open enclave sdk
play

Open Enclave SDK Dave Thaler SIOT Hackathon 1 Confidential - PowerPoint PPT Presentation

Aug 18, 2022 •229 likes •397 views

Open Enclave SDK Dave Thaler SIOT Hackathon 1 Confidential Computing Consortium CCC is part of the Linux Foundation Website: https://confidentialcomputing.io/ Member orgs (some already have IETF TEEP/RATS/SUIT doc authors)

  1. Open Enclave SDK Dave Thaler SIOT Hackathon 1

  2. Confidential Computing Consortium CCC is part of the Linux Foundation ● Website: https://confidentialcomputing.io/ ● Member orgs (some already have IETF TEEP/RATS/SUIT doc authors) ● Alibaba , ARM , Facebook, Google, Huawei , Intel , Microsoft , Oracle, Red Hat, … ○ CCC does implementation, marketing, etc., and coordinates with IETF, ● TCG, GP, etc. for protocols Open source projects accepted: ● Enarx (submitted by Red Hat) ○ Open Enclave SDK (submitted by Microsoft) ○ SGX SDK for Linux (submitted by Intel) ○ … ○ 2

  3. Trusted Execution Environments • A TEE provides hardware-enforcement that • The device has unique security identity • Any code inside the TEE is authorized code • Reduced risk for application compromise • Any data inside the TEE cannot be read by code outside the TEE • Safe area of the device to protect assets (great for key management, ML models, etc.) • Compromising REE and normal apps don’t affect TEE and code (called Trusted Applications) running inside TEE • TEE Examples: • Intel SGX, ARM TrustZone, Secure Elements, RISC-V MultiZone, etc. SIOT Hackathon 3

  4. Two styles of Trusted App platforms exist • LibOS/Microkernel style: Enarx, Graphene, etc. • Runs entire application inside a TEE, with some sort of OS under it in the TEE • Much higher Trusted Computing Base (higher security risk) • Lower dev effort • Enclave style: Open Enclave SDK, Intel SGX SDK, etc. • Run only security critical functionality inside the TEE • Minimizes Trusted Computing Base (lower security risk) • Higher dev effort SIOT Hackathon 4

  5. TrustBox: CES 2019 winner for cybersecurity • “ CES Innovation Awards winners have been announced ahead of CES 2019, with the cybersecurity and personal privacy award going to Scalys' TrustBox, a router and IoT gateway designed to secure IoT devices on home networks .” “ Scalys worked with Microsoft and • semiconductor manufacturer NXP to build TrustBox around the NXP Layerscape LS1012A networking processor, an SoC with hardware security features including secure boot, secure software provisioning, and secure storage. TrustBox also features Microsoft's open source Open Enclave SDK, which can make it flexible for businesses that need to develop trusted execution environments .” SIOT Hackathon 5

  6.  

  7. SGX-specific notes Each trusted app runs in its own SGX container called an “enclave”. “Trusted Application” is a signed shared library loaded in a hardware -protected part of the same process • Absolute time: SGX has no time-of-day clock, so you have to ask something outside SGX if you need the current time, or implement a secure time protocol inside SGX. • Relative time: SGX can track the passage of time, but the granularity is in seconds, not more fine grained. • Timers: SGX has no timer API, so an app must implement its own timer queue outside SGX and call into the enclave when a timer expires. • Synchronization: SGX has spinlocks, event objects, and mutexes, but not semaphores or timed waits. That is, waiting for event objects requires waiting for either 0 or INFINITE time. • Threads: SGX cannot create or delete threads. Threads must be created outside SGX and call into an enclave to do work. • I/O: stdout/stdin APIs, and networking APIs, are not available inside SGX, since I/O is not trusted. • Files: SGX file APIs allow accessing sealed storage files, but there's no way to enumerate such files from within SGX. File metadata (size, modification time, etc.) is all visible outside SGX. SIOT Hackathon 9

