ryoan a distributed sandbox for untrusted computation on
play

Ryoan: A Distributed Sandbox for Untrusted Computation on Secret - PowerPoint PPT Presentation

Oct 02, 2023 •181 likes •766 views

Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Tyler Hunt , Zhiting Zhu, Yuanzhong Xu, Simon Peter, Emmett Witchel 1 Disease risk assessment: Trust issues D i s e a s e R i s k 2 Disease risk assessment: Trust

  1. Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Tyler Hunt , Zhiting Zhu, Yuanzhong Xu, Simon Peter, Emmett Witchel 1

  2. Disease risk assessment: Trust issues D i s e a s e R i s k 2

  3. Disease risk assessment: Trust issues Classification Result D i s e a s e R i s k 3

  4. Disease risk assessment: Trust issues Classification Result Disease Risk 4

  5. Disease risk assessment: Trust issues Classification Result Disease Risk 5

  6. Disease risk assessment: Trust issues Classification Result D i s e a s e R i s k 6

  7. Disease risk assessment: Trust issues Classification Result D i s e a s e R i s k 7

  8. Talk outline Introduction Controlling untrusted modules Covert and side channels Evaluation 8

  9. Ryoan’s goals ◎ Provide user data secrecy ○ Without trusting the application ○ Without trusting the platform (OS, Hypervisor) ◎ Support cooperation between service providers Userspace Platform ( ) 9

  10. Ryoan’s goals ◎ Provide user data secrecy ○ Without trusting the application ○ Without trusting the platform (OS, Hypervisor) ◎ Support cooperation between service providers Ryoan Sandbox Userspace Platform ( ) 10

  11. Ryōan-ji 11

  12. Threat model Users Service Providers Everyone Don’t trust ◎ Control platforms Trusts Ryoan ◎ ◎ service providers Don’t trust other Trusts Intel SGX ◎ ◎ for secrecy service provides Don’t trust ◎ for secrecy platforms for secrecy - Untrusted Code - Ryoan - User - User Data - Untrusted Platform - SGX 12

  13. Threat model Users Service Providers Everyone Don’t trust ◎ Control platforms Trusts Ryoan ◎ ◎ service providers Don’t trust other Trusts Intel SGX ◎ ◎ for secrecy service provides Don’t trust ◎ for secrecy platforms for secrecy - Untrusted Code - Ryoan - User - User Data - Untrusted Platform - SGX 13

  14. Threat model Users Service Providers Everyone Don’t trust ◎ Control platforms Trusts Ryoan ◎ ◎ service providers Don’t trust other Trusts Intel SGX ◎ ◎ for secrecy service provides Don’t trust ◎ for secrecy platforms for secrecy - Untrusted Code - Ryoan - User - User Data - Untrusted Platform - SGX 14

  15. Threat model Users Service Providers Everyone Don’t trust ◎ Control platforms Trusts Ryoan ◎ ◎ service providers Don’t trust other Trusts Intel SGX ◎ ◎ for secrecy service provides Don’t trust ◎ for secrecy platforms for secrecy - Untrusted Code - Ryoan - User - User Data - Untrusted Platform - SGX 15

  16. Ryoan’s world Modules Sandboxes Platforms NaCl x86 binaries Trusted code More service ◎ ◎ ◎ from service Confine modules providers’ code ◎ providers Based on Google’s Host computation ◎ ◎ Application logic Native Client (NaCl) ◎ Module 16

  17. Ryoan’s world Modules Sandboxes Platforms NaCl x86 binaries Trusted code More service ◎ ◎ ◎ from service Confine modules providers’ code ◎ providers Based on Google’s Host computation ◎ ◎ Application logic Native Client (NaCl) ◎ Module 17

  18. Ryoan’s world Modules Sandboxes Platforms NaCl x86 binaries Trusted code More service ◎ ◎ ◎ from service Confine modules providers’ code ◎ providers Based on Google’s Host computation ◎ ◎ Application logic Native Client (NaCl) ◎ Module 18

  19. Ryoan’s world Modules Sandboxes Platforms NaCl x86 binaries Trusted code More service ◎ ◎ ◎ from service Confine modules providers’ code ◎ providers Based on Google’s Host computation ◎ ◎ Application logic Native Client (NaCl) ◎ Module 19

  20. Ryoan applications Modules ◎ Request oriented Module ◎ Well defined unit of work ○ One request→one result ○ e.g, 1 email, 1 photo Composable ◎ Modules can be connected to build services 20

  21. Talk outline Introduction Controlling untrusted modules Covert and side channels Evaluation 21

  22. Intel SGX in 2 minutes (or less) ◎ Provides Enclaves Enclave Code’s View Regions of a process's virtual address ○ space Module Ryoan Instance ◎ Enclaves Can only be accessed by enclave code ○ Still have access to the rest of memory ○ Other Code’s View ◎ Attestations Hardware signed hashes of initial code ○ and data Enclave (Inaccessible) 22

