apps apps ram ring 0 2 os hypervisor os hypervisor remote
play

! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor - PowerPoint PPT Presentation

May 28, 2023 •282 likes •599 views

Keystone : An Open Framework for Architecting Trusted Execution Environments Dayeol Lee , David Kohlbrenner, Shweta Shinde, Krste Asanovic, Dawn Song Dept. of Electrical Engineering and Computer Sciences University of California, Berkeley

  1. Keystone : An Open Framework for Architecting Trusted Execution Environments Dayeol Lee , David Kohlbrenner, Shweta Shinde, Krste Asanovic, Dawn Song Dept. of Electrical Engineering and Computer Sciences University of California, Berkeley

  2. Trusted Execution Environments (TEEs) Other Sensitive Other Other Ring 3 Integrity Confidentiality Apps App ! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Remote Attestation Protected Trusted Memory Untrusted “Enclave” Trustworthy Hardware Keystone: an Open Framework for Architecting Trusted Execution Environments 2

  3. Trusted Execution Environments (TEEs) Other Sensitive Other Other Ring 3 Integrity Confidentiality Apps App ! Apps Apps RAM ! Ring 0 - 2 OS / Hypervisor OS / Hypervisor Reducing Trusted Computing Base (TCB) Remote Attestation Trusted Protected Memory Untrusted Trustworthy Hardware Keystone: an Open Framework for Architecting Trusted Execution Environments 3

  4. Challenges in Existing TEEs Security SGX TrustZone SEV Functionality Performance Keystone: an Open Framework for Architecting Trusted Execution Environments 4

  5. Challenges in Existing TEEs Security SGX TrustZone Fixed Design Decisions SEV Functionality Performance Keystone: an Open Framework for Architecting Trusted Execution Environments 5

  6. Challenges in Existing TEEs Security Closed-Source Hardware SGX TrustZone Fixed Design Decisions SEV Functionality Performance Keystone: an Open Framework for Architecting Trusted Execution Environments 6

  7. Technical Contributions q Keystone: Customizable RISC-V TEEs Fine-Grained Modular Minimal No µarch Configuration Extensions TCB Modification q Framework q Open-Source Ø Extensive benchmarking Ø Full-stack available Ø Real-world applications Ø Community-driven efforts Ø Multi-platform deployment Ø TEE verification & research Keystone: an Open Framework for Architecting Trusted Execution Environments 7

  8. Keystone Architecture and Trust Model Trusted User Higher Privilege (U-mode) Supervisor C0 C1 C2 C3 (S-mode) Root of Trust ! Machine (M-mode) Optional HW Trusted Hardware Keystone: an Open Framework for Architecting Trusted Execution Environments 8

  9. Keystone Architecture and Trust Model Trusted Enclave Enclave User App App App App App App Higher Privilege (U-mode) Supervisor OS Runtime Runtime (S-mode) Machine Security Monitor (SM) (M-mode) Trusted C C C C 0 1 2 3 Hardware Root of Trust ! Optional HW Keystone: an Open Framework for Architecting Trusted Execution Environments 9

  10. Keystone Architecture and Trust Model Enclave Enclave User App App App App App App (U-mode) Supervisor OS Runtime Runtime (S-mode) Machine Security Monitor (SM) (M-mode) Hardware-Enforced and Software-Defined Isolation Keystone: an Open Framework for Architecting Trusted Execution Environments 10

  11. Enclave App App Memory Isolation via RISC-V PMP App App App OS Runtime Entries Accessibility defined by each entry Security Monitor (SM) PMP0 Accessibility Higher Priority PMP1 Can Can’t PMP2 Undefined … PMP7 SM Enclave 1 Enclave 2 Physical Memory Keystone: an Open Framework for Architecting Trusted Execution Environments 11

  12. Enclave App App Memory Isolation via RISC-V PMP App App App OS Runtime Entries Accessibility defined by each entry Security Monitor (SM) PMP0 Accessibility Higher Priority PMP1 Can Can’t PMP2 Undefined … PMP7 SM Enclave 1 Enclave 2 Physical Memory Keystone: an Open Framework for Architecting Trusted Execution Environments 12

  13. Keystone Architecture and Trust Model Enclave Enclave User App App App App App App (U-mode) Supervisor OS Runtime Runtime (S-mode) Machine Security Monitor (SM) (M-mode) What Does Keystone Runtime Do? Keystone: an Open Framework for Architecting Trusted Execution Environments 13

  14. What does Keystone Runtime Do? User App Enclave App App (U-mode) " $ Supervisor OS Runtime (S-mode) ⚙ % Machine ! Security Monitor (SM) (M-mode) Keystone: an Open Framework for Architecting Trusted Execution Environments 14

