Kenji Nakashima
ABSTRACT
Recently, containers are widely used to process big data in clouds. To prevent information leakage from containers, applications in containers can protect sensitive information using enclaves provided by Intel SGX. The memory of enclaves is encrypted by a CPU using its internal keys. However, the execution of SGX applications cannot be continued after the container running those applications is migrated. This is because enclave memory cannot be correctly decrypted at the destination host. This paper proposes MigSGX for enabling the continuous execution of SGX applications after container migration. Since the states of enclaves cannot be directly accessed from the outside, MigSGX securely invokes each enclave and makes it dump and load its state. Atthe dump time, each enclave re-encrypts its state using a CPU-independent key to protect sensitive information. For space- and time-efficiency, MigSGX saves and restores a large amount of enclave memory in a pipelined manner. We have implemented MigSGX in the Intel SGX SDK and CRIU and showed that pipelining could improve migration performance by up to 52%. The memory necessary for migration was reduced only to 0.15%.
- Advanced Micro Devices, Inc. 2020. Secure Encrypted Virtualization API Version 0.24.Google Scholar
- Advanced Micro Devices, Inc. 2021. SEV Secure Nested Paging Firmware ABI Specification.Google Scholar
- F. Alder, A. Kurnikov, A. Paverd, and N. Asokan. 2018. Migrating SGX Enclaves with Persistent State. In Proceedings of the 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 195--206.Google Scholar
- Amazon Web Services, Inc. 2014. Amazon Elastic Container Service. Retrieved October 17, 2021 from https://aws.amazon.com/ecs/Google Scholar
- AppArmor Security Project. 1998. AppArmor. Retrieved October 17, 2021 from https://gitlab.com/apparmorGoogle Scholar
- Google LLC. 2015. Google Kubernetes Engine. Retrieved October 17, 2021 from https://cloud.google.com/kubernetes-engineGoogle Scholar
- J. Gu, Z. Hua, Y. Xia, H. Chen, B. Zang, H. Guan, and J. Li. 2017. Secure Live Migration of SGX Enclaves on Untrusted Cloud. In Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. 225--236.Google Scholar
- J. Guerreiro, R. Moura, and J. Silva. 2020. TEEnder: SGX enclave migration using HSMs. Computers & Security 96 (2020), 101874.Google ScholarCross Ref
- IBM Corp. 2020. IBM Cloud Data Shield. Retrieved October 17, 2021 from https://www.ibm.com/cloud/data-shieldGoogle Scholar
- Intel Corp. 2016. Intel Software Guard Extensions SDK for Linux. Retrieved October 17, 2021 from https://01.org/intel-softwareguard-extensionsGoogle Scholar
- F. McKeen, I. Alexandrovich, A. Berenzon, C. Rozas, H. Shafi, V. Shanbhogue, and U. Savagaonkar. 2013. Innovative Instructions and Software Model for Isolated Execution. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy. Google ScholarDigital Library
- Microsoft Corp. 2017. Azure Confidential Computing. Retrieved October 17, 2021 from https://azure.microsoft.com/en-us/solutions/confidential-compute/Google Scholar
- OpenVZ Team. [n.d.]. Compel. Retrieved October 17, 2021 from https://criu.org/CompelGoogle Scholar
- OpenVZ Team. [n.d.]. Diskless Migration. Retrieved October 17, 2021 from https://criu.org/Disk-less_migrationGoogle Scholar
- OpenVZ Team. 2012. CRIU. Retrieved October 17, 2021 from https://criu.org/Main_PageGoogle Scholar
- J. Park, S. Park, B. Kang, and K. Kim. 2019. eMotion: An SGX Extension for Migrating Enclaves. Computers & Security 80 (2019), 173--185.Google ScholarCross Ref
- J. Park, S. Park, J. Oh, and J. Won. 2016. Toward Live Migration of SGX-Enabled Virtual Machines. In Proceedings of World Congress on Services. 111--112.Google Scholar
- SELinux Project. 2000. SELinux Project. Retrieved October 17, 2021 from https://github.com/SELinuxProjectGoogle Scholar
- Y. Suzuki, H. Yamada, S. Kato, and K. Kono. 2017. GLoop: An Event-driven Runtime for Consolidating GPGPU Applications. In Proceedings of the 8th ACM Symposium on Cloud Computing. 80--93. Google ScholarDigital Library
- wolfSSL Inc. 2006. wolfSSL Embedded SSL/TLS Library. Retrieved October 17, 2021 from https://www.wolfssl.com/Google Scholar
- S. Yuhara, Y. Suzuki, and K. Kono. 2018. An Application Framework for Migrating GPGPU Cloud Applications. In Proceedings of the 2008 IEEE International Conference on Cloud Computing Technology and Science.Google Scholar
Index Terms
- MigSGX: a migration mechanism for containers including SGX applications
Recommendations
Intel Software Guard Extensions: Introduction and Open Research Challenges
SPRO '16: Proceedings of the 2016 ACM Workshop on Software PROtectionHardware-enhanced security is an important pillar of secure systems in general and software protection in particular. This presentation will survey the recently announced Intel Software Guard Extensions (Intel SGX) as well as innovative usages for ...
Cache Attacks on Intel SGX
EuroSec'17: Proceedings of the 10th European Workshop on Systems SecurityFor the first time, we practically demonstrate that Intel SGX enclaves are vulnerable against cache-timing attacks. As a case study, we present an access-driven cache-timing attack on AES when running inside an Intel SGX enclave. Using Neve and Seifert'...
SGXL: Security and Performance for Enclaves Using Large Pages
Intel’s SGX architecture offers clients of public cloud computing platforms the ability to create hardware-protected enclaves whose contents are protected from privileged system software. However, SGX relies on system software for enclave memory ...
Comments