SecureKeeper

Brenner, Stefan; Wulf, Colin; Goltzsche, David; Weichbrodt, Nico; Lorenz, Matthias; Fetzer, Christof; Pietzuch, Peter; Kapitza, Rüdiger

doi:10.1145/2988336.2988350

Cited by 95 publications

(14 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another class of attacks that we consider out-of-scope for this paper are side-channel attacks. While attackers might learn something about the computations performed by computation services by using a variety of side-channels such as for the sizes of network messages [35], the execution time of the computation [6,14,36], or other observable side-effects of the computations happening [8,9,26,45], we consider protection against such side-channel a separate and orthogonal topic, and we do not counter such attacks in our design. Furthermore we assume that any attack breaking the SGX security objectives are mitigated by future Intel microcode updates.…”

Section: Problem Statementmentioning

confidence: 99%

Securely deploying distributed computation systems on peer-to-peer networks

Vrancken

Piessens

Strackx

2019

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

View full text Add to dashboard Cite

More and more off-the-shelf processors support the dynamic construction of Trusted Execution Environments. For instance, Intel Software Guard Extensions (Intel SGX) supports the construction of so-called enclaves on modern Intel Core processors. Hence, it is interesting to design and evaluate practical security architectures that leverage this new technology. One of the possibilities of this new technology is that it enables deployment of traditional distributed applications that require a group of mutually trusting machines, on top of a group of mutually distrusting machines such as a peer-to-peer network. This paper proposes and evaluates an Intel SGX based approach to securely deploy a subset of distributed systems called distributed computation systems in a peer-to-peer fashion, with strong confidentiality and integrity guarantees and without modification of the original system. The approach is evaluated by applying it to distcc, a distributed compiler. This result of this process is a new program called p2pcc, a distributed peer-to-peer compiler. We created two different versions of p2pcc. In the first version, any process spawned on one of the untrusted peers runs in its own enclave, thus providing a very fine-grained form of isolation. Our evaluation shows that the performance cost on today's Intel SGX implementation is too high. The second version of p2pcc groups all processes running on behalf of the same user within the same enclave, thus providing coarser isolation, but still providing strong isolation on all security boundaries. Our evaluation shows that the second approach has good performance while providing strong security guarantees even on current SGX processors. Our results provide evidence that deploying existing distributed computation systems in a peer-to-peer fashion is practical. CCS CONCEPTS • Security and privacy → Distributed systems security; • Software and its engineering;

show abstract

Section: Problem Statementmentioning

confidence: 99%

Securely deploying distributed computation systems on peer-to-peer networks

Vrancken

Piessens

Strackx

2019

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

View full text Add to dashboard Cite

show abstract

“…While page swapping is supported, recent publications have shown a higher memory demand results in a severe performance penalty [5,11]. Thus, the memory demand of enclaves should be kept low.…”

Section: Intel Sgx Basicsmentioning

confidence: 99%

“…Additionally, it can enable secure execution of nearly or even totally unmodified legacy applications [5,34,12,8], help securing pub/-sub systems [31] and coordination services [11]. However, none of these works addresses client-side web applications enabling trusted execution of JavaScript code within commodity browsers.…”

Section: Introductionmentioning

confidence: 99%

TrustJS

Goltzsche

Wulf

Muthukumaran

et al. 2017

Proceedings of the 10th European Workshop on Systems Security

Self Cite

View full text Add to dashboard Cite

Client-side JavaScript has become ubiquitous in web applications to improve user experience and reduce server load. However, since clients are untrusted, servers cannot rely on the confidentiality or integrity of client-side JavaScript code and the data that it operates on. For example, client-side input validation must be repeated at server side, and confidential business logic cannot be offloaded. In this paper, we present TRUSTJS, a framework that enables trustworthy execution of security-sensitive JavaScript inside commodity browsers. TRUSTJS leverages trusted hardware support provided by Intel SGX to protect the client-side execution of JavaScript, enabling a flexible partitioning of web application code. We present the design of TRUSTJS and provide initial evaluation results, showing that trustworthy JavaScript offloading can further improve user experience and conserve more server resources.

show abstract

“…ese systems rely on the Java virtual machine (JVM) [36]. However, SGX currently imposes a hard memory limit of 128 MB to the enclaved code and data, at the cost of expensive encrypted memory paging mechanisms and serious performance overheads [26,41] when this limit is crossed. Moreover, executing a fully-functional JVM inside an SGX enclave would currently involve signi cant re-engineering e orts.…”

Section: Related Workmentioning

confidence: 99%

SecureStreams

Havet

Pires

Felber

et al. 2017

Proceedings of the 11th ACM International Conference on Distributed and Event-Based Systems

View full text Add to dashboard Cite

e growing adoption of distributed data processing frameworks in a wide diversity of application domains challenges end-to-end integration of properties like security, in particular when considering deployments in the context of large-scale clusters or multi-tenant Cloud infrastructures.is paper therefore introduces S S , a reactive middleware framework to deploy and process secure streams at scale. Its design combines the high-level reactive data ow programming paradigm with Intel®'s low-level so ware guard extensions (SGX) in order to guarantee privacy and integrity of the processed data. e experimental results of S S are promising: while o ering a uent scripting language based on L , our middleware delivers high processing throughput, thus enabling developers to implement secure processing pipelines in just few lines of code.

show abstract

SecureKeeper

Cited by 95 publications

References 20 publications

Securely deploying distributed computation systems on peer-to-peer networks

Securely deploying distributed computation systems on peer-to-peer networks

TrustJS

SecureStreams

Contact Info

Product

Resources

About