  15. What does Keystone Runtime Do? User App Enclave App seL4 App App (U-mode) Interface Interface Supervisor OS Runtime (S-mode) Machine Security Monitor (SM) (M-mode) Keystone: an Open Framework for Architecting Trusted Execution Environments 15

  16. What does Keystone Runtime Do? User App Enclave App seL4 App App (U-mode) paging freemem Supervisor OS (S-mode) I/O syscall libc Machine Security Monitor (SM) (M-mode) Keystone: an Open Framework for Architecting Trusted Execution Environments 16

  17. Memory Management in Keystone ! = untrusted " = page table ⚙ = management Enclave Enclave " App App Enclave App Eapp RT " ⚙ OS " ⚙ Monitor ⚙ OS OS Security Monitor Intel SGX ARM TrustZone Intel SGX Komodo Keystone q Enclave self resource management (e.g., dynamic memory resizing) q Various memory protection mechanisms Keystone: an Open Framework for Architecting Trusted Execution Environments 17

  18. Various Memory Protection Mechanisms Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 18

  19. Various Memory Protection Mechanisms Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption Baseline Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 19

  20. Various Memory Protection Mechanisms " Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption Cache Partitioning Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 20

  21. Various Memory Protection Mechanisms " " Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption On-Chip Enclave Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 21

  22. Various Memory Protection Mechanisms " " Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption Software Encryption Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 22

  23. Various Memory Protection Mechanisms Hardware Cache On-Chip Software Baseline Encryption Partitioning Enclave Encryption Adversary ⚫ ⚫ ⚫ ⚫ ⚫ SW ⚫ ⚫ ⚫ ⚫ Cache SC ⚫ ⚫ ⚫ HW Keystone: an Open Framework for Architecting Trusted Execution Environments 23

  24. Evaluation q Security Analysis Ø Keystone enclave defends various adversary models q Modularity Analysis Ø Keystone supports fine-grained and modular configuration q Trusted Computing Base Analysis Ø Various of real-world applications with a few thousands of LoC q Performance Analysis Ø Security Monitor Overhead Ø Runtime Overhead Ø Cost of Memory Protection Mechanisms Keystone: an Open Framework for Architecting Trusted Execution Environments 24

  25. Evaluation q Security Analysis Ø Keystone enclave defends various adversary models q Modularity Analysis Please check our paper! Ø Keystone supports fine-grained and modular configuration q Trusted Computing Base Analysis Ø Various of real-world applications with less than thousands of LoC q Performance Analysis Ø Security Monitor Overhead Ø Runtime Overhead Ø Cost of Memory Protection Mechanisms Keystone: an Open Framework for Architecting Trusted Execution Environments 25

  26. Runtime Overhead: Memory Management 600 base (other) keyst (other) keyst-dyn (other) base (user) keyst (eapp) keyst-dyn (eapp) Latency (s) 400 200 0 wLderesnet resnext29 LnceptLonv3 resnet50 densenet vgg19 resnet110 squeezenet lenet q Execution overhead q Torch benchmark Ø Min -3.12% (LeNet) Ø Unmodified NN inference Ø Max 7.35% (DenseNet) q Initialization overhead q Dynamic memory resizing Ø Enclave measurement (SHA3) Ø No noticeable overhead Keystone: an Open Framework for Architecting Trusted Execution Environments 26

  27. Cost of Memory Protection Mechanisms O n-chip Execution C ache Partitioning Self P aging Software E ncryption Cache On-Chip Software Baseline Partitioning Enclave Encryption Keystone: an Open Framework for Architecting Trusted Execution Environments 27

  28. Cost of Memory Protection Mechanisms O n-chip Execution C ache Partitioning Self P aging Software E ncryption Keystone: an Open Framework for Architecting Trusted Execution Environments 28

  29. Conclusion q Introduced Keystone, a customizable framework for TEEs q Modular design with fine-grained customizability q Useful for building TEEs for different threat models, functionality, and performance requirements q Keystone is fully open-source under BSD 3-Clause Ø https://keystone-enclave.org Keystone: an Open Framework for Architecting Trusted Execution Environments 29

  30. Thank You! Keystone: an Open Framework for Architecting Trusted Execution Environments 30

Recommend

Trusted Hardware Sai Krishna Deepak Maram, CS 6410 Move to a Cloud-based model User apps User

Trusted Hardware Sai Krishna Deepak Maram, CS 6410 Move to a Cloud-based model User apps User

Trusted Hardware Sai Krishna Deepak Maram, CS 6410 Move to a Cloud-based model User apps User apps PaaS Software Software Cloud Provider manages the Hypervisor Hypervisor stack OS OS Move to a Cloud-based model Privileged User apps

591 views • 28 slides
To Towards End-to to-en end TEE Ve Verification with Keystone Shweta Shinde UC Berkeley

To Towards End-to to-en end TEE Ve Verification with Keystone Shweta Shinde UC Berkeley

To Towards End-to to-en end TEE Ve Verification with Keystone Shweta Shinde UC Berkeley TEEs reduce the Trusted Computing Base Web Other Server Apps Operating Enclave Systems RAM Ring 3 10 MLOC OS / Hypervisor CVEs in Linux

639 views • 19 slides
Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Roberto Guanciale Estonian Winter School Day 02 Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations Apps Crypto Service OS Hypervisor/ Separation Kernel Hardware Host 1 Motivations Separation

850 views • 63 slides
Small Business Apps WHAT ARE MOBI LE APPS ? W h a t are mob i le apps ? A little bit of

Small Business Apps WHAT ARE MOBI LE APPS ? W h a t are mob i le apps ? A little bit of

WELCOME Small Business Apps WHAT ARE MOBI LE APPS ? W h a t are mob i le apps ? A little bit of information An App is a piece of so ware (a program) that needs to be installed on Mobile Apps are device specific, meaning that an App that runs

268 views • 12 slides
Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi,

Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi,

Hyper-Cube High-Dimensional Hypervisor Fuzzing Sergej Schumilo, Cornelius Aschermann, Ali Abbasi, Simon Wrner and Thorsten Holz Chair for Systems Security Ruhr-Universitt Bochum Motivation Hypervisor Motivation Hypervisor VM 1 VM 2

688 views • 53 slides
Boxing them in Buggy apps can crash other apps The Kernel App 1 App 2 App 3 Buggy apps can

Boxing them in Buggy apps can crash other apps The Kernel App 1 App 2 App 3 Buggy apps can

Boxing them in Buggy apps can crash other apps The Kernel App 1 App 2 App 3 Buggy apps can crash OS wants to be your friend Buggy apps can hog all resources Operating System Malicious apps can violate Reading and writing memory, privacy

548 views • 17 slides
Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori

Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori

Using the Xen Hypervisor to Turbocharge OS Deployment Mike D. Day Ryan Harper Anthony Liguori Andrew Theurer Michael Hohnbaum Real-world Hypervisor Applications Make more efficient use of expensive hardware Server Consolidation

633 views • 24 slides
Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture

Enhance protection from security bugs in the Xen hypervisor Anthony PERARD Xen architecture Dom0 VMs QEMU Xen Scheduler MMU vPIC Memory CPUs I/O HW Emulation in hypervisor For performance Examples: Interrupt controller

859 views • 20 slides
Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer April 24, 2008 USE IMPROVE

Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer April 24, 2008 USE IMPROVE

USE IMPROVE EVANGELIZE Sun TM xVM Hypervisor Gary Pennington Solaris Kernel Engineer April 24, 2008 USE IMPROVE EVANGELIZE Agenda Hypervisors 101 Introduction to Sun TM xVM Hypervisor Use Cases Using the hypervisor

731 views • 36 slides
F ROM WEBSITES TO APPS , AND NOW FROM APPS TO CHATBOTS ? A NTNIO B RANCO FROM APPS TO CHATBOTS

F ROM WEBSITES TO APPS , AND NOW FROM APPS TO CHATBOTS ? A NTNIO B RANCO FROM APPS TO CHATBOTS

F ROM WEBSITES TO APPS , AND NOW FROM APPS TO CHATBOTS ? A NTNIO B RANCO FROM APPS TO CHATBOTS CEO of large social network in annual development conference 2 months ago Shared vision for next 2 decades: past : with advent of PCs, companies

498 views • 14 slides
The Kernel wants to be your friend Boxing them in Buggy apps can crash other apps App 1 App 2

The Kernel wants to be your friend Boxing them in Buggy apps can crash other apps App 1 App 2

The Kernel wants to be your friend Boxing them in Buggy apps can crash other apps App 1 App 2 App 3 Buggy apps can crash OS Buggy apps can hog all resources Operating System Malicious apps can violate Reading and writing memory, privacy

1.15k views • 67 slides
Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare

Virtualization. A dream within a dream Type 1 Virtualization Hypervisor run on bare metal. Dedicated virtualization machine. Higher performance. Typical for servers. Type 2 Virtualization Hypervisor sits on

571 views • 17 slides
By: Taylor Thomas & Ashley Fischer There are apps for just about EVERYTHING! There are

