Recommandé
Recommandé
Contenu connexe
Similaire à Review of Hardware based solutions for trusted cloud computing.pptx
Similaire à Review of Hardware based solutions for trusted cloud computing.pptx (20)
Dernier
Dernier (20)
Review of Hardware based solutions for trusted cloud computing.pptx
- 2. Contents
- 3. Cloud Computing has been widely adopted thanks to its many advantages • Deployment cost reduction • Physical resource sharing between VM using virtualization But, cloud computing has opened the door for many additional threats as customers share the same physical resources Two main families: Software-based solutions, Hardware-based solutions
- 4. Software-based solutions • The first cloud security solutions to show up in the market Easy to implement, inexpensive and offer the ability to review and upgrade implementations. • But, Insufficient to protect VM Because, VM require a trusted hypervisor with millions of lines of code (LOC) in TCB* code injection, code reuses, fork, roll-back, rootkit attack.. etc * TCB: Trust Computing Base
- 5. Hardware-based solutions • Use dedicated Integrated Circuits (IC) or separate processor designed specifically to provide security operations • Industrial-scale 1. TPM: Trust Processor Module 2. Intel TXT: Trust eXecution Technology 3. ARM TrustZone 4. AMD SEV: Secure Execution Virtualization 5. Intel SGX: Software Guard eXtention • Theses solution can be leveraged by CSP* to offer a TEE** for end-users to execute their application in cloud * CSP: Cloud Service Provider * TEE: Trusted Execution Environment
- 6. Compare four industrial-scale hardware-based security solutions • Four Industrial-scale 1. Intel TXT ( include Intel TPM ) 2. ARM TrustZone 3. AMD SEV 4. Intel SGX * TEE: Trusted Execution Environment
- 7. Fig.1 Intel TXT components * VT-d: VMDirectPath (Direct input/output from vm to pcie host os (esxi, xen, etc.) device) ** ACM: Authenticated Code Module Trust eXecution Technology) • IOH/PCH ( leveraging Intel VT-d* tech.)
- 8. Fig.3 Hardware components interation in ARM TrustZone * SMC: System Monitor Call Fig.2 Processor modes in ARM TrustZone • Provides a secure execution environment by splitting computer resources into execution worlds : Normal World, Secure World, (Moniter Mode) • NS bit is triggered by SMC* on Moniter Mode • Secure World --> Normal World (o) • Secure World <-- Normal World (x)
- 9. Secure Execution Virtualization) • Encrpyts transparently the memory contents of a VM with a unique key for each guest VM. • The management of these keys and the secure data transfer is handled by the SEV firmware. • Encypting VMs can help protecting them from physical threats, other VMs threats or even the VMM itself. • AMD SME* encrypts all the system memory with a single key that is generated by the AMD Secure Processor at boot. • It does not require any application s/w changes, vm's encrpytion is performed by hardware engines. Fig.4 AMD SEV architecute * SME: Secure Memory Encryption
- 10. Intel SGX • Protect a portion of their address spaces and secure their code and data within containers called enclaves. • A new set of CPU instructions allowing a user application to create enclaves as a hardware-assisted TEE. • The untrusted section and the trusted section • Secret data/code are located in the trusted section, and are accessed from the untrusted section through SGX call gates. • With the upcoming version SGX v2, a new feature called oversubscribing will allow multiple VMs to share the EPC *. * EPC: Enclave Page Cache Fig.5 Intel SGX trusted execution path
- 11. 1) Secuirty Criteria (10) • Isolation level • Memory confidentiality and integrity protection • Protrection against compromised OS/VMM/BIOS/SMM • Protection agianst physical attacks • Protection against memory snooping • Secure storage • Secure boot • Cache memory protection • Memory access protection 2) Functional Criteria (5) • TCB Size • Debugging • Attestation • Sealing • Execution privilege level 3) Deployability criteria (6) • TEE features • Application modification • Performance • VM migration • License agreement • Ecosystem
- 12. 1) Secuirty Criteria (10) • Isolation level • Memory confidentiality and integrity protection • Protrection against compromised OS/VMM/BIOS/SMM • Protection agianst physical attacks • Protection against memory snooping • Secure storage • Secure boot • Cache memory protection • Memory access protection 2) Functional Criteria (5) • TCB Size • Debugging • Attestation • Sealing • Execution privilege level 3) Deployability criteria (6) • TEE features • Application modification • Performance • VM migration • License agreement • Ecosystem
- 13. x: unsupported, √: supported, •: not applicable or not specified
- 14. x: unsupported, √: supported, •: not applicable or not specified
- 15. x: unsupported, √: supported, •: not applicable or not specified
- 16. x: unsupported, √: supported, •: not applicable or not specified
- 17. • Hardware-based security solutions are a promising way toward a trusted cloud computing enviroment • We presented four industrial-scale hardware-based trust solutions: Intel TXT, ARM TrustZone, AMD SEV, Intel SGX • According to our comparison with respect to three criteria categories. • Intel SGX is a better chocie, but still not the best. • Requires code modification of legacy application • Puts the responsibility on the application developers to write code that resists to side channel attacks
- 18. Q & A
- 19. Thank you :-)