TrustZone-M and demonstrate that our prototype has a low processing overhead and small ROM memory footprint.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"127 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131656909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Pearl-TEE: Supporting Untrusted Applications in TrustZone Pearl-TEE:支持TrustZone中不受信任的应用程序
Proceedings of the 3rd Workshop on System Software for Trusted Execution Pub Date : 2018-01-15 DOI: 10.1145/3268935.3268936
Wei Huang, Vasily Rudchenko, He Shuang, Zhen Huang, D. Lie
{"title":"Pearl-TEE: Supporting Untrusted Applications in TrustZone","authors":"Wei Huang, Vasily Rudchenko, He Shuang, Zhen Huang, D. Lie","doi":"10.1145/3268935.3268936","DOIUrl":"https://doi.org/10.1145/3268935.3268936","url":null,"abstract":"Rising concerns about mobile security have motivated the use of architectural features such as ARM TrustZone to protect sensitive applications from compromise by malicious applications or a compromised OS. However, many TEE OSes (which run in TrustZone) currently assume all applications in TrustZone are trusted, and thus do not provide strong isolation guarantees between them. The benefit of this is that TEE OSes can be simple, allowing them to provide a high-assurance trusted computing base (TCB). However, unlike how arbitrary third-party mobile applications can be installed onto a smartphone, the need for mutual trust among all applications running inside TrustZone prevents the installation of 3rd party applications on the TEE OS. In this paper, we identify the key properties that define application code that may wish to use TrustZone and show that a standard TEE OS can be extended to support multiple, mutually distrusting applications in TrustZone with less than a 3% increase in the TCB. We realize our ideas in Pearl-TEE, a novel TEE OS prototype we have implemented that can provide mechanisms specific to the needs of TrustZone applications, including isolation for execution, secure persistent storage, and support for network communication. We find that Pearl-TEE imposes less than 20% performance overhead on applications.","PeriodicalId":142419,"journal":{"name":"Proceedings of the 3rd Workshop on System Software for Trusted Execution","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122859701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信