  8. OP-TEE (TrustZone) notes OP-TEE is a open-source platform that runs inside TrustZone and hosts Trusted Apps, each in its own container. “Trusted Application” is an executable binary running in the TEE, so separate process and separate “OS” • Absolute time: OP-TEE has no secure time-of-day clock, so you have to implement a secure time protocol inside the TEE, or rely on the untrusted time-of-day API. • Relative time: OP-TEE can track the passage of time, with millisecond granularity. • Timers: OP-TEE only has a blocking wait API. For asynchronous timers, an app must implement its own timer queue outside the TEE and call into the Trusted App when a timer expires. • Synchronization: OP-TEE has (blocking) timed waits, and exclusive access locks on persistent objects, but no real synchronization primitives. • Threads: TEE code cannot create or delete threads. Threads must be created outside the TEE and call into the TEE to do work. • I/O: stdout/stdin APIs, and networking APIs, are not available inside OP-TEE. • Files: TEE code can call APIs to access sealed storage files, but there's no API to enumerate such files. File metadata (size, modification time, etc.) is not visible outside the TEE. SIOT Hackathon 10

  9. Open Enclave SDK Goals 1. Easy migration from normal world app code to Trusted App code 2. Make it easy to write & debug new Trusted App code 3. Allow common app code for SGX, TrustZone, etc. 4. Be fully open source 5. Allow common app code independent of topological location (cloud vs. edge/IoT) 6. Allow attested communication between TZ/SGX/etc apps 7. Support both Linux and Windows hosts (and others) SIOT Hackathon 11

  10. Supported SDK functionality • Enclave creation and • POSIX APIs for enclaves: management • Threads • Memory management • Communication between app and • Files enclave • Sockets • Sealing • … • Cryptographic libraries • Emulator support: • Enclave measurement and • Simulation mode at runtime (ELF) identity • QEMU VM (TrustZone) • Attestation SIOT Hackathon 12

  11. EDL File Trusted Execution Environment Normal Execution Environment Generated Generated Application Application Code Code (normal part) (secure part) Networking, OE Host API OE Enclave API Storage, etc. Linux Windows Intel SGX ARM TrustZone

  12. EDL File Trusted Execution Environment Normal Execution Environment Generated Generated “Host” “Enclave” Code Code Networking, OE Host API OE Enclave API Storage, etc. Linux Windows Intel SGX ARM TrustZone

  13. Enclave Calls Flow Diagram Host Enclave OCALL ECALL processing processing Note: OP-TEE only supports 1 thread per TA, with ECALL holding a global lock

  14. Example using “Echo” Sample TCP/IP Enclave Host Host Enclave Windows Linux OP-TEE Firmware Secure Firmware (project-kayla) SoC CPU Hardware Hardware (ARM TZ) (Intel) Echo Server Echo Client SIOT Hackathon 16 Trusted Component

  15. What needs to be factored where? Normal Application Trusted Application • Loading of Trusted App • Security credentials • Threading • All operations using sensitive data • Timers • I/O for trusted peripherals (if any) • Transport stack (e.g., sockets) • Storage stack (if not provided by TEE) SIOT Hackathon 17

  16. Links • https://github.com/Microsoft/openenclave • Visual Studio extension: search for “Open Enclave” • Visual Studio Code extension: search for Open Enclave • Channel 9 episode: https://channel9.msdn.com/Shows/Internet-of- Things-Show/Deep-Dive-Confidential-Computing-in-IoT-using-Open- Enclave-SDK SIOT Hackathon 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop

Bringing Memory-Safety to Keystone Enclave Mingshen Sun Baidu X-Lab Open-Source Enclaves Workshop (OSEW 2019) Berkeley, July 2019 https://mesatee.org Rust and Keystone Enclave Open-Source Enclave (RISC-V Hardware/Keystone Enclave) :

662 views • 32 slides
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process Service Untrusted (IAS) Enclave Enclave Code Trusted Process Process Enclave Other Data Enclave OS and/or Hypervisor Off-chip devices 2

531 views • 24 slides
Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann,

Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann,

Open Source Enclave Workshop July 2019 Berkeley, CA Verifying enclave systems with Serval Luke Nelson w/ James Bornholt, Ronghui Gu, Andrew Baumann, Emina Torlak, Xi Wang University of Washington, Columbia University, Microsoft Research 1

