Migrating SGX Enclaves with Persistent State

Hardware-supported security mechanisms like Intel Software Guard Extensions (SGX) provide strong security guarantees, which are particularly relevant in cloud settings. However, their reliance on physical hardware conflicts with cloud practices, like migration of VMs between physical platforms. For instance, the SGX trusted execution environment (enclave) is bound to a single physical CPU. Although prior work has proposed an effective mechanism to migrate an enclave's data memory, it overlooks the migration of persistent state, including sealed data and monotonic counters; the former risks data loss whilst the latter undermines the SGX security guarantees. We show how this can be exploited to mount attacks, and then propose an improved enclave migration approach guaranteeing the consistency of persistent state. Our software-only approach enables migratable sealed data and monotonic counters, maintains all SGX security guarantees, minimizes developer effort, and incurs negligible performance overhead

Modelos de gerenciamento de enclaves para execução segura de componentes de software

Orientador: Carlos Alberto MazieroTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 04/12/2020Inclui referências: p. 106-115Área de concentração: Ciência da ComputaçãoResumo: A confidencialidade dos dados está se mostrando cada vez mais importante para os usuários de computadores, seja em um ambiente corporativo ou até mesmo em um ambiente doméstico. Atualmente, não somente dados sensíveis às empresas estão trafegando pela rede ou sendo manipulados pelos mais diversos programas de computador, mas também tem-se um intenso uso de aplicações para transações bancárias e outras aplicações de uso corriqueiro que manipulam dados sensíveis dos usuários, os quais devem ter sua confidencialidade e integridade garantidas. Nesse sentido, tem-se variadas soluções sendo propostas para manter a confidencialidade e integridade dos dados, dentre elas a arquitetura Intel SGX (Software Guard Extensions), a qual possui mecanismos para que as aplicações e os dados sejam encapsulados em uma área protegida da memória com acesso restrito, impossibilitando o acesso nessa região de memória a outras aplicações ou ao próprio sistema operacional. A utilização de tais mecanismos para prover a confidencialidade e integridade dos dados sensíveis da aplicação acarreta em um impacto de desempenho durante a sua execução, devido às restrições e verificações impostas pela arquitetura Intel SGX. O presente trabalho busca analisar os modelos de programação que são aplicados em soluções que utilizam a arquitetura Intel SGX e apresentar alternativas que buscam um uso mais eficiente dos recursos providos por tal arquitetura e também a redução do impacto de desempenho decorrente de sua utilização. Assim, são apresentados dois modelos de gerenciamento: (i) compartilhamento de enclaves; e (ii) pool de enclaves. Para a aplicação de tais modelos, é proposta uma arquitetura de um provedor de enclaves, que oferece um desacoplamento entre o enclave e a aplicação que o utiliza, permitindo aplicar os modelos de gerenciamento propostos e oferecer os recursos providos pelos enclaves às aplicações na forma de serviços. Um protótipo é construído para avaliar a arquitetura e modelos propostos, com os testes de desempenho demonstrando consideráveis reduções no impacto para requisição de enclaves, enquanto garante boa resposta para atender múltiplas requisições simultâneas. Assim, conclui-se que a utilização de modelos arquiteturais de software podem trazer benefícios no gerenciamento de recursos e ganho de desempenho na execução de aplicações seguras. Palavras-chave: Intel SGX, modelos de programação, arquitetura de software, padrões de projeto, desempenho, otimização de recursos.Abstract: Data confidentiality is becoming increasingly important to computer users, whether in a corporate environment or even in a home environment. Not only are business-sensitive data currently being trafficked across the network or being handled by a variety of software, but there is also an intense use of applications for banking transactions and other commonly used applications that manipulate sensitive user data, which must have their confidentiality and integrity guaranteed. In this sense, there are several solutions being proposed to maintain the confidentiality and integrity of the data, among them the Intel SGX (Software Guard Extensions) architecture, which has mechanisms to encapsulate applications and data in a protected area of memory having restricted access, making it impossible to access this region of memory to other applications or to the operating system. The use of such mechanisms to provide the confidentiality and integrity of sensitive data results in a performance impact during the application execution, due to the restrictions and verifications imposed by the Intel SGX architecture. The present work aims to analyze the programming models that are applied in solutions that use the Intel SGX architecture and present alternatives that seek a more efficient use of the resources provided by this architecture and also the reduction of the performance impact due to its use. Thus, two management models are presented: (i) enclave sharing; and (ii) enclave pool. In order to apply such models, an architecture of an enclave provider is proposed, which offers a decoupling between the enclave and the application that uses it, allowing to apply the proposed management models and offering the resources provided by the enclaves to the applications in "as a service" format. A prototype is built to evaluate the proposed architecture and models, with the performance tests demonstrating considerable reductions in the impact for enclave requests, while guaranteeing good response to attend simultaneous requests. Thus, it is concluded that the use of architectural software models can bring benefits in resource management and performance gains in the execution of secure applications. Keywords: Intel SGX, programming models, software architecture, design patterns, performance, resource optimization

Enabling Usable and Performant Trusted Execution

A plethora of major security incidents---in which personal identifiers belonging to hundreds of millions of users were stolen---demonstrate the importance of improving the security of cloud systems. To increase security in the cloud environment, where resource sharing is the norm, we need to rethink existing approaches from the ground-up. This thesis analyzes the feasibility and security of trusted execution technologies as the cornerstone of secure software systems, to better protect users' data and privacy. Trusted Execution Environments (TEE), such as Intel SGX, has the potential to minimize the Trusted Computing Base (TCB), but they also introduce many challenges for adoption. Among these challenges are TEE's significant impact on applications' performance and non-trivial effort required to migrate legacy systems to run on these secure execution technologies. Other challenges include managing a trustworthy state across a distributed system and ensuring these individual machines are resilient to micro-architectural attacks. In this thesis, I first characterize the performance bottlenecks imposed by SGX and suggest optimization strategies. I then address two main adoption challenges for existing applications: managing permissions across a distributed system and scaling the SGX's mechanism for proving authenticity and integrity. I then analyze the resilience of trusted execution technologies to speculative execution, micro-architectural attacks, which put cloud infrastructure at risk. This analysis revealed a devastating security flaw in Intel's processors which is known as Foreshadow/L1TF. Finally, I propose a new architectural design for out-of-order processors which defeats all known speculative execution attacks.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/155139/1/oweisse_1.pd