Benchmarking the Security Protocol and Data Model (SPDM) for component authentication

Efforts to secure computing systems via software traditionally focus on the operating system and application levels. In contrast, the Security Protocol and Data Model (SPDM) tackles firmware level security challenges, which are much harder (if at all possible) to detect with regular protection software. SPDM includes key features like enabling peripheral authentication, authenticated hardware measurements retrieval, and secure session establishment. Since SPDM is a relatively recent proposal, there is a lack of studies evaluating its performance impact on real-world applications. In this article, we address this gap by: (1) implementing the protocol on a simple virtual device, and then investigating the overhead introduced by each SDPM message; and (2) creating an SPDM-capable virtual hard drive based on VirtIO, and comparing the resulting read/write performance with a regular, unsecured implementation. Our results suggest that SPDM bootstrap time takes the order of tens of milliseconds, while the toll of introducing SPDM on hard drive communication highly depends on specific workload patterns. For example, for mixed random read/write operations, the slowdown is negligible in comparison to the baseline unsecured setup. Conversely, for sequential read or write operations, the data encryption process becomes the bottleneck, reducing the performance indicators by several orders of magnitude.Comment: 10 pages, 8 figure

HIL: designing an exokernel for the data center

We propose a new Exokernel-like layer to allow mutually untrusting physically deployed services to efficiently share the resources of a data center. We believe that such a layer offers not only efficiency gains, but may also enable new economic models, new applications, and new security-sensitive uses. A prototype (currently in active use) demonstrates that the proposed layer is viable, and can support a variety of existing provisioning tools and use cases.Partial support for this work was provided by the MassTech Collaborative Research Matching Grant Program, National Science Foundation awards 1347525 and 1149232 as well as the several commercial partners of the Massachusetts Open Cloud who may be found at http://www.massopencloud.or

M2: Malleable Metal as a Service

Existing bare-metal cloud services that provide users with physical nodes have a number of serious disadvantage over their virtual alternatives, including slow provisioning times, difficulty for users to release nodes and then reuse them to handle changes in demand, and poor tolerance to failures. We introduce M2, a bare-metal cloud service that uses network-mounted boot drives to overcome these disadvantages. We describe the architecture and implementation of M2 and compare its agility, scalability, and performance to existing systems. We show that M2 can reduce provisioning time by over 50% while offering richer functionality, and comparable run-time performance with respect to tools that provision images into local disks. M2 is open source and available at https://github.com/CCI-MOC/ims.Comment: IEEE International Conference on Cloud Engineering 201

Agent-Based Cloud Resource Management for Secure Cloud Infrastructures

The cloud offers clear benefits for computations as well as for storage for diverse application areas. Security concerns are by far the greatest barriers to the wider uptake of cloud computing, particularly for privacy-sensitive applications. The aim of this article is to propose an approach for establishing trust between users and providers of cloud infrastructures (IaaS model) based on certified trusted agents. Such approach would remove barriers that prevent security sensitive applications being moved to the cloud. The core technology encompasses a secure agent platform for providing the execution environment for agents and the secure attested software base which ensures the integrity of the host platform. In this article we describe the motivation, concept, design and initial implementation of these technologies

MaldOS: a Moderately Abstracted Layer for Developing Operating Systems

Anche se pochi studenti affronteranno la sfida di sviluppare software al di sotto del sistema operativo, la comprensione dei suoi principi di funzionamento è essenziale. In sè, la teoria dietro ai sistemi operativi non è particolarmente complessa: concetti come scheduling, livelli di esecuzione e semafori sono intuitivamente comprensibili; tuttavia appropriarsi pienamente di queste nozioni soltanto tramite lo studio teorico è quasi impossibile: serve un esempio pratico per assimilare i dettagli. Sviluppare un sistema operativo come progetto accademico è però diversi ordini di grandezza più difficile che creare un software in ambiente di lavoro già esistente. La complessità aggiunta dell'hardware va spesso oltre a quello che ci si aspetta dagli studenti, il che rende difficile anche soltanto la ricerca di un'architettura su cui lavorare. Questo studio è fortemente ispirato da precedenti soluzioni a questo problema come uMPS, un emulatore per il processore MIPS. Lavorando su una virtualizzazione semplificata gli studenti si possono concentrare sui concetti chiave dello sviluppo di un SO. Anche se ispirato a un'architettura reale, uMPS rimane comunque un ambiente astratto, e nel corso del lavoro potrebbe sorgere una sensazione di distacco dalla realtà. In questo studio si sostiene che un progetto simile possa essere sviluppato su hardware reale senza che questo diventi troppo complicato. L'architettura scelta è ARMv8, più moderna e diffusa rispetto a MIPS, nella forma della board educativa Raspberry Pi. Il risultato del lavoro è duplice: da una parte è stato portato avanti uno studio dettagliato su come sviluppare un sistema operativo minimale sul Raspberry Pi, dall'altra è stato creato un layer di astrazione che si occupa di semplificare l'approccio alle periferiche, permettendo agli utenti di costruirci sopra un piccolo sistema operativo. Pur facendo riferimento a un dispositivo reale, la possibilità di lavorare su un emulatore rimane grazie al supporto di Qemu

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX