research-article

Attesting AMD SEV-SNP Virtual Machines with SPIRE

Authors:

Fernando Silva,

Eduardo Falcão,

Andrey BritoAuthors Info & Claims

LADC '23: Proceedings of the 12th Latin-American Symposium on Dependable and Secure Computing

Pages 1 - 10

https://doi.org/10.1145/3615366.3615419

Published: 17 October 2023 Publication History

Abstract

SPIRE is an open-source project that enables the provisioning of verifiable identities to software components based on an attestation of the software properties, avoiding the leakage risks of pre-provisioned secrets. This paper presents an implementation of a SPIRE plugin that enables the attestation of AMD SEV-SNP confidential virtual machines. Our approach leverages the pluggable architecture from SPIRE and depends only on minor changes to QEMU, changes taken from its open-source community, and that should soon be merged. As a result, application providers can now use SPIRE to restrict sensitive credentials to be available only to services in environments protected from malicious hosts and cloud operators using AMD SEV-SNP technology. Our experiments show that the steps needed to create and attest the confidential VM do not prohibitively increase boot times (from 10.8 to 20.9 seconds) and that confidential VMs with encrypted disks only slightly degrade the CPU and RAM performance (about ) of unmodified applications.

References

[1]

AMD. 2020. AMD SEV-SNP: Strengthening VM Isolation with Integrity Protection and More. Technical Report.

[2]

AMD. 2022. SEV Secure Nested Paging Firmware ABI Specification. Technical Report.

[3]

AMD. 2023. AMD SEV-TIO: Trusted I/O for Secure Encrypted Virtualization. Technical Report.

[4]

W. Arthur and D. Challener. 2015. A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security. Apress.

[5]

Victor Costan and Srinivas Devadas. 2016. Intel sgx explained.IACR Cryptol. ePrint Arch. 2016, 86 (2016), 1–118.

[6]

Jordi Cucurull and Sandra Guasch. 2014. Virtual TPM for a secure cloud: fallacy or reality? (2014).

[7]

Cybersecurity and Infrastructure Security Agency. 2021. SECURITY GUIDANCE FOR 5G CLOUD INFRASTRUCTURES - Part II: Securely Isolate Network Resources. https://www.cisa.gov/sites/default/files/publications/Security_Guidance_For_5G_Cloud_Infrastructures_Part_II_Updated_508_Compliant.pdf. Accessed: 2023-05-13.

[8]

Cybersecurity and Infrastructure Security Agency. 2023. Zero Trust Maturity Model. https://www.cisa.gov/zero-trust-maturity-model. Accessed: 2023-05-13.

[9]

Eduardo Falcão, Matteus Silva, Ariel Luz, and Andrey Brito. 2022. Supporting Confidential Workloads in SPIRE. In 2022 IEEE International Conference on Cloud Computing Technology and Science (CloudCom). 186–193. https://doi.org/10.1109/CloudCom55334.2022.00035

[10]

Daniel Feldman, Emily Fox, Evan Gilman, Ian Haken, Frederick Kautz, Umair Khan, Max Lambrecht, Brandon Lum, Agustín M. Fayó, Eli Nesterov, Andres Vega, and Michael Wardrop. 2020. Solving the Bottom Turtle: a SPIFFE way to establish trust in your infrastructure via universal identity.

[11]

Dennis Gannon, Roger Barga, and Neel Sundaresan. 2017. Cloud-Native Applications. IEEE Cloud Computing 4, 5 (2017), 16–21. https://doi.org/10.1109/MCC.2017.4250939

[12]

ITU-T Study Group 17. 2023. Determined new Recommendation ITU-T X.1644 (X.sgdc): Security Guidelines for distributed cloud. https://spiffe.io/docs/latest/spire-about/spire-concepts/.

[13]

Joseph R. Biden Jr.2021. Improving the nation’s cybersecurity. National Archives and Records Administration, College Park, MD, USA, Executive order 14028. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/. Accessed: 2023-05-13.

[14]

Hagen Lauer, Amin Sakzad, Carsten Rudolph, and Surya Nepal. 2019. Bootstrapping Trust in a "Trusted" Virtualized Platform. In Proceedings of the 1st ACM Workshop on Workshop on Cyber-Security Arms Race (London, United Kingdom) (CYSARM’19). Association for Computing Machinery, New York, NY, USA, 11–22. https://doi.org/10.1145/3338511.3357347

Digital Library

[15]

Mengyuan Li, Luca Wilke, Jan Wichelmann, Thomas Eisenbarth, Radu Teodorescu, and Yinqian Zhang. 2022. A Systematic Look at Ciphertext Side Channels on AMD SEV-SNP. In 2022 IEEE Symposium on Security and Privacy (SP). 337–351. https://doi.org/10.1109/SP46214.2022.9833768

[16]

Mengyuan Li, Yinqian Zhang, Zhiqiang Lin, and Yan Solihin. 2019. Exploiting Unprotected I/O Operations in AMD’s Secure Encrypted Virtualization. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1257–1272. https://www.usenix.org/conference/usenixsecurity19/presentation/li-mengyuan

[17]

Wojciech Ozga, Do Le Quoc, and Christof Fetzer. 2021. TRIGLAV: Remote Attestation of the Virtual Machine’s Runtime Integrity in Public Clouds. In 2021 IEEE 14th International Conference on Cloud Computing (CLOUD). 1–12. https://doi.org/10.1109/CLOUD53861.2021.00013

[18]

Bryan Parno. 2008. Bootstrapping Trust in a "Trusted" Platform. In Proceedings of the 3rd Conference on Hot Topics in Security (San Jose, CA) (HOTSEC’08). USENIX Association, USA, Article 9, 6 pages.