  23. Chain of trust ◎ SGX provides unforgeable attestation of the sandbox Attests Ryoan ◎ Statements Ryoan makes about the module can now be trusted Ryoan Attests Module 23

  24. Ryoan’s view of SGX ◎ SGX gives you: ○ Trusted computation on secret data ◎ Ryoan uses SGX to give you: ○ Guarantees on Untrusted computation 24

  25. Confining untrusted code Problem: ◎ Platform can read secrets out Module of memory Solution: ◎ Execute module inside of an enclave 25

  26. Confining untrusted code Problem: ◎ Platform can read secrets out Module of memory Enclave Solution: ◎ Execute module inside of an enclave 26

  27. Confining untrusted code Problem: ◎ Module can copy secrets to Module non-enclave memory Enclave Solution: ◎ Restrict accessible memory with a sandbox ○ Property of NaCl 27

  28. Confining untrusted code Problem: ◎ Module can copy secrets to Module Sandbox non-enclave memory Solution: ◎ Restrict accessible memory with a sandbox ○ Property of NaCl 28

  29. Confining untrusted code Problem: ◎ Modules can use system calls Module to write out user data Sandbox write( ); Solution: ◎ NaCl modules call sandbox to access system calls ◎ Enforce encryption 29

  30. Confining untrusted code Problem: ◎ Modules can use system calls Module to write out user data Sandbox write([CIPHERTEXT]); Solution: ◎ NaCl modules call sandbox to access system calls ◎ Enforce encryption 30

  31. Confining untrusted code Module Module Problem: ◎ Modules can collude with Disease Risk users to steal data It’s ME! Solution: ◎ Don’t let modules keep state between requests Later 31

  32. Confining untrusted code Module Module Problem: ◎ Modules can collude with Disease Risk users to steal data It’s ME! Solution: ◎ Don’t let modules keep state between requests Later 32

  33. Modules cannot keep state ◎ Module life cycle imposed by Ryoan ○ Read, process, write, destroy ◎ Sandbox enforces one request per module execution ○ Represent a complete unit of work ○ Only contain content from one user Read Write Initialize Process Input Output Destroy 33

  34. Talk outline Introduction Controlling untrusted modules Covert and side channels Evaluation 34

  35. Covert and side channels ◎ Output, via some externally Module visible property of execution ◎ Ryoan: Software covert channels ○ System calls ○ Execution time ◎ Hardware covert channels: ○ Hardware vendor’s responsibility 35

  36. System call covert channel Module 0101110 write(8bytes); write(16bytes); write(8bytes); write(16bytes); write(16bytes); write(16bytes); write(8bytes); 0101110 8bytes 0 16bytes 1 36

  37. Eliminating system call channel ◎ Remove modules ability to make system calls ◎ Ryoan performs all data input and output independent of the content Confined; Module cannot make system calls. Read Initialize Process Done Input Ryoan makes input Ryoan flushes all output available 37 Destroy

  38. Initialization is expensive ClamAV (virus scanner): 25.0 seconds to initialize 0.1 seconds to process a request Checkpoint Confined; Module cannot make system calls. Read Initialize Process Done Input Restore Checkpoint 38

  39. Confined compatibility API Dynamic Memory In-memory file API ◎ Modules can call ◎ File system operations mmap for “new” in memory memory ◎ Examples: ◎ Return memory from ○ Temp files a pre-allocated pool. ○ Preexisting files Replaced system calls: Replaced system calls: mmap open, close, read, write, stat, lseek, unlink, mkdir, rmdir, getdents 39

  40. Confined compatibility API Dynamic Memory In-memory file API ◎ Modules can call ◎ File system operations mmap for “new” in memory memory ◎ Examples: ◎ Return memory from ○ Temp files a pre-allocated pool. ○ Preexisting files Replaced system calls: Replaced system calls: mmap open, close, read, write, stat, lseek, unlink, mkdir, rmdir, getdents 40

  41. Confined compatibility API Dynamic Memory In-memory file API ◎ Modules can call ◎ File system operations mmap for “new” in memory memory ◎ Examples: ◎ Return memory from ○ Temp files a pre-allocated pool. ○ Preexisting files Replaced system calls: Replaced system calls: mmap open, close, read, write, stat, lseek, unlink, mkdir, rmdir, getdents 41

  42. Talk outline Introduction Controlling untrusted modules Covert channels Evaluation 42

  43. Parse Return Health Translation Classifier Input Results Moses In: Genome/health data In: French text Out: Disease risk Out: English text Images Email Recognize Face Distribute Combine Recognize Distribute Combine Horse Recognize NSFW In: Emails In: Pictures 43 Out: Spam & virus status Out: Array of objects

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Native Client: A Sandbox for Portable, Untrusted x86 Native Code Bennet Yee, David Sehr, Gregory

Native Client: A Sandbox for Portable, Untrusted x86 Native Code Bennet Yee, David Sehr, Gregory

Native Client: A Sandbox for Portable, Untrusted x86 Native Code Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar Google Inc. Presented by: Gilmore R.

