SERECA

By wculhane , 15 April 2016

In cloud environments, security is a major concern to organisations that
must comply with strict confidentiality and integrity policies. Security has
emerged as a commercial imperative for cloud computing across a wide range of
applications domains. The lack of principled security guarantees therefore
becomes the primary barrier to the broad adoption of cloud computing.

In our work, we explore a new technological direction for making cloud
environments more secure. Modern CPUs support trusted execution
mechanisms such Intel's Software Guard Extensions (SGX) and
ARM's TrustZone that permit user applications to execute in untrusted
cloud environments, while maintaining the confidentiality and integrity of
sensitive data. User applications are protected by secure enclaves,
which transparently shield the application code and data from the rest of the
system, including higher privileged systems software. Compared to existing
cryptographic approaches, trusted execution bears the promise to offer strong
security in cloud environments without the performance overhead of data
encryption and decryption in software.

An open research challenge is how today's cloud computing stacks and
applications should exploit trusted execution mechanisms to improve
security. In the SeReCa and SecureCloud research projects, together with our
academic collaborators at the Technical University Dresden, the Technical
University Braunschweig and the University of Neuchatel, we are interested in
two directions:

How to protect existing cloud applications using trusted execution?

  • We investigate how legacy C/C++ applications can be partitioned
    automatically to execute as part of secure enclaves. Based on a combination of
    static and dynamic analysis, we automatically partition applications at the
    source-code level to make them compatible with trusted execution.
  • We explore how to execute existing Linux applications as part of secure
    enclaves using a secure container abstraction. The work on SCONE shows
    that it is possible to execute cloud-based micro-services in enclaves with low
    performance overhead.
  • We examine how existing cloud-based micro-services can be protected using
    secure enclaves. The work on SecureKeeper demonstrates how to protect a
    ZooKeeper deployment using trusted execution.

How to design future cloud applications with trusted execution support?

  • We carry out research work into approaches that use secure enclaves to
    increase the accountability of future cloud services.
  • We investigate how unikernels can be used to construct future secure cloud
    services that are protected by trusted execution.
  • We are interested in novel attacks that are specific to a trusted execution
    model. The work on AsyncShock illustrates how an attacker can subvert the OS scheduler to exploit data races within enclave code.