Intel SGX, isolated execution System Memory CPU Package Enclave ype》 Access from nci OS/VMM Encryption f Snooping le/data Engine(MEE Application keeps its data/code inside the enclave Smallest attack surface by reducing TCB(App+ processor Protect app's secret from untrusted privilege software(e.g, OS, VMM)
Intel SGX, isolated execution • Application keeps its data/code inside the “enclave” • Smallest attack surface by reducing TCB (App + processor) • Protect app’s secret from untrusted privilege software (e.g., OS, VMM) CPU Package System Memory Enclave Memory Encryption Engine (MEE) Snooping Access from Encrypted OS/VMM code/data
Intel SGX remote attestation Remote platform Host platform 2. Calculate ad arg MACCMAC clave Enclave 3. Send MAC SGX CPU SGX CPU Quoting 4. Verity Enclave 6. Send signature 5. Sign with group key [EPID] Attest an application on remote platform Check the identity of enclave(hash of code/data pages) Can establish a"secure channel" between enclaves
Intel SGX, remote attestation • Attest an application on remote platform • Check the identity of enclave (hash of code/data pages) • Can establish a “secure channel” between enclaves Target Enclave Quoting Enclave Challenger Enclave SGX CPU Remote platform Host platform SGX CPU 1. Request 2. Calculate MAC 3. Send MAC 6. Send signature CMAC Hash 4. Verify 5. Sign with group key [EPID]
SCONE: Secure Linux Containers with Intel SGX OSDI16
SCONE: Secure Linux Containers with Intel SGX OSDI’16
SCONE, problems Container has better performance over VM, but offers weaker security properties · Trust issues: The Provider 's Perspective Cloud provider does not trust users, using VMs to isolate users from each other and the host VMs only provide one way protection · The Users Perspective Users trust their application, must implicitly trust the cloud provider Existing applications implicitly assume trusted operating system
SCONE, problems • Container has better performance over VM, but offers weaker security properties. • Trust issues: • The Provider’s Perspective • Cloud provider does not trust users, using VMs to isolate users from each other and the host • VMs only provide one way protection • The User’s Perspective • Users trust their application, must implicitly trust the cloud provider • Existing applications implicitly assume trusted operating system
SCONE, goals run unmodif ied Linux applications · in containers OS VMM in an untrusted cloud Firmware Cloud platform securely and with acceptable performance
SCONE, goals • run unmodified Linux applications … • in containers … • in an untrusted cloud … • securely and … • with acceptable performance