Projekte pro Jahr
Abstract
Trusted Execution Environments (TEEs) and enclaves have become increasingly popular and are used from embedded devices to cloud servers. Today, many enclave architectures exist for different ISAs. However, some suffer from performance issues and controlled-channel attacks, while others only support constrained use cases for embedded devices or impose unrealistic constraints on the software. Modern cloud applications require a more flexible architecture that is both secure against such attacks and not constrained by, e.g., a limited number of physical memory ranges. In this paper, we present SPEAR-V, a RISC-V-based enclave that provides a fast and flexible architecture for trusted computing that is compatible with current and future use cases while also aiming at mitigating controlled-channel attacks. With a single hardware primitive, our novel architecture enables two-way sandboxing. Enclaves are protected from hosts and vice versa. Furthermore, we show how shared memory and arbitrary nesting can be achieved without additional performance overheads. Our evaluation shows that, with minimal hardware changes, a flexible, performant, and secure enclave architecture can be constructed, imposing zero overhead on unprotected applications and an average overhead of 1% for protected applications.
Originalsprache | englisch |
---|---|
Titel | ASIA CCS 2023 - Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security |
Herausgeber (Verlag) | Association of Computing Machinery |
Seiten | 457-468 |
Seitenumfang | 12 |
ISBN (elektronisch) | 9798400700989 |
DOIs | |
Publikationsstatus | Veröffentlicht - 10 Juli 2023 |
Veranstaltung | 2023 ACM ASIA Conference on Computer and Communications Security: ASIA CCS 2023 - Melbourne, Australien Dauer: 10 Juli 2023 → 14 Juli 2023 Konferenznummer: 2023 |
Publikationsreihe
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Konferenz
Konferenz | 2023 ACM ASIA Conference on Computer and Communications Security |
---|---|
Kurztitel | ASIA CCS 2023 |
Land/Gebiet | Australien |
Ort | Melbourne |
Zeitraum | 10/07/23 → 14/07/23 |
ASJC Scopus subject areas
- Software
- Computernetzwerke und -kommunikation
Fingerprint
Untersuchen Sie die Forschungsthemen von „SPEAR-V: Secure and Practical Enclave Architecture for RISC-V“. Zusammen bilden sie einen einzigartigen Fingerprint.Projekte
- 1 Laufend
-
SEIZE - Secure Edge-Geräte für industrielle Zero-Trust Umgebungen
1/01/22 → 31/12/24
Projekt: Forschungsprojekt