Enclave Computing Paradigm: Hardware-assisted Security Architectures & Applications

Franz Ferdinand Peter Brasser
2020
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basis for the protection of modern software systems. Hardware-enforced isolation of individual components reduces complexity of the overall software as well as the size and complexity of the individual components. The basic idea is that a reduction in complexity minimizes the probability of vulnerabilities in the software, thus strengthening the system's security. In classical system architectures,
more » ... application's security depends on the security of all privileged system entities, for example the Operating System. The Trusted Execution Environment (TEE) concept overcomes the dependence of security critical components on the systems overall security. TEEs provide isolated compartments within a single system, allowing isolated operation of a system's individual components and applications. The enclave computing paradigm enhances the TEE concept by enabling self-contained isolation of system components and applications, fulfilling the needs of modern software. It enables novel use cases by providing many parallel mutually isolated TEE-instances without the need to rely on complex privileged entities. The TEE solutions developed by industry and deployed in today's systems follow distinct design approaches and come with various limitations. ARM TrustZone, which is widely available in mobile devices, is fundamentally limited to a single isolation domain. Intel's TEE solution Software Guard Extensions (SGX) provides multiple mutually isolated execution environments, called enclaves. However, SGX enclaves face severe threats, in particular side-channel leakage, that can void its security guarantees. Preventing side-channel leakage from enclaves in a universal and efficient way is a non-trivial problem. Nevertheless, these deployed TEE solutions enable various novel applications. However, different TEE architectures come with diverse properties and features that require special consideration in the design of TEE applications. [...]
doi:10.25534/tuprints-00011912 fatcat:2xf7ax7tcvbhrn76cdvcesfj6e