Abstract
In recent years, there has been a rise in the use of confidential computing as a new computing paradigm that enables privacy-preserving computation on sensitive and regulated data. This approach relies heavily on hardware-based Trusted Execution Environments (TEE), which establish isolated regions for data processing within a protected CPU region. Currently, a variety of TEEs (such as p-enclave in HyperEnclave and AMD SEV) support privilege separation and running a fully-fledged operating system within the confidential Virtual Machines (VMs). However, running a fully-fledged operating system inevitably increases the trusted computing base (TCB), making it challenging to conduct security verification.
To address the problem, this paper studies the cases when complex OS services (such as device drivers and networking etc.) are removed from the confidential VM, and presents DomainIsolation, a page table based lightweight and efficient isolation scheme. We show that DomainIsolation enhances both the security and performance of enclave applications through several case studies, including confinement for untrusted libraries, fine-grained data protection, and fast communication. We have integrated DomainIsolation with the Occlum library OS, Enarx and ported several real-world applications. The evaluations on common benchmarks and applications (such as NBench, Lighttpd, Redis and OpenSSL) show that DomainIsolation only introduces a low overhead (<2% in most cases).
This work is supported by the National Natural Science Foundation of China (Grant No. 62272452), Ant Group and Henan Key Laboratory of Network Cryptography Technology (No. LNCT2020-A03).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Since they support the same process-based TEE model as Intel SGX, we still refer to the TEE’s isolated regions as enclaves for simplicity.
- 2.
Keep is Enarx’s term for TEE instances, such as enclaves.
References
Enarx: Confidential computing with webassembly. https://github.com/enarx/enarx/. Accessed 28 Mar 2023
Webassembly micro runtime. https://github.com/bytecodealliance/wasm-micro-runtime/. Accessed 13 Oct 2022
Lighttpd (2021). https://www.lighttpd.net
Redis (2022). https://redis.io
Alves, T., Felton, D.: Trustzone: integrated hardware and software security. White paper (2004)
ARM: Arm Confidential Compute Architecture (2020). https://www.arm.com/why-arm/architecture/security-features/arm-confidential-compute-architecture
Bell, D.E., LaPadula, L.J.: Secure computer systems: mathematical foundations. Technical report, MITRE CORP, Bedford, MA (1973)
bytecodealliance: wasmtime. https://github.com/bytecodealliance/wasmtime
cesanta: mongoose. https://github.com/cesanta/mongoose/tree/6.15/
Cooper, B.F., Silberstein, A., Tam, E., Ramakrishnan, R., Sears, R.: Benchmarking cloud serving systems with YCSB. In: Proceedings of the 1st ACM Symposium on Cloud Computing, pp. 143–154 (2010)
Gruss, D.: Software-based microarchitectural attacks. IT-Inf. Technol. 60(5–6), 335–341 (2018)
Gu, J., et al.: Enclavisor: a hardware-software co-design for enclaves on untrusted cloud. IEEE Trans. Comput. 70(10), 1598–1611 (2020)
Gu, J., Zhu, B., Li, M., Li, W., Xia, Y., Chen, H.: A hardware-software co-design for efficient intra-enclave isolation. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 3129–3145 (2022)
Halderman, J.A., et al.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009)
Hunt, G.D., et al.: Confidential computing for openpower. In: Proceedings of the Sixteenth European Conference on Computer Systems, pp. 294–310 (2021)
HyperEnclave: atc22-ae. https://github.com/HyperEnclave/atc22-ae
Intel: Intel Trust Domain Extensions (2020). https://software.intel.com/content/dam/develop/external/us/en/documents/tdxwhitepaper-v4.pdf
Jia, Y., et al.: HyperEnclave: an open and cross-platform trusted execution environment. In: 2022 USENIX Annual Technical Conference (USENIX ATC 2022), pp. 437–454 (2022)
Kaplan, D., Powell, J., Woller, T.: AMD memory encryption. White paper (2016)
Kocher, P., et al.: Spectre attacks: exploiting speculative execution. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 1–19. IEEE (2019)
Lee, D., Kohlbrenner, D., Shinde, S., Asanović, K., Song, D.: Keystone: an open framework for architecting trusted execution environments. In: Proceedings of the Fifteenth European Conference on Computer Systems, pp. 1–16 (2020)
Markettos, A.T., et al.: Thunderclap: exploring vulnerabilities in operating system IOMMU protection via DMA from untrustworthy peripherals (2019)
Mayer, U.F.: Linux/Unix nbench (2017). https://www.math.utah.edu/mayer/linux/bmark.html
McKeen, F., et al.: Innovative instructions and software model for isolated execution. Hasp Isca 10(1) (2013)
Oleksenko, O., Kuvaiskii, D., Bhatotia, P., Felber, P., Fetzer, C.: Intel MPX explained: a cross-layer analysis of the intel MPX system stack. Proc. ACM Measur. Anal. Comput. Syst. 2(2), 1–30 (2018)
OpenSSL: OpenSSL. https://www.openssl.org/
OpenSSL: OpenSSL-1.0.1e. https://ftp.openssl.org/source/old/1.0.1/openssl-1.0.1e.tar.gz
Park, J., Kang, N., Kim, T., Kwon, Y., Huh, J.: Nested enclave: supporting fine-grained hierarchical isolation with SGX. In: 2020 ACM/IEEE 47th Annual International Symposium on Computer Architecture (ISCA), pp. 776–789. IEEE (2020)
Shen, Y., et al.: Occlum: secure and efficient multitasking inside a single enclave of Intel SGX. In: Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 955–970 (2020)
Tsai, C.C., Porter, D.E., Vij, M.: Graphene-SGX: a practical library OS for unmodified applications on SGX. In: 2017 USENIX Annual Technical Conference (USENIXATC 2017), pp. 645–658 (2017)
Wang, H., et al.: Towards memory safe enclave programming with rust-SGX. Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (2019)
Wang, W., Liu, W., Chen, H., Wang, X., Tian, H., Lin, D.: Trust beyond border: lightweight, verifiable user isolation for protecting in-enclave services. IEEE Trans. Dependable Secure Comput. (2021)
Wikipedia: Heartbleed. https://en.wikipedia.org/wiki/Heartbleed
Wikipedia: Intel MPX. https://en.wikipedia.org/wiki/Intel_MPX
Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: 2015 IEEE Symposium on Security and Privacy, pp. 640–656. IEEE (2015)
Zhao, S., Li, M., Zhangyz, Y., Lin, Z.: vSGX: virtualizing SGX enclaves on AMD SEV. In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 321–336. IEEE (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Appendix
A Appendix
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ruan, W., Wang, W., Liu, S., Duan, R., Yan, S. (2023). DomainIsolation: Lightweight Intra-enclave Isolation for Confidential Virtual Machines. In: Yung, M., Chen, C., Meng, W. (eds) Science of Cyber Security . SciSec 2023. Lecture Notes in Computer Science, vol 14299. Springer, Cham. https://doi.org/10.1007/978-3-031-45933-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-45933-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-45932-0
Online ISBN: 978-3-031-45933-7
eBook Packages: Computer ScienceComputer Science (R0)