Civet: An Efficient Java Partitioning Framework for Hardware Enclaves - Privacy-Preserving Cryptographic Protocols Course Presentation
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Civet: An Efficient Java Partitioning Framework
for Hardware Enclaves
Privacy-Preserving Cryptographic Protocols Course Presentation
Benyamin Delshad Mamaghani
30th April 2021
Cloud: Platform / Software as a Service (SaaS) • Software-as-a-Service: cloud-base method of providing software to users. • Example: Streaming a TV show online VS buying all the seasons on DVDs. • The cloud: Remote web servers in various data centres that host databases and run application code.
What does 'as a service' mean? • Service VS Product • Traditionally, software vendors sold their software to users as a product. • In the SaaS model they actively provide and maintain the software for their users, via the cloud. • Example: valet parking VS renting a parking spot
Advantages and disadvantages of using SaaS Advantages Distadvantages Access from anywhere, on any device The need for stronger access control No need for update or installations Vendor lock-in Scalability Security and compliance Cost savings
SaaS is popular!
Trusted execution environment (TEE)
• Secure area of a main processor
• Runs in parallel of the operating system, in an isolated environment.
• It guarantees that the code and data loaded in the TEE are protected with
respect to confidentiality and integrity.
• Provide higher level of security than the user-facing OS.
Accessible to the OS Trusted (opaque to the OS)
System RAM
Use cases for the TEE • Premium content Protection/Digital right management • Mobile financial services • Authentication • Enterprise, government, and cloud • Secure modular programming
Hardware Support The following hardware technologies can be used to support TEE implementations: • AMD: Platform Security Processor (PSP) • ARM: TrustZone • Intel: Software Guard Extensions (SGX) • Others…
TEE support for C/C++
Intel SGX software development using MS Visual Studio
Intel SGX • Offers hardware-based memory encryption that isolates specific application code and data in memory. • Intel SGX allows user-level code to allocate private regions of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels.
Intel SGX
SGX Enclave
Application
Library OS
Adapter
Host OSHardware Enclaves as Root of Trust An abstraction for bootstrapping users’ trust on untrusted platforms.
Existing Approaches for Enclave Development
Partitioning applications • Cloud Platforms + Enclaves= Large Trusted Computing Base • Hardware enclaves can have limited space. • Cost of executing all the application in the enclave is too much.
Civet: An Efficient Java Partitioning Framework for Enclaves
• Published at 2020.
• Guided partitioning for experimentation of partition boundary.
• White-listing class loading & polymorphism
• Tailored Java runtime for enclave performance patterns (e.g., GC)
• More challenging for Java because of:
• Mutable language characteristics
• Extensive code reachablity in class libraries
• The inevitability of using heavyweight runtimePartitioning Tool + Java Runtime for Enclaves
Partitioning Tool + Java Runtime for Enclaves
Determining Boundary for TCB
Challenges
• Complexity of defending partition interfaces
• By polymorphism, potentially vulnerable for type confusion attack.
• Untrusted code may override the behavior of method by creating a subclass.
• Large application footprint
• Standard and third-party libraries.
• JNI (Java narive interfaces) written in C/C++, prone to vulnerablity
• Complete JVM contains up to a million lines of code writtten in Java and C/C++.
• A runtime that requires significant resources and system support
• Even a small partition of Java application needs a full featured runtime.
• Standard runtime behaviors like garbage collection are not tuned for the memory
restriction of SGX.Goals and Contributions
• Reducing partition efforts
• Mitigating partition pitfalls
• Removing unreachable code
• Optimizing garbage collection for enclave
• A framework to analyze and partition applications to run in enclaves
• A system to harden the enclave boundary. This includes type-checking
polymorphic inputs. And mitigating unintended information leakage
from enclave.
• A lightweight JVM partitioned for enclaves.
• A study of GC and three-generation GC design optimized for enclaves.Security properties
Civet is designed to enforce the following security properties:
1. Code integrity and remote attestation
– Neccesary for defending against code modification and code injection attacks.
2. Type integrity on enclave interfaces
– Neccesary for preventing the type confusion attacks.
3. Explicit data declassification
– Prevent semantics bugs or defense code from accidently leacking the secrets from the
enclaves.The partitioning workflow 1. Identtifying enclave interfaces. 2. Specifying enclave protections. 3. Connecting trusted and untrusted domains.
Partitioning class libraries
Identifying Trusted Code • Generating a collection of classes and methods as the transitive closure control and data flows from entry classes. • Call graph analysis: For each method, identyfying the classes and methods refrenced. • Points-to analysis: For each field or local variable, identyfing the heap object that are assigned, to determine all the possible subtypes allocated for the field or local variable if it is polymorphic. • Secutiry property 1 satisfied: Code integrity and remote attestation with signed and hashed classes in enclave.
Sheilding Polymorphic interfaces Partitioning exposes a new attack surface at the interface between trusted and untrusted code. • Iago attacks: OS-level interfaces • Type confusion attacks
Polymorphic attacks on Enclave Entries
Deep type Checks on Enclave inputs • Profile: The set of subtypes that could be passed to a given enclave API function could be in the original, unprtitioned code. • Path-based type-checks: Instead of defining which types can be part of an input, Civet defines which parts of an input (permission object) that a type (permission subject) can be instantiated and assigned to. • This type-checking satisfies the second security property: Type integrity for enclave interfaces.
Declassifying Enclave Outputs • Data leakage • Dynamic Taint-Tracking: (Using Phosphor framework) : The sink of taint- tracking is the function for marshaling returned objects, in order ro block any tainted object from being flowed out of the enclave. • Tracking implicit data flow is optional because of its expensive cost. • We normally expect developer to declassify objects after sanitizing the object or encrypting the data. • This, satisfies the third security property: Explicit data decclassification.
Garbage Collection in Enclaves
Garbage Collection in Enclaves
Partitioning effectiveness + Performance
Conclusion
• Java workloads don’t fit into enclave programming paradigms
• Dynamic and polymorphic behaviors
• Monolithic runtimes and expensive resource management
• Civet: partitioning, refining and hardening with reachability analysis, deep type
checking, and enclave-specific runtime design.Evaluations
• No reviews until 30th April 10:00 CEST.
• Accepted at USENIX Security Symposium 2020.
• Here, we can talk about it. What do you think about the paper? Do you accept
it? What is the weaknesses and strenghs of the paper?
Thanks for listening. Any questions?Credits • https://www.usenix.org/system/files/sec20spring_tsai_prepub.pdf • https://www.cloudflare.com/learning/cloud/what-is- saas/#:~:text=Software%2Das%2Da%2DService%2C%20or%20SaaS%20for %20short,compatible%20device%20over%20the%20Internet. • https://en.wikipedia.org/wiki/Trusted_execution_environment • https://www.intel.com/content/www/us/en/architecture-and- technology/software-guard-extensions.html • https://www.usenix.org/system/files/sec20_slides_tsai.pdf
You can also read