435 views • 14 slides
Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu

Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu

Formal Verification of an Open-Source Secure Enclave Pranav Gaddamadugu pranavsaig@berkeley.edu Problem Definition Verifying hyperproperties about the Keystone Security monitor Secure Remote Execution (SRE) : a 2-safety hyperproperty

446 views • 10 slides
About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across

About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across

About imec-DistriNet enclave research https://distrinet.cs.kuleuven.be/ Trusted computing across the system stack: hardware, compiler, OS, application Integrated attack-defense perspective and open-source prototypes SGX-Step framework Sancus

925 views • 75 slides
Autarky: Closing controlled channels with self-paging enclaves Meni Orenbach, Technion Andrew

Autarky: Closing controlled channels with self-paging enclaves Meni Orenbach, Technion Andrew

Autarky: Closing controlled channels with self-paging enclaves Meni Orenbach, Technion Andrew Baumann, Microsoft Research Mark Silberstein, Technion Public cloud computing Enclave Enclave Enclave Sensitive data 29-Apr-20 Meni Orenbach,

971 views • 29 slides
1) Technocratic enclave or political synergy? 2) Bounded interventions or multi-faceted

1) Technocratic enclave or political synergy? 2) Bounded interventions or multi-faceted

Panel: Working with power and politics TALEARN, March 12, 2014 Jakarta Seven tensions facing the transparency/accountability agenda 1) Technocratic enclave or political synergy? 2) Bounded interventions or multi-faceted strategies? 3)

143 views • 10 slides
The he ethni hnic c enclave lave of of Ll Llor oret et de de Mar: r: a pe pers rsonal

The he ethni hnic c enclave lave of of Ll Llor oret et de de Mar: r: a pe pers rsonal

The he ethni hnic c enclave lave of of Ll Llor oret et de de Mar: r: a pe pers rsonal onal network work app pproach roach to o inve vestigate stigate mixed ed embe beddedness ddedness and d tra ransnational snational

303 views • 27 slides
Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp,

Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control Marcus Vlp, Adam Lackorzynski * , Jrmie Decouchant, Vincent Rahli, Francisco Rocha, and Paulo Esteves-Verssimo * Kernkonzept GmbH and University of

289 views • 28 slides
T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee

T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee

T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs Ming-Wei Shih Sangho Lee Taesoo Kim Marcus Peinado Georgia Institute of Technology Microsoft Research 2 3 Intel SGX aims to secure users code and data in the cloud

1.07k views • 27 slides
We are We are Ghanas l leading wood di d processing company operating p g under the

We are We are Ghanas l leading wood di d processing company operating p g under the

We are We are Ghanas l leading wood di d processing company operating p g under the Free Zones Enclave Zones Enclave . E Established since bli h d i 1955, our growth has been growth has been impressive with continuous

552 views • 22 slides
S GX E LIDE : Enabling Enclave Code Secrecy via Self-Modification Erick Bauman 1 , Huibo Wang 1 ,

S GX E LIDE : Enabling Enclave Code Secrecy via Self-Modification Erick Bauman 1 , Huibo Wang 1 ,

S GX E LIDE : Enabling Enclave Code Secrecy via Self-Modification Erick Bauman 1 , Huibo Wang 1 , Mingwei Zhang 2 , Zhiqiang Lin 1 , 3 1 University of Texas at Dallas 2 Intel Labs 3 The Ohio State University CGO 2018 Introduction Background and

1.08k views • 74 slides
A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard,

A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard,

A Secure Data Enclave and Analytics Platform For Social Scientists Yadu N. Babuji, Kyle Chard, Aaron Gerow, & Eamon Duede Computation Institute, The University of Chicago and Argonne National Laboratory

473 views • 24 slides
XASM: A Cross-Enclave Composition Mechanism for Exascale System Software Noah Evans, Kevin

XASM: A Cross-Enclave Composition Mechanism for Exascale System Software Noah Evans, Kevin

XASM: A Cross-Enclave Composition Mechanism for Exascale System Software Noah Evans, Kevin Pedretti, Brian Kocoloski, John Lange, Michael Lang, Patrick G. Bridges nevans@sandia.gov 6/1/16 Sandia National Laboratories is a multi-program

