361 research outputs found
Composite Enclaves: Towards Disaggregated Trusted Execution
The ever-rising computation demand is forcing the move from the CPU to
heterogeneous specialized hardware, which is readily available across modern
datacenters through disaggregated infrastructure. On the other hand, trusted
execution environments (TEEs), one of the most promising recent developments in
hardware security, can only protect code confined in the CPU, limiting TEEs'
potential and applicability to a handful of applications. We observe that the
TEEs' hardware trusted computing base (TCB) is fixed at design time, which in
practice leads to using untrusted software to employ peripherals in TEEs. Based
on this observation, we propose \emph{composite enclaves} with a configurable
hardware and software TCB, allowing enclaves access to multiple computing and
IO resources. Finally, we present two case studies of composite enclaves: i) an
FPGA platform based on RISC-V Keystone connected to emulated peripherals and
sensors, and ii) a large-scale accelerator. These case studies showcase a
flexible but small TCB (2.5 KLoC for IO peripherals and drivers), with a
low-performance overhead (only around 220 additional cycles for a context
switch), thus demonstrating the feasibility of our approach and showing that it
can work with a wide range of specialized hardware
TEEvil: Identity Lease via Trusted Execution Environments
We investigate identity lease, a new type of service in which users lease
their identities to third parties by providing them with full or restricted
access to their online accounts or credentials. We discuss how identity lease
could be abused to subvert the digital society, facilitating the spread of fake
news and subverting electronic voting by enabling the sale of votes. We show
that the emergence of Trusted Execution Environments and anonymous
cryptocurrencies, for the first time, allows the implementation of such a lease
service while guaranteeing fairness, plausible deniability and anonymity,
therefore shielding the users and account renters from prosecution. To show
that such a service can be practically implemented, we build an example service
that we call TEEvil leveraging Intel SGX and ZCash. Finally, we discuss defense
mechanisms and challenges in the mitigation of identity lease services.Comment: 21 pages, 5 figure
It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones
Modern smartphones are complex systems in which control over phone resources
is exercised by phone manufacturers, OS vendors, and users. These stakeholders
have diverse and often competing interests. Barring some exceptions, users
entrust their security and privacy to OS vendors (Android and iOS) and need to
accept their constraints. Manufacturers protect their firmware and peripherals
from the OS by executing in the highest privilege and leveraging dedicated CPUs
and TEEs. OS vendors need to trust the highest privileged code deployed by
manufacturers. This division of control over the phone is not ideal for OS
vendors and is even more disadvantageous for the users. Users are generally
limited in what applications they can install on their devices, in the privacy
model and trust assumptions of the existing applications, and in the
functionalities that applications can have.
We propose TEEtime, a new smartphone architecture based on trusted execution
allowing to balance the control different stakeholders exert over phones. More
leveled control over the phone means that no stakeholder is more privileged
than the others. In particular, TEEtime makes users sovereign over their
phones: It enables them to install sensitive applications in isolated domains
with protected access to selected peripherals alongside an OS. TEEtime achieves
this while maintaining compatibility with the existing smartphone ecosystem and
without relying on virtualization; it only assumes trust in a phone's firmware.
TEEtime is the first TEE architecture that allows isolated execution domains to
gain protected and direct access to peripherals. TEEtime is based on Armv8-A
and achieves peripheral isolation using a novel mechanism based on memory and
interrupt controller protection. We demonstrate the feasibility of our design
by implementing a prototype of TEEtime, and by running exemplary sensitive
applications
Anisotropic flow of charged hadrons, pions and (anti-)protons measured at high transverse momentum in Pb-Pb collisions at TeV
The elliptic, , triangular, , and quadrangular, , azimuthal
anisotropic flow coefficients are measured for unidentified charged particles,
pions and (anti-)protons in Pb-Pb collisions at TeV
with the ALICE detector at the Large Hadron Collider. Results obtained with the
event plane and four-particle cumulant methods are reported for the
pseudo-rapidity range at different collision centralities and as a
function of transverse momentum, , out to GeV/.
The observed non-zero elliptic and triangular flow depends only weakly on
transverse momentum for GeV/. The small dependence
of the difference between elliptic flow results obtained from the event plane
and four-particle cumulant methods suggests a common origin of flow
fluctuations up to GeV/. The magnitude of the (anti-)proton
elliptic and triangular flow is larger than that of pions out to at least
GeV/ indicating that the particle type dependence persists out
to high .Comment: 16 pages, 5 captioned figures, authors from page 11, published
version, figures at http://aliceinfo.cern.ch/ArtSubmission/node/186
Centrality dependence of charged particle production at large transverse momentum in Pb-Pb collisions at TeV
The inclusive transverse momentum () distributions of primary
charged particles are measured in the pseudo-rapidity range as a
function of event centrality in Pb-Pb collisions at
TeV with ALICE at the LHC. The data are presented in the range
GeV/ for nine centrality intervals from 70-80% to 0-5%.
The Pb-Pb spectra are presented in terms of the nuclear modification factor
using a pp reference spectrum measured at the same collision
energy. We observe that the suppression of high- particles strongly
depends on event centrality. In central collisions (0-5%) the yield is most
suppressed with at -7 GeV/. Above
GeV/, there is a significant rise in the nuclear modification
factor, which reaches for GeV/. In
peripheral collisions (70-80%), the suppression is weaker with almost independently of . The measured nuclear
modification factors are compared to other measurements and model calculations.Comment: 17 pages, 4 captioned figures, 2 tables, authors from page 12,
published version, figures at
http://aliceinfo.cern.ch/ArtSubmission/node/284
Effective Rheology of Bubbles Moving in a Capillary Tube
We calculate the average volumetric flux versus pressure drop of bubbles
moving in a single capillary tube with varying diameter, finding a square-root
relation from mapping the flow equations onto that of a driven overdamped
pendulum. The calculation is based on a derivation of the equation of motion of
a bubble train from considering the capillary forces and the entropy production
associated with the viscous flow. We also calculate the configurational
probability of the positions of the bubbles.Comment: 4 pages, 1 figur
Charge separation relative to the reaction plane in Pb-Pb collisions at TeV
Measurements of charge dependent azimuthal correlations with the ALICE
detector at the LHC are reported for Pb-Pb collisions at TeV. Two- and three-particle charge-dependent azimuthal correlations in
the pseudo-rapidity range are presented as a function of the
collision centrality, particle separation in pseudo-rapidity, and transverse
momentum. A clear signal compatible with a charge-dependent separation relative
to the reaction plane is observed, which shows little or no collision energy
dependence when compared to measurements at RHIC energies. This provides a new
insight for understanding the nature of the charge dependent azimuthal
correlations observed at RHIC and LHC energies.Comment: 12 pages, 3 captioned figures, authors from page 2 to 6, published
version, figures at http://aliceinfo.cern.ch/ArtSubmission/node/286
A note on comonotonicity and positivity of the control components of decoupled quadratic FBSDE
In this small note we are concerned with the solution of Forward-Backward
Stochastic Differential Equations (FBSDE) with drivers that grow quadratically
in the control component (quadratic growth FBSDE or qgFBSDE). The main theorem
is a comparison result that allows comparing componentwise the signs of the
control processes of two different qgFBSDE. As a byproduct one obtains
conditions that allow establishing the positivity of the control process.Comment: accepted for publicatio
- …