TEE-aided Write Protection Against Privileged Data Tampering

Zhao, Lianying; Mannan, Mohammad

doi:10.14722/ndss.2019.23197

Cited by 10 publications

(8 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Project Almanac [13] versions all files at the disk level to protect data from privileged malware. Inuksuk [36] uses Intel TXT and self-encryption disk (SED) to protect data by copying it to a protected partition. Inuksuk, like SGX-SSD, can selectively protect files in the disk.…”

Section: Related Workmentioning

confidence: 99%

A Policy-based Versioning SSD with Intel SGX

Ahn,

Lee,

Lee

et al. 2021

Preprint

View full text Add to dashboard Cite

Privileged malware neutralizes software-based versioning systems and destroys data. To counter this threat, a versioning solid-state drive (SSD) that performs versioning inside the SSD has been studied. An SSD is a suitable candidate for data versioning because it can preserve previous versions without additional copying, and provide high security with a very small trusted computing base (TCB). However, the versioning SSDs studied so far commonly use a full disk versioning method that preserves all file versions in a batch. This paper demonstrates that SSDs, which provide full disk versioning, can be exposed to data tampering attacks when the retention time of data is less than the malware's dwell time. To deal with this threat, we propose SGX-SSD, a policy-based per-file versioning SSD to keep a deeper history for only the important files of users. However, since the SSD isn't aware of a file semantic, and the versioning policy information should be securely received from the untrusted host computer, implementing the per-file versioning in SSD is a huge challenge. To solve this problem, SGX-SSD utilizes the Intel SGX and has a secure host interface to securely receive policy information (configuration values) from the user. Also, to solve the file semantic unawareness problem of the SSD, a piggyback module is designed to give a file hint at the host layer, and an algorithm for selective versioning based on the policy is implemented in the SSD. To prove our system, we prototyped SGX-SSD the Jasmine OpenSSD platform in Linux environment. In the experimental evaluation, we proved that SGX-SSD provides strong security with little additional overhead for selective per-file versioning.

show abstract

Section: Related Workmentioning

confidence: 99%

A Policy-based Versioning SSD with Intel SGX

Ahn,

Lee,

Lee

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…IPFS may detect the data tampered when reading it, but cannot prevent it. Figure 2(b) shows the fresh data attack surface in Inuksuk [30]. Secure Encryption Disk (SED) in Inuksuk is composed of normal partition and secure partition.…”

Section: Motivationmentioning

confidence: 99%

“…In order to prevent such ransomware and wiper attacks, various studies such as IPFS [9], Pesos Object Store [16], and Inuksuk [30] have been conducted [9,16,30]. These systems make a process space a Trusted Execution Environment (TEE) [27] to defend against the aforementioned data tampering attacks.…”

mentioning

confidence: 99%

“…Unlike IPFS, Pesos [16] and Inuksuk [30] use a host's side TEE and a storage device together to protect data. They use a storage device to perform the authentication procedure internally for writing files.…”

mentioning

confidence: 99%

“…Inuksuk [30], on the other hand, creates a secure zone on disk and allows users to selectively store files in that secure area. In Inuksuk, the disk can be partitioned into two regions -non-secure and secure zones.…”

mentioning

confidence: 99%

See 2 more Smart Citations

DISKSHIELD: A Data Tamper-Resistant Storage for Intel SGX

Ahn

Lee

et al. 2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

With the increasing importance of data, the threat of malware which destroys data has been increasing. If malware acquires the highest software privilege, any attempt to detect and remove malware can be disabled. In this paper, we propose DiskShield, a secure storage framework. DiskShield uses Intel SGX to provide Trusted Execution Environment (TEE) to the host, implements the file system into SSD firmware that provides a Trusted Computing Base (TCB), and uses a two-way authentication mechanism to securely transfer data from the host TEE to the SSD TCB against data tampering attacks. This design frees DiskShield from attacks to the kernel. To show the efficacy of DiskShield, we prototyped a DiskShield system by modifying Intel IPFS and developing a device file system on the Jasmine OpenSSD Platform in a Linux environment. Our results show that DiskShield provides strong data tamper resistance the throughput of read and write is on average to 28%, 19% lower than IPFS.

show abstract