By: Taylor Thomas & Ashley Fischer There are apps for just about EVERYTHING! There are

By: Taylor Thomas & Ashley Fischer There are apps for just about EVERYTHING! There are new apps being developed and posted everyday. Some of the best apps you will ever find are FREE! There are two ways to download apps for

606 views • 38 slides
Adaptive Progressive Web Apps PWA Progressive Web Apps are just great websites that can behave

Adaptive Progressive Web Apps PWA Progressive Web Apps are just great websites that can behave

Adaptive Progressive Web Apps PWA Progressive Web Apps are just great websites that can behave like native apps Progressive Web Apps are just great apps, powered by Web technologies and delivered with Web infrastructure.

454 views • 32 slides
Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing

Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing

Reverse Engineering by Crayon: Game Changing Hypervisor and Visualization Analysis Game Changing Hypervisor Based Malware Analysis and Visualization Danny Quist Danny Quist Lorie Liebrock New Mexico Tech Computer Science Dept. Offensive

898 views • 64 slides
2015-16 Results: Thank You! Goal = 415,000 apps Actual = 427,695 apps $30,000 in

2015-16 Results: Thank You! Goal = 415,000 apps Actual = 427,695 apps $30,000 in

More Than a Meal Campaign 2016-17 Two applications, one deadline, many student resources 2015-16 Results: Thank You! Goal = 415,000 apps Actual = 427,695 apps $30,000 in recognition awards $60M/3 yrs in new revenue to the

345 views • 10 slides
All About Apps Well cover... Whats an app? What are app permissions? What do

All About Apps Well cover... Whats an app? What are app permissions? What do

All About Apps Well cover... Whats an app? What are app permissions? What do companies gain by getting your permission? Typical permissions requested by apps How to check up on apps already on your phone App safety

134 views • 11 slides
in Android apps Shin Hwei Zhen Xiang Abhik Tan Dong Gao Roychoudhury 2 Prevalence of

in Android apps Shin Hwei Zhen Xiang Abhik Tan Dong Gao Roychoudhury 2 Prevalence of

Repairing crashes in Android apps Shin Hwei Zhen Xiang Abhik Tan Dong Gao Roychoudhury 2 Prevalence of Mobile Apps App Store Google Play Launched with 500 apps. 3.5 millions apps By July 17, 10 millions available for download apps

518 views • 22 slides
On the Road: Websites and Apps for Travel Loading the Right Apps Lets you get the most out

On the Road: Websites and Apps for Travel Loading the Right Apps Lets you get the most out

On the Road: Websites and Apps for Travel Loading the Right Apps Lets you get the most out of your vacation Helps you avoid missing important sites Eliminates confusion while travelling Keeps you connected to home Tips for

971 views • 39 slides
Mobile Apps INFM 603 Week 10 Agenda Questions Mobile Apps HCI Project

Mobile Apps INFM 603 Week 10 Agenda Questions Mobile Apps HCI Project

Mobile Apps INFM 603 Week 10 Agenda Questions Mobile Apps HCI Project discussions Native Apps Live on device Access to all device features GPS, accelerometer, compass, list of contacts Written for specific

654 views • 38 slides
Build beautiful native apps in record time with flutter Eduardo Telaya - CTO / Software

Build beautiful native apps in record time with flutter Eduardo Telaya - CTO / Software

Build beautiful native apps in record time with flutter Eduardo Telaya - CTO / Software Architect / Drupal Developer Agenda Context about Apps Native apps Web apps Hybrid apps Whats flutter? Whos

2.59k views • 42 slides
STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century

STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century

STROLLING INTO RING-0 via i/o kit drivers @patrickwardle WHOIS security for the 21st century leverages the best combination of humans and technology to discover security vulnerabilities in our customers web apps, mobile apps, IoT

648 views • 47 slides
Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM

Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM

Introduction to KVM By Sheng-wei Lee swlee@swlee.org #20110929 Outline Hypervisor - KVM virt-manager Libvirt Migration How to install KVM. Bridged Networking Virsh How to new a VM How to adjust the setting of

833 views • 37 slides
The Age of Healthcare Consumerisation : Wearables, Health Apps, Remote Patient Monitoring and

The Age of Healthcare Consumerisation : Wearables, Health Apps, Remote Patient Monitoring and

IAPP Data Protection Intensive London 15 April 2015 The Age of Healthcare Consumerisation : Wearables, Health Apps, Remote Patient Monitoring and Health Data Presented By: Ryan P. Blaney, Esq. Washington, DC rblaney@cozen.com Agenda

962 views • 56 slides

More recommend