647 views • 38 slides
Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris

Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris

Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, Bryan Parno* Microsoft Research, Cornell University, Carnegie Mellon University* 1 Secure Remote

356 views • 21 slides
Solar Energy Research Enclave Outline Introduction World Scenario Indian Scenario

Solar Energy Research Enclave Outline Introduction World Scenario Indian Scenario

Solar Energy Research Enclave Outline Introduction World Scenario Indian Scenario SWOT Analysis Objectives Technology Demonstrator Summary Energy Source & Utilization (US) SOURCE(%) USAGE Hydro (1)

525 views • 27 slides
Real clocks: a toy model for non-locality luis j. garay Universidad Complutense de Madrid

Real clocks: a toy model for non-locality luis j. garay Universidad Complutense de Madrid

Real clocks: a toy model for non-locality luis j. garay Universidad Complutense de Madrid NORDITA, Stockholm Non-locality: Aspects and Consequences 29 June 2012 Contents Non-ideal clocks Good clocks Evolution Loss of

622 views • 20 slides
An Exact Polynomial Time Algorithm for Clock Tree Sizing for Register Files Alexander Berkovich,

An Exact Polynomial Time Algorithm for Clock Tree Sizing for Register Files Alexander Berkovich,

An Exact Polynomial Time Algorithm for Clock Tree Sizing for Register Files Alexander Berkovich, Lawrence D. Gonzales, Ataur Patwary Intel Corporation Rupesh S. Shelar Synopsys Inc. Agenda Introduction Clock Trees for Register Files

681 views • 33 slides
What we have learnt so far in CS1 Prof. Zhang February 27, 2014 1 Nuts and Bolts of programming

What we have learnt so far in CS1 Prof. Zhang February 27, 2014 1 Nuts and Bolts of programming

What we have learnt so far in CS1 Prof. Zhang February 27, 2014 1 Nuts and Bolts of programming We have learnt different parts that made up a C++ program. Please review them often. 1.1 C++ Program Structure Below is a sample C++ program,

190 views • 8 slides
Evaluation of Relational Operations: Other Techniques Chapter 12, Part B Database Management

Evaluation of Relational Operations: Other Techniques Chapter 12, Part B Database Management

Evaluation of Relational Operations: Other Techniques Chapter 12, Part B Database Management Systems, R. Ramakrishnan and Johannes Gehrke 1 SELECT * Reserves R FROM Simple Selections WHERE R.rname < C% R attr R ( ) Of the

398 views • 13 slides
Verteilte Systeme (Distributed Systems) Karl M. Gschka Karl.Goeschka@tuwien.ac.at

Verteilte Systeme (Distributed Systems) Karl M. Gschka Karl.Goeschka@tuwien.ac.at

Verteilte Systeme (Distributed Systems) Karl M. Gschka Karl.Goeschka@tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Lecture 6: Clocks and Agreement Synchronization of physical clocks Logical clocks

693 views • 57 slides
CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems Hao Zheng

CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems Hao Zheng

CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems Hao Zheng Department of Computer Science and Engineering University of South Florida H. Zheng (CSE USF) CIS 4930/6930: Principles of CPS 1 / 50 Hybrid Systems

794 views • 50 slides
Distributed Systems - I Tevfik Ko ar University at Buffalo November 26 th , 2013 1 Motivation

Distributed Systems - I Tevfik Ko ar University at Buffalo November 26 th , 2013 1 Motivation

CSE 421/521 - Operating Systems Fall 2013 Lecture - XXIV Distributed Systems - I Tevfik Ko ar University at Buffalo November 26 th , 2013 1 Motivation Distributed system is collection of loosely coupled processors that do not

243 views • 13 slides
Shared-clock methodology for time-triggered multi-cores Keith F. Athaide Project supervisor:

Shared-clock methodology for time-triggered multi-cores Keith F. Athaide Project supervisor:

Shared-clock methodology for time-triggered multi-cores Keith F. Athaide Project supervisor: Michael J. Pont Technical supervisor: Devaraj Ayavoo Communicating Process Architectures (CPA) 2008 8 th -10 th September 2008 Overview Aims

230 views • 20 slides

More recommend