497 views • 39 slides
Native Client: A sandbox for portable, untrusted x86 native code Bennet Yee, David Sehr, Gregory

Native Client: A sandbox for portable, untrusted x86 native code Bennet Yee, David Sehr, Gregory

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Native Client: A sandbox for portable, untrusted x86 native code Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki

170 views • 13 slides
SELinux Sandbox Daniel Walsh Red Hat What is Sandbox Run applications in a confined

SELinux Sandbox Daniel Walsh Red Hat What is Sandbox Run applications in a confined

SELinux Sandbox Daniel Walsh Red Hat What is Sandbox Run applications in a confined environment. Allow filtering tools to read untrusted content. Vulnerability in a filtering tools can allow content to cause the application to do bad

501 views • 13 slides
The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap

The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap

The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk rafal@bromium.com Rahul Kashyap rahul@bromium.com What is a sandbox? Environment designed to run untrusted (or exploitable) code, in a manner that prevents the encapsulated code

417 views • 40 slides
Online computation with untrusted advice Joint work with Spyros Angelopoulos, Jin S., S.

Online computation with untrusted advice Joint work with Spyros Angelopoulos, Jin S., S.

Online computation with untrusted advice Joint work with Spyros Angelopoulos, Jin S., S. Kamali, M. Renault. (ITCS2020) Christoph Drr - August 2020 Cost OPT ALG (k=B) Ski rental problem 7 Rent or buy 6 Renting skis cost 1 / day

619 views • 14 slides
Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a

Secure Outsourcing of Computation Ron Rothblum MIT Outsourcing Computation Motivation: allow a computationally weak client to outsource its computation to an untrusted server. = () Main security concerns: 1. Correctness:

377 views • 4 slides
secmodel_sandbox An application sandbox for NetBSD Stephen Herwig sandboxing Sandboxing:

secmodel_sandbox An application sandbox for NetBSD Stephen Herwig sandboxing Sandboxing:

secmodel_sandbox An application sandbox for NetBSD Stephen Herwig sandboxing Sandboxing: limiting the privileges of a process Two motivations - Running untrusted code in a restricted environment - Dropping privileges in trusted code so as to

1.09k views • 58 slides
Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V.

Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V.

Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V. Madhyastha, Mosharaf Chowdhury 1 Distributed Data Processing is Ubiquitous Distributed computation in Local-Area Networks (LAN) To accelerate

1.92k views • 77 slides
Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work with Alessandro Chiesa Eli Ben-Sasson Daniel Genkin 1 Technion Cryptoday June 16, 2011 Motivation 3 Motivation INTEGRITY CONFIDENTIALITY

725 views • 50 slides
Welcome! What Is an AR Sandbox? (and how to build one) An Augmented Reality Sandbox Is: a

Welcome! What Is an AR Sandbox? (and how to build one) An Augmented Reality Sandbox Is: a

Welcome! What Is an AR Sandbox? (and how to build one) An Augmented Reality Sandbox Is: a box filled with white sand a projector mounted over the sand a Kinect depth-sensing camera mounted over the sand a computer that runs

491 views • 11 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
Computation on Natural Graphs Presenter: Mengxiao Wang Problem: Existing distributed graph

Computation on Natural Graphs Presenter: Mengxiao Wang Problem: Existing distributed graph

CSE 6350 File and Storage System Infrastructure in Data centers Supporting Internet-wide Services PowerGraph: Distributed Graph-Parallel Computation on Natural Graphs Presenter: Mengxiao Wang Problem: Existing distributed graph computation

498 views • 11 slides
RAY A Scalable computation engine Ray is a flexible, high-performance, distributed

RAY A Scalable computation engine Ray is a flexible, high-performance, distributed

RAY A Scalable computation engine Ray is a flexible, high-performance, distributed execution framework for Emerging AI Applications (UC Berkeley) A scalable system for parallel and distributed Python. Shortens path to production

389 views • 35 slides
Haow do I sandbox?!?! Cuckoo Sandbox Internals Jurriaan Bremer @skier t Student (University of

Haow do I sandbox?!?! Cuckoo Sandbox Internals Jurriaan Bremer @skier t Student (University of

Haow do I sandbox?!?! Cuckoo Sandbox Internals Jurriaan Bremer @skier t Student (University of Amsterdam), Freelance Security Researcher June 22, 2013 June 22, 2013 Jurriaan Bremer @skier t Haow do I sandbox?!?! Cuckoo Sandbox Internals 1 /

1.15k views • 79 slides
Towards Distributed Computation of Answer Sets Marco De Bortoli, Federico Igne, Fabio Tardivo,

Towards Distributed Computation of Answer Sets Marco De Bortoli, Federico Igne, Fabio Tardivo,

Towards Distributed Computation of Answer Sets Towards Distributed Computation of Answer Sets Marco De Bortoli, Federico Igne, Fabio Tardivo, Pietro Totis, Agostino Dovier and Enrico Pontelli Dept DMIF, University of Udine, Udine, Italy Dept

257 views • 13 slides
Chip-Secured Data Access: Confidential Data on Untrusted Servers L. Bouganim, P. Pucheral

Chip-Secured Data Access: Confidential Data on Untrusted Servers L. Bouganim, P. Pucheral

Chip-Secured Data Access: Confidential Data on Untrusted Servers L. Bouganim, P. Pucheral University of Versailles The need for Open Trusted Data Stores PAGE 2 Virtual teams distributed among space, time and organizations

394 views • 12 slides
Update on Trust Decanting and Pretermitted Heirs in New Hampshire Ralph F. Holmes and Alyssa

Update on Trust Decanting and Pretermitted Heirs in New Hampshire Ralph F. Holmes and Alyssa

Update on Trust Decanting and Pretermitted Heirs in New Hampshire Ralph F. Holmes and Alyssa Graham Garrigan ProbateTrial.com Pleadings bank Court orders Law summaries Commentary Decanting Overview Statutory Authority to Decant RSA

379 views • 37 slides
GANT eduPKI in 3 Slides Servicing GANT Services Reimer Karlsen-Masur, DFN-CERT Services GmbH

GANT eduPKI in 3 Slides Servicing GANT Services Reimer Karlsen-Masur, DFN-CERT Services GmbH

GANT eduPKI in 3 Slides Servicing GANT Services Reimer Karlsen-Masur, DFN-CERT Services GmbH GN3+ SA5 / JRA5 X-Activity Meeting SURFnet, Utrecht / NL, 21/22.05.2013 Slides & Related Materials @ https://www.edupki.org Outline The 3

220 views • 7 slides
Guardian : Evaluating Trust in Online Social Networks with Graph Convolutional Networks Wanyu Lin

Guardian : Evaluating Trust in Online Social Networks with Graph Convolutional Networks Wanyu Lin

Guardian : Evaluating Trust in Online Social Networks with Graph Convolutional Networks Wanyu Lin , Zhaolin Gao, Baochun Li University of Toronto Almost 4.57 billion people were active internet users as of April 2020. Statista Social trust

733 views • 35 slides
In Algorithms We Trust Interpretability, robustness and bias in machine learning Louis Abraham

In Algorithms We Trust Interpretability, robustness and bias in machine learning Louis Abraham

In Algorithms We Trust Interpretability, robustness and bias in machine learning Louis Abraham March 21th 2019 ACPR A word about trust in decision making About me Louis Abraham Education: cole polytechnique, ETH Zurich Experience:

675 views • 32 slides
Outline OS trust and assurance CSci 5271 Introduction to Computer Security Announcements

Outline OS trust and assurance CSci 5271 Introduction to Computer Security Announcements

Outline OS trust and assurance CSci 5271 Introduction to Computer Security Announcements intermission Day 11: OS security: higher assurance Stephen McCamant Unix access control University of Minnesota, Computer Science & Engineering

401 views • 6 slides
Armys Framework for Character Development Implementation and Assessment & FY19- 20

Armys Framework for Character Development Implementation and Assessment & FY19- 20

US Army Combined Arms Center SOLDIERS AND LEADERS - OUR ASYMMETRIC ADVANTAGE Armys Framework for Character Development Implementation and Assessment & FY19- 20 Americas Army Our Profession 1 cape.army.mil At APLDF 174,

593 views • 30 slides
Multiresolution Cluster AnalysisAddressing Trust in Climate Classifications Derek DeSantis

Multiresolution Cluster AnalysisAddressing Trust in Climate Classifications Derek DeSantis

Multiresolution Cluster AnalysisAddressing Trust in Climate Classifications Introduction Multiresolution Cluster AnalysisAddressing Trust in Climate Classifications Derek DeSantis , Phil Wolfram, Boian Alexandrov Los Alamos National

874 views • 52 slides
Trust Management in Emerging countries: International cooperation research challenges for Horizon

Trust Management in Emerging countries: International cooperation research challenges for Horizon

Trust Management in Emerging countries: International cooperation research challenges for Horizon 2020 Paper authors: Marijke Coetzee, Jan Eloff , Donovan Isherwood, James Clarke, Manmohan Chaturvedi, Abhishek Sharma, Karima Boudaoud , Mounib

663 views • 29 slides

More recommend