Digital Library

[19]

Scott Rose, Oliver Borchert, Stuart Mitchell, and Sean Connelly. 2020. Zero Trust Architecture. Technical Report NIST Special Publication (SP). National Institute of Standards and Technology, Gaithersburg, MD. https://doi.org/10.6028/NIST.SP.800-207

[20]

SPIFFE. 2023. SPIRE Concepts. https://www.itu.int/md/T22-SG17-R-0021/en. Accessed: 2023-09-06.

[21]

Marcela Tassyany, Ramon Sarmento, Eduardo Falcão, Reinaldo Gomes, and Andrey Brito. 2021. Um Mecanismo de aprovisionamento de Identidades para Microsserviços Baseado na Integridade do Ambiente de Execução. In Anais do XXXIX Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos (Uberlândia). SBC, Porto Alegre, RS, Brasil, 714–727. https://doi.org/10.5753/sbrc.2021.16758

[22]

Rory Ward and Betsy Beyer. 2014. BeyondCorp: A new approach to enterprise security. (2014). https://storage.googleapis.com/pub-tools-public-publication-data/pdf/43231.pdf.

Cited By

Pontes DSilva FMelo AFalcão EBrito A(2024)Interoperable node integrity verification for confidential machines based on AMD SEV-SNPJournal of Internet Services and Applications10.5753/jisa.2024.390515:1(179-193)Online publication date: 25-Jul-2024
https://doi.org/10.5753/jisa.2024.3905
Pontes DSilva FMelo AAsadujjaman AFalcão EBrito AFilho C(2024)Multi-Platform and Vault-Free Attestation of Confidential VMsProceedings of the 13th Latin-American Symposium on Dependable and Secure Computing10.1145/3697090.3698036(241-251)Online publication date: 26-Nov-2024
https://dl.acm.org/doi/10.1145/3697090.3698036
Reichert BObelheiro R(2024)IT-SPIRE: Improving the Resilience of the SPIFFE/SPIRE Architecture with an Intrusion-Tolerant ServerProceedings of the 13th Latin-American Symposium on Dependable and Secure Computing10.1145/3697090.3697108(252-261)Online publication date: 26-Nov-2024
https://dl.acm.org/doi/10.1145/3697090.3697108
Show More Cited By

Index Terms

Attesting AMD SEV-SNP Virtual Machines with SPIRE
1. Security and privacy
  1. Systems security
    1. Distributed systems security
    2. Operating systems security
      1. Trusted computing
      2. Virtualization and security

Recommendations

Trustworthy confidential virtual machines for the masses
Middleware '23: Proceedings of the 24th International Middleware Conference

Confidential computing alleviates the concerns of distrustful customers by removing the cloud provider from their trusted computing base and resolves their disincentive to migrate their workloads to the cloud. This is facilitated by new hardware ...
Multi-Platform and Vault-Free Attestation of Confidential VMs
LADC '24: Proceedings of the 13th Latin-American Symposium on Dependable and Secure Computing
Confidential virtual machine (CVM) offers are increasing among most cloud providers and provide additional confidentiality and integrity features. Nevertheless, performing remote attestation of CVMs is not trivial. The integrity and confidentiality ...
Hecate: Lifting and Shifting On-Premises Workloads to an Untrusted Cloud
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Despite the recent exponential growth in cloud adoption, businesses that handle sensitive data (e.g., health and financial sectors) are hesitant to migrate their on-premises IT infrastructure to the public cloud due to the lack of trust on the cloud ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

LADC '23: Proceedings of the 12th Latin-American Symposium on Dependable and Secure Computing

October 2023

242 pages

ISBN:9798400708442

DOI:10.1145/3615366

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 October 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

HPE and EMBRAPII

Conference

LADC 2023

LADC 2023: 12th Latin-American Symposium on Dependable and Secure Computing

October 16 - 18, 2023

La Paz, Bolivia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
156
Total Downloads

Downloads (Last 12 months)100
Downloads (Last 6 weeks)13

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pontes DSilva FMelo AFalcão EBrito A(2024)Interoperable node integrity verification for confidential machines based on AMD SEV-SNPJournal of Internet Services and Applications10.5753/jisa.2024.390515:1(179-193)Online publication date: 25-Jul-2024
https://doi.org/10.5753/jisa.2024.3905
Pontes DSilva FMelo AAsadujjaman AFalcão EBrito AFilho C(2024)Multi-Platform and Vault-Free Attestation of Confidential VMsProceedings of the 13th Latin-American Symposium on Dependable and Secure Computing10.1145/3697090.3698036(241-251)Online publication date: 26-Nov-2024
https://dl.acm.org/doi/10.1145/3697090.3698036
Reichert BObelheiro R(2024)IT-SPIRE: Improving the Resilience of the SPIFFE/SPIRE Architecture with an Intrusion-Tolerant ServerProceedings of the 13th Latin-American Symposium on Dependable and Secure Computing10.1145/3697090.3697108(252-261)Online publication date: 26-Nov-2024
https://dl.acm.org/doi/10.1145/3697090.3697108
Wilke LScopelliti G(2024)SNPGuard: Remote Attestation of SEV-SNP VMs Using Open Source Tools2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)10.1109/EuroSPW61312.2024.00026(193-198)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSPW61312.2024.00026
Galanou ABindlish KPreibsch LPignolet YFetzer CKapitza R(2023)Trustworthy confidential virtual machines for the massesProceedings of the 24th International Middleware Conference10.1145/3590140.3629124(316-328)Online publication date: 27-Nov-2023
https://dl.acm.org/doi/10.1145/3590140.3629124

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten