Academic literature on the topic 'Trusted Execution Environment (TEE)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Trusted Execution Environment (TEE).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Journal articles on the topic "Trusted Execution Environment (TEE)"
1
Kato, Fumiyuki, Yang Cao, and Mastoshi Yoshikawa. "PCT-TEE: Trajectory-based Private Contact Tracing System with Trusted Execution Environment." ACM Transactions on Spatial Algorithms and Systems 8, no. 2 (June 30, 2022): 1–35. http://dx.doi.org/10.1145/3490491.
Full textAbstract:
Existing Bluetooth-based private contact tracing (PCT) systems can privately detect whether people have come into direct contact with patients with COVID-19. However, we find that the existing systems lack functionality and flexibility , which may hurt the success of contact tracing. Specifically, they cannot detect indirect contact (e.g., people may be exposed to COVID-19 by using a contaminated sheet at a restaurant without making direct contact with the infected individual); they also cannot flexibly change the rules of “risky contact,” such as the duration of exposure or the distance (both spatially and temporally) from a patient with COVID-19 that is considered to result in a risk of exposure, which may vary with the environmental situation. In this article, we propose an efficient and secure contact tracing system that enables us to trace both direct contact and indirect contact. To address the above problems, we need to utilize users’ trajectory data for PCT, which we call trajectory-based PCT . We formalize this problem as a spatiotemporal private set intersection that satisfies both the security and efficiency requirements. By analyzing different approaches such as homomorphic encryption, which could be extended to solve this problem, we identify the trusted execution environment (TEE) as a candidate method to achieve our requirements. The major challenge is how to design algorithms for a spatiotemporal private set intersection under the limited secure memory of the TEE. To this end, we design a TEE-based system with flexible trajectory data encoding algorithms. Our experiments on real-world data show that the proposed system can process hundreds of queries on tens of millions of records of trajectory data within a few seconds.
2
Ng, Lucien K. L., Sherman S. M. Chow, Anna P. Y. Woo, Donald P. H. Wong, and Yongjun Zhao. "Goten: GPU-Outsourcing Trusted Execution of Neural Network Training." Proceedings of the AAAI Conference on Artificial Intelligence 35, no. 17 (May 18, 2021): 14876–83. http://dx.doi.org/10.1609/aaai.v35i17.17746.
Full textAbstract:
Deep learning unlocks applications with societal impacts, e.g., detecting child exploitation imagery and genomic analysis of rare diseases. Deployment, however, needs compliance with stringent privacy regulations. Training algorithms that preserve the privacy of training data are in pressing need. Purely cryptographic approaches can protect privacy, but they are still costly, even when they rely on two or more non-colluding servers. Seemingly-"trivial" operations in plaintext quickly become prohibitively inefficient when a series of them are "crypto-processed," e.g., (dynamic) quantization for ensuring the intermediate values would not overflow. Slalom, recently proposed by Tramer and Boneh, is the first solution that leverages both GPU (for efficient batch computation) and a trusted execution environment (TEE) (for minimizing the use of cryptography). Roughly, it works by a lot of pre-computation over known and fixed weights, and hence it only supports private inference. Five related problems for private training are left unaddressed. Goten, our privacy-preserving training and prediction framework, tackles all five problems simultaneously via our careful design over the "mismatched" cryptographic and GPU data types (due to the tension between precision and efficiency) and our round-optimal GPU-outsourcing protocol (hence minimizing the communication cost between servers). It 1) stochastically trains a low-bitwidth yet accurate model, 2) supports dynamic quantization (a challenge left by Slalom), 3) minimizes the memory-swapping overhead of the memory-limited TEE and its communication with GPU, 4) crypto-protects the (dynamic) model weight from untrusted GPU, and 5) outperforms a pure-TEE system, even without pre-computation (needed by Slalom). As a baseline, we build CaffeScone that secures Caffe using TEE but not GPU; Goten shows a 6.84x speed-up of the whole VGG-11. Goten also outperforms Falcon proposed by Wagh et al., the latest secure multi-server cryptographic solution, by 132.64x using VGG-11. Lastly, we demonstrate Goten's efficacy in training models for breast cancer diagnosis over sensitive images.
3
Meftah, Souhail, Shuhao Zhang, Bharadwaj Veeravalli, and Khin Mi Mi Aung. "Revisiting the Design of Parallel Stream Joins on Trusted Execution Environments." Algorithms 15, no. 6 (May 25, 2022): 183. http://dx.doi.org/10.3390/a15060183.
Full textAbstract:
The appealing properties of secure hardware solutions such as trusted execution environment (TEE) including low computational overhead, confidentiality guarantee, and reduced attack surface have prompted considerable interest in adopting them for secure stream processing applications. In this paper, we revisit the design of parallel stream join algorithms on multicore processors with TEEs. In particular, we conduct a series of profiling experiments to investigate the impact of alternative design choices to parallelize stream joins on TEE including: (1) execution approaches, (2) partitioning schemes, and (3) distributed scheduling strategies. From the profiling study, we observe three major high-performance impediments: (a) the computational overhead introduced with cryptographic primitives associated with page swapping operations, (b) the restrictive Enclave Page Cache (EPC) size that limits the supported amount of in-memory processing, and (c) the lack of vertical scalability to support the increasing workload often required for near real-time applications. Addressing these issues allowed us to design SecJoin, a more efficient parallel stream join algorithm that exploits modern scale-out architectures with TEEs rendering no trade-offs on security whilst optimizing performance. We present our model-driven parameterization of SecJoin and share our experimental results which have shown up to 4-folds of improvements in terms of throughput and latency.
4
Khurshid, Anum, Sileshi Demesie Yalew, Mudassar Aslam, and Shahid Raza. "TEE-Watchdog: Mitigating Unauthorized Activities within Trusted Execution Environments in ARM-Based Low-Power IoT Devices." Security and Communication Networks 2022 (May 25, 2022): 1–21. http://dx.doi.org/10.1155/2022/8033799.
Full textAbstract:
Trusted execution environments (TEEs) are on the rise in devices all around us ranging from large-scale cloud-based solutions to resource-constrained embedded devices. With the introduction of ARM TrustZone-M, hardware-assisted trusted execution is now supported in IoT nodes. TrustZone-M provides isolated execution of security-critical operations and sensitive data-generating peripherals. However, TrustZone-M, like all other TEEs, does not provide a mechanism to monitor operations in the trusted areas of the device and software in the secure areas of an IoT device has access to the entire secure and nonsecure software stack. This is crucial due to the diversity of device manufacturers and component suppliers in the market, which manifests trust issues, especially when third-party peripherals are incorporated into a TEE. Compromised TEEs can be misused for industrial espionage, data exfiltration through system backdoors, and illegal data sharing. It is of utmost importance here that system peripheral behaviour in terms of resource access is in accordance with their intended usage that is specified during integration. We propose TEE-Watchdog, a lightweight framework that establishes MPU protections for secure system peripherals in TrustZone-enabled low-end IoT devices. TEE-Watchdog ensures blocking unauthorized peripheral accesses and logging of application misbehaviour running in the TEE based on a manifest file. We define lightweight specifications and structure for the application manifest file enlisting permissions for critical system peripherals using concise binary object representation (CBOR). We implement and evaluate TEE-Watchdog using a Musca-A2 test chipboard. Our microbenchmark evaluations on CPU time and RAM usage demonstrated the practicality of TEE-Watchdog. Securing the system peripherals using TEE-Watchdog protections induced a 1.4% overhead on the latency of peripheral accesses, which was 61 microseconds on our test board. Our optimized CBOR-encoded manifest file template also showed a decrease in manifest file size by 40% as compared to the standard file formats, e.g., JSON.
5
Chen, Yuehai, Huarun Chen, Shaozhen Chen, Chao Han, Wujian Ye, Yijun Liu, and Huihui Zhou. "DITES: A Lightweight and Flexible Dual-Core Isolated Trusted Execution SoC Based on RISC-V." Sensors 22, no. 16 (August 10, 2022): 5981. http://dx.doi.org/10.3390/s22165981.
Full textAbstract:
A Trusted Execution Environment (TEE) is an efficient way to secure information. To obtain higher efficiency, the building of a dual-core system-on-chip (SoC) with TEE security capabilities is the hottest topic. However, TEE SoCs currently commonly use complex processor cores such as Rocket, resulting in high resource usage. More importantly, the cryptographic unit lacks flexibility and ignores secure communication in dual cores. To address the above problems, we propose DITES, a dual-core TEE SoC based on a Reduced Instruction Set Computer-V (RISC-V). At first, we designed a fully isolated multi-level bus architecture based on a lightweight RISC-V processor with an integrated crypto core supporting Secure Hashing Algorithm-1 (SHA1), Advanced Encryption Standard (AES), and Rivest–Shamir–Adleman (RSA), among which RSA can be configured to five key lengths. Then, we designed a secure boot based on Chain-of-Trust (CoT). Furthermore, we propose a hierarchical access policy to improve the security of inter-core communication. Finally, DITES is deployed on a Kintex 7 Field-Programmable-Gate-Array (FPGA) with a power consumption of 0.297 W, synthesized using TSMC 90 nm. From the results, the acceleration ratios of SHA1 and RSA1024 decryption/encryption can reach 75 and 1331/1493, respectively. Compared to exiting TEE SoCs, DITES has lower resource consumption, higher flexibility, and better security.
6
Sebastian, D. Jonathan, Utkarsh Agrawal, Ali Tamimi, and Adam Hahn. "DER-TEE: Secure Distributed Energy Resource Operations Through Trusted Execution Environments." IEEE Internet of Things Journal 6, no. 4 (August 2019): 6476–86. http://dx.doi.org/10.1109/jiot.2019.2909768.
Full text
7
Song, Weiqiong, Shuai Guo, Jiwei Li, Heng Liu, Zaijun Wu, Xiaorong He, and Yunyang Hou. "Security Authentication Framework Design for Electric Internet of Things." Journal of Physics: Conference Series 2356, no. 1 (October 1, 2022): 012003. http://dx.doi.org/10.1088/1742-6596/2356/1/012003.
Full textAbstract:
The intelligent terminal equipment of the electric internet of things (IoT) is vulnerable to network attacks when installing APPs from the application store. Encryption of the communication process can enhance security protection, but the key needs to be stored in the local equipment. When the equipment is attacked, the key is leaked easily resulting in communication security problems. To solve the above problems, we proposes a terminal APP security authentication mechanism based on TrustZone approach and OP-TEE (Open Source Trust Execution Environment) system to identify the identity information of both sides of the communication. The digital certificate of the application store is checked before the terminal equipment installs the APP. After the check is passed, the session key is generated in the Trusted Execution Environment (TEE), and the communication parties use the session key to encrypt the subsequent process. Simulation results validate that the proposed security authentication mechanism can effectively protect the communication process of terminal equipment installation APP and meet the performance requirements.
8
Wang, Zhihong, Yongbiao Li, Dingcheng Li, Ming Li, Bincheng Zhang, Shishi Huang, and Wen He. "Enabling Fairness-Aware and Privacy-Preserving for Quality Evaluation in Vehicular Crowdsensing: A Decentralized Approach." Security and Communication Networks 2021 (November 12, 2021): 1–11. http://dx.doi.org/10.1155/2021/9678409.
Full textAbstract:
With the rapid development of vehicular crowdsensing, it becomes easier and more efficient for mobile devices to sense, compute, and measure various data. However, how to address the fair quality evaluation between the platform and participants while preserving the privacy of solutions is still a challenge. In the work, we present a fairness-aware and privacy-preserving scheme for worker quality evaluation by leveraging the blockchain, trusted execution environment (TEE), and machine learning technologies. Specifically, we build our framework atop the decentralized blockchain which can resist a single point of failure/compromise. The smart contracts paradigm in blockchain enforces correct and automatic program execution for task processing. In addition, machine learning and TEE are utilized to evaluate the quality of data collected by the sensors in a privacy-preserving and fair way, eliminating human subject judgement of the sensing solutions. Finally, a prototype of the proposed scheme is implemented to verify the feasibility and efficiency with a benchmark dataset.
9
Noh, Yoongdoo, and Chanik Park. "CrossPay: A TEE (Trusted Execution Environment)-based Offchain Protocol for Real-Time Cross Chain Asset Transfer." KIISE Transactions on Computing Practices 28, no. 3 (March 31, 2022): 160–74. http://dx.doi.org/10.5626/ktcp.2022.28.3.160.
Full text
10
Li, Rujia, Qin Wang, Qi Wang, David Galindo, and Mark Ryan. "SoK: TEE-Assisted Confidential Smart Contract." Proceedings on Privacy Enhancing Technologies 2022, no. 3 (July 2022): 711–31. http://dx.doi.org/10.56553/popets-2022-0093.
Full textAbstract:
The blockchain-based smart contract lacks privacy, since the contract state and instruction code are exposed to the public. Combining smart-contract execution with Trusted Execution Environments provides an efficient solution, called TEE-assisted smart contracts (TCSC), for protecting the confidentiality of contract states. However, the combination approaches are varied, and a systematic study is absent. Newly released systems may fail to draw upon the experience learned from existing protocols, such as repeating known design mistakes or applying TEE technology in insecure ways. In this paper, we first investigate and categorize existing systems into two types: the layer-one solution and the layer-two solution. Then, we establish an analysis framework to capture their common aspects, covering desired properties (for contract services), threat models, and security considerations (for underlying systems). Based on our taxonomy, we identify their ideal functionalities, and uncover fundamental flaws and challenges in each specification’s design. We believe that this work would provide a guide for the development of TEE-assisted smart contracts, as well as a framework to evaluate future TCSC systems.
Dissertations / Theses on the topic "Trusted Execution Environment (TEE)"
1
Da, Silva Mathieu. "Securing a trusted hardware environment (Trusted Execution Environment)." Thesis, Montpellier, 2018. http://www.theses.fr/2018MONTS053/document.
Full textAbstract:
Ce travail de thèse a pour cadre le projet Trusted Environment Execution eVAluation (TEEVA) (projet français FUI n°20 de Janvier 2016 à Décembre 2018) qui vise à évaluer deux solutions alternatives de sécurisation des plateformes mobiles, l’une est purement logicielle, la Whitebox Crypto, alors que l’autre intègre des éléments logiciels et matériels, le Trusted Environment Execution (TEE). Le TEE s’appuie sur la technologie TrustZone d’ARM disponible sur de nombreux chipsets du marché tels que des smartphones et tablettes Android. Cette thèse se concentre sur l’architecture TEE, l’objectif étant d’analyser les menaces potentielles liées aux infrastructures de test/debug classiquement intégrées dans les circuits pour contrôler la conformité fonctionnelle après fabrication.Le test est une étape indispensable dans la production d’un circuit intégré afin d’assurer fiabilité et qualité du produit final. En raison de l’extrême complexité des circuits intégrés actuels, les procédures de test ne peuvent pas reposer sur un simple contrôle des entrées primaires avec des patterns de test, puis sur l’observation des réponses de test produites sur les sorties primaires. Les infrastructures de test doivent être intégrées dans le matériel au moment du design, implémentant les techniques de Design-for-Testability (DfT). La technique DfT la plus commune est l’insertion de chaînes de scan. Les registres sont connectés en une ou plusieurs chaîne(s), appelé chaîne(s) de scan. Ainsi, un testeur peut contrôler et observer les états internes du circuit à travers les broches dédiées. Malheureusement, cette infrastructure de test peut aussi être utilisée pour extraire des informations sensibles stockées ou traitées dans le circuit, comme par exemple des données fortement corrélées à une clé secrète. Une attaque par scan consiste à récupérer la clé secrète d’un crypto-processeur grâce à l’observation de résultats partiellement encryptés.Des expérimentations ont été conduites sur la carte électronique de démonstration avec le TEE afin d’analyser sa sécurité contre une attaque par scan. Dans la carte électronique de démonstration, une contremesure est implémentée afin de protéger les données sensibles traitées et sauvegardées dans le TEE. Les accès de test sont déconnectés, protégeant contre les attaques exploitant les infrastructures de test, au dépend des possibilités de test, diagnostic et debug après mise en service du circuit. Les résultats d’expérience ont montré que les circuits intégrés basés sur la technologie TrustZone ont besoin d’implanter une contremesure qui protège les données extraites des chaînes de scan. Outre cette simple contremesure consistant à éviter l’accès aux chaînes de scan, des contremesures plus avancées ont été développées dans la littérature pour assurer la sécurité tout en préservant l’accès au test et au debug. Nous avons analysé un état de l’art des contremesures contre les attaques par scan. De cette étude, nous avons proposé une nouvelle contremesure qui préserve l’accès aux chaînes de scan tout en les protégeant, qui s’intègre facilement dans un système, et qui ne nécessite aucun redesign du circuit après insertion des chaînes de scan tout en préservant la testabilité du circuit. Notre solution est basée sur l’encryption du canal de test, elle assure la confidentialité des communications entre le circuit et le testeur tout en empêchant son utilisation par des utilisateurs non autorisés. Plusieurs architectures ont été étudiées, ce document rapporte également les avantages et les inconvénients des solutions envisagées en terme de sécurité et de performanceThis work is part of the Trusted Environment Execution eVAluation (TEEVA) project (French project FUI n°20 from January 2016 to December 2018) that aims to evaluate two alternative solutions for secure mobile platforms: a purely software one, the Whitebox Crypto, and a TEE solution, which integrates software and hardware components. The TEE relies on the ARM TrustZone technology available on many of the chipsets for the Android smartphones and tablets market. This thesis focuses on the TEE architecture. The goal is to analyze potential threats linked to the test/debug infrastructures classically embedded in hardware systems for functional conformity checking after manufacturing.Testing is a mandatory step in the integrated circuit production because it ensures the required quality and reliability of the devices. Because of the extreme complexity of nowadays integrated circuits, test procedures cannot rely on a simple control of primary inputs with test patterns, then observation of produced test responses on primary outputs. Test facilities must be embedded in the hardware at design time, implementing the so-called Design-for-Testability (DfT) techniques. The most popular DfT technique is the scan design. Thanks to this test-driven synthesis, registers are connected in one or several chain(s), the so-called scan chain(s). A tester can then control and observe the internal states of the circuit through dedicated scan pins and components. Unfortunately, this test infrastructure can also be used to extract sensitive information stored or processed in the chip, data strongly correlated to a secret key for instance. A scan attack consists in retrieving the secret key of a crypto-processor thanks to the observation of partially encrypted results.Experiments have been conducted during the project on the demonstrator board with the target TEE in order to analyze its security against a scan-based attack. In the demonstrator board, a countermeasure is implemented to ensure the security of the assets processed and saved in the TEE. The test accesses are disconnected preventing attacks exploiting test infrastructures but disabling the test interfaces for testing, diagnosis and debug purposes. The experimental results have shown that chips based on TrustZone technology need to implement a countermeasure to protect the data extracted from the scan chains. Besides the simple countermeasure consisting to avoid scan accesses, further countermeasures have been developed in the literature to ensure security while preserving test and debug facilities. State-of-the-art countermeasures against scan-based attacks have been analyzed. From this study, we investigate a new proposal in order to preserve the scan chain access while preventing attacks, and to provide a plug-and-play countermeasure that does not require any redesign of the scanned circuit while maintaining its testability. Our solution is based on the encryption of the test communication, it provides confidentiality of the communication between the circuit and the tester and prevents usage from unauthorized users. Several architectures have been investigated, this document also reports pros and cons of envisaged solutions in terms of security and performance
2
Cole, Nigel. "Arguing Assurance in Trusted Execution Environments using Goal Structuring Notation." Thesis, Linköpings universitet, Programvara och system, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-177923.
Full textAbstract:
A trusted execution environment (TEE) is an isolated environment used for trusted execution. TEE solutions are usually proprietary and specific for a certain hardware specification, thereby limiting developers that use those TEEs. A potential solution to this issue is the use of open-source alternatives such as the TEE framework Keystone and the Reduced Instruction Set Computer V (RISC-V) hardware. These alternatives are rather young and are not as well established as the variants developed by ARM and Intel. To this end, the assurance in Keystone and RISC-V are analysed by studying a remote attestation assurance use case using the goal structuring notation (GSN) method. The aim is to investigate how GSN can be utilised to build assurance cases for TEEs on RISC-V. This thesis presents a process of how GSNs can be created to argue assurance for a TEE solution. Furthermore, Keystone operates under a specific threat model with made assumptions that may have a large impact depending on the use case. Therefore, Keystone is analysed to understand whether the framework mitigates existing vulnerabilities in TEEs. It is concluded that GSN is a viable method for arguing assurance in TEEs, providing great freedom in the creation of the GSN model. The freedom is also its weakness since the argument composition has a high impact on the argument. Furthermore, we conclude that Keystone mitigates multiple known vulnerabilities primarily through made assumptions in its threat model. These cases need to be considered by developers utilising Keystone to determine whether or not the assumptions are valid for their use case.
3
Sundblad, Anton, and Gustaf Brunberg. "Secure hypervisor versus trusted execution environment : Security analysis for mobile fingerprint identification applications." Thesis, Linköpings universitet, Databas och informationsteknik, 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-139227.
Full textAbstract:
Fingerprint identification is becoming increasingly popular as a means of authentication for handheld devices of different kinds. In order to secure such an authentication solution it is common to use a TEE implementation. This thesis examines the possibility of replacing a TEE with a hypervisor-based solution instead, with the intention of keeping the same security features that a TEE can offer. To carry out the evaluation a suitable method is constructed. This method makes use of fault trees to be able to find possible vulnerabilities in both systems, and these vulnerabilities are then documented. The vulnerabilities of both systems are also compared to each other to identify differences in how they are handled. It is concluded that if the target platform has the ability to implement a TEE solution, it can also implement the same solution using a hypervisor. However, the authors recommend against porting a working TEE solution, as TEEs often offer finished APIs for common operations that would require re-implementation in the examined hypervisor.
4
Dhar, Siddharth. "Optimizing TEE Protection by Automatically Augmenting Requirements Specifications." Thesis, Virginia Tech, 2020. http://hdl.handle.net/10919/98730.
Full textAbstract:
An increasing number of software systems must safeguard their confidential data and code, referred to as critical program information (CPI). Such safeguarding is commonly accomplished by isolating CPI in a trusted execution environment (TEE), with the isolated CPI becoming a trusted computing base (TCB). TEE protection incurs heavy performance costs, as TEE-based functionality is expensive to both invoke and execute. Despite these costs, projects that use TEEs tend to have unnecessarily large TCBs. As based on our analysis, developers often put code and data into TEE for convenience rather than protection reasons, thus not only compromising performance but also reducing the effectiveness of TEE protection.
In order for TEEs to provide maximum benefits for protecting CPI, their usage must be systematically incorporated into the entire software engineering process, starting from Requirements Engineering.
To address this problem, we present a novel approach that incorporates TEEs in the Requirements Engineering phase by using natural language processing (NLP) to classify those software requirements that are security critical and should be isolated in TEE. Our approach takes as input a requirements specification and outputs a list of annotated software requirements. The annotations recommend to the developer which corresponding features comprise CPI that should be protected in a TEE. Our evaluation results indicate that our approach identifies CPI with a high degree of accuracy to incorporate safeguarding CPI into Requirements Engineering.Master of Science
An increasing number of software systems must safeguard their confidential data like passwords, payment information, personal details, etc. This confidential information is commonly protected using a Trusted Execution Environment (TEE), an isolated environment provided by either the existing processor or separate hardware that interacts with the operating system to secure sensitive data and code. Unfortunately, TEE protection incurs heavy performance costs, with TEEs being slower than modern processors and frequent communication between the system and the TEE incurring heavy performance overhead. We discovered that developers often put code and data into TEE for convenience rather than protection purposes, thus not only hurting performance but also reducing the effectiveness of TEE protection. By thoroughly examining a project's features in the Requirements Engineering phase, which defines the project's functionalities, developers would be able to understand which features handle confidential data. To that end, we present a novel approach that incorporates TEEs in the Requirements Engineering phase by means of Natural Language Processing (NLP) tools to categorize the project requirements that may warrant TEE protection. Our approach takes as input a project's requirements and outputs a list of categorized requirements defining which requirements are likely to make use of confidential information. Our evaluation results indicate that our approach performs this categorization with a high degree of accuracy to incorporate safeguarding the confidentiality related features in the Requirements Engineering phase.
5
Lim, Steven. "Recommending TEE-based Functions Using a Deep Learning Model." Thesis, Virginia Tech, 2021. http://hdl.handle.net/10919/104999.
Full textAbstract:
Trusted execution environments (TEEs) are an emerging technology that provides a protected hardware environment for processing and storing sensitive information. By using
TEEs, developers can bolster the security of software systems. However, incorporating
TEE into existing software systems can be a costly and labor-intensive endeavor. Software
maintenance—changing software after its initial release—is known to contribute the majority of the cost in the software development lifecycle. The first step of making use of a TEE
requires that developers accurately identify which pieces of code would benefit from being
protected in a TEE. For large code bases, this identification process can be quite tedious and
time-consuming. To help reduce the software maintenance costs associated with introducing
a TEE into existing software, this thesis introduces ML-TEE, a recommendation tool that
uses a deep learning model to classify whether an input function handles sensitive information or sensitive code. By applying ML-TEE, developers can reduce the burden of manual
code inspection and analysis. ML-TEE's model was trained and tested on functions from
GitHub repositories that use Intel SGX and on an imbalanced dataset. The accuracy of
the final model used in the recommendation system has an accuracy of 98.86% and an F1
score of 80.00%. In addition, we conducted a pilot study, in which participants were asked
to identify functions that needed to be placed inside a TEE in a third-party project. The
study found that on average, participants who had access to the recommendation system's
output had a 4% higher accuracy and completed the task 21% faster.Master of Science
Improving the security of software systems has become critically important. A trusted execution environment (TEE) is an emerging technology that can help secure software that uses or stores confidential information. To make use of this technology, developers need to identify which pieces of code handle confidential information and should thus be placed in a TEE. However, this process is costly and laborious because it requires the developers to understand the code well enough to make the appropriate changes in order to incorporate a TEE. This process can become challenging for large software that contains millions of lines of code. To help reduce the cost incurred in the process of identifying which pieces of code should be placed within a TEE, this thesis presents ML-TEE, a recommendation system that uses a deep learning model to help reduce the number of lines of code a developer needs to inspect. Our results show that the recommendation system achieves high accuracy as well as a good balance between precision and recall. In addition, we conducted a pilot study and found that participants from the intervention group who used the output from the recommendation system managed to achieve a higher average accuracy and perform the assigned task faster than the participants in the control group.
6
Moghimi, Ahmad. "Side-Channel Attacks on Intel SGX: How SGX Amplifies The Power of Cache Attack." Digital WPI, 2017. https://digitalcommons.wpi.edu/etd-theses/399.
Full textAbstract:
In modern computing environments, hardware resources are commonly shared, and parallel computation is more widely used. Users run their services in parallel on the same hardware and process information with different confidentiality levels every day. Running parallel tasks can cause privacy and security problems if proper isolation is not enforced. Computers need to rely on a trusted root to protect the data from malicious entities. Intel proposed the Software Guard eXtension (SGX) to create a trusted execution environment (TEE) within the processor. SGX allows developers to benefit from the hardware level isolation. SGX relies only on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards any kind of side-channel attacks. Researchers have demonstrated that microarchitectural sidechannels are very effective in thwarting the hardware provided isolation. In scenarios that involve SGX as part of their defense mechanism, system adversaries become important threats, and they are capable of initiating these attacks. This work introduces a new and more powerful cache side-channel attack that provides system adversaries a high resolution channel. The developed attack is able to virtually track all memory accesses of SGX execution with temporal precision. As a proof of concept, we demonstrate our attack to recover cryptographic AES keys from the commonly used implementations including those that were believed to be resistant in previous attack scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous attacks which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover the AES key from T-Table based implementations in a known plaintext and ciphertext scenario with an average of 15 and 7 samples respectively.
7
Arfaoui, Ghada. "Conception de protocoles cryptographiques préservant la vie privée pour les services mobiles sans contact." Thesis, Orléans, 2015. http://www.theses.fr/2015ORLE2013/document.
Full textAbstract:
Avec l'émergence de nouvelles technologies telles que le NFC (Communication à champ proche) et l'accroissement du nombre de plates-formes mobiles, les téléphones mobiles vont devenir de plus en plus indispensables dans notre vie quotidienne. Ce contexte introduit de nouveaux défis en termes de sécurité et de respect de la vie privée. Dans cette thèse, nous nous focalisons sur les problématiques liées au respect de la vie privée dans les services NFC ainsi qu’à la protection des données privées et secrets des applications mobiles dans les environnements d'exécution de confiance (TEE). Nous fournissons deux solutions pour le transport public: une solution utilisant des cartes d'abonnement (m-pass) et une autre à base de tickets électroniques (m-ticketing). Nos solutions préservent la vie privée des utilisateurs tout en respectant les exigences fonctionnelles établies par les opérateurs de transport. À cette fin, nous proposons de nouvelles variantes de signatures de groupe ainsi que la première preuve pratique d’appartenance à un ensemble, à apport nul de connaissance, et qui ne nécessite pas de calculs de couplages du côté du prouveur. Ces améliorations permettent de réduire considérablement le temps d'exécution de ces schémas lorsqu’ils sont implémentés dans des environnements contraints par exemple sur carte à puce. Nous avons développé les protocoles de m-passe et de m-ticketing dans une carte SIM standard : la validation d'un ticket ou d'un m-pass s'effectue en moins de 300ms et ce tout en utilisant des tailles de clés adéquates. Nos solutions fonctionnent également lorsque le mobile est éteint ou lorsque sa batterie est déchargée. Si les applications s'exécutent dans un TEE, nous introduisons un nouveau protocole de migration de données privées, d'un TEE à un autre, qui assure la confidentialité et l'intégrité de ces données. Notre protocole est fondé sur l’utilisation d’un schéma de proxy de rechiffrement ainsi que sur un nouveau modèle d’architecture du TEE. Enfin, nous prouvons formellement la sécurité de nos protocoles soit dans le modèle calculatoire pour les protocoles de m-pass et de ticketing soit dans le modèle symbolique pour le protocole de migration de données entre TEEThe increasing number of worldwide mobile platforms and the emergence of new technologies such as the NFC (Near Field Communication) lead to a growing tendency to build a user's life depending on mobile phones. This context brings also new security and privacy challenges. In this thesis, we pay further attention to privacy issues in NFC services as well as the security of the mobile applications private data and credentials namely in Trusted Execution Environments (TEE). We first provide two solutions for public transport use case: an m-pass (transport subscription card) and a m-ticketing validation protocols. Our solutions ensure users' privacy while respecting functional requirements of transport operators. To this end, we propose new variants of group signatures and the first practical set-membership proof that do not require pairing computations at the prover's side. These novelties significantly reduce the execution time of such schemes when implemented in resource constrained environments. We implemented the m-pass and m-ticketing protocols in a standard SIM card: the validation phase occurs in less than 300ms whilst using strong security parameters. Our solutions also work even when the mobile is switched off or the battery is flat. When these applications are implemented in TEE, we introduce a new TEE migration protocol that ensures the privacy and integrity of the TEE credentials and user's private data. We construct our protocol based on a proxy re-encryption scheme and a new TEE model. Finally, we formally prove the security of our protocols using either game-based experiments in the random oracle model or automated model checker of security protocols
8
Li, Jiatong. "TLS Library for Isolated Enclaves : Optimizing the performance of TLS libraries for SGX." Thesis, KTH, Kommunikationssystem, CoS, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-241245.
Full textAbstract:
Nowadays cloud computing systems handle large amounts of data and process this data across different systems. It is essential to considering data security vulnerabilities and data protection. One means of decreasing security vulnerabilities is to partition the code into distinct modules and then isolate the execution of the code together with its data. Intel’s Software Guard Extension (SGX) provides security critical code isolation in an enclave. By isolating the code’s execution from an untrusted zone (an unprotected user platform), code integrity and confidentiality are ensured. Transport Layer Security (TLS) is responsible for providing integrity and confidentiality for communication between two entities. Several TLS libraries support cryptographic functions both for an untrusted zone and an enclave. Different TLS libraries have different performance when used with Intel’s SGX. It is desirable to use the best performance TLS library for specific cryptographic functions. This thesis describes a performance evaluation several popular TLS libraries performance on Intel SGX. Using the evaluation results and combining several different TLS libraries together, the thesis proposes a new solution to improve the performance of TLS libraries on Intel SGX. The performance is best when invoking the best specific TLS library based upon the data size – as there is a crossover in performance between the two best libraries. This solution also maintains the versatility of the existing cryptographic functions.Numera hanterar molnberäkningssystem stora mängder data och bearbetar dessa data över olika system. Det är viktigt att ta itu med datasäkerhetsproblem och dataskydd. Ett sätt att minska säkerhetsproblem är att partitionera koden i olika moduler och sedan isolera kodens exekvering tillsammans med dess data. Intel’s Software Guard Extension (SGX) tillhandahåller säkerhetskritisk kodisolering i en enklav. Genom att isolera kodens körning från en otillförlitlig zon (en oskyddad användarplattform) säkerställs kodintegritet och sekretess. Transport Layer Security (TLS) ansvarar för att ge integritet och konfidentialitet för kommunikation mellan två enheter. Flera TLS-bibliotek stödjer kryptografiska funktioner både för en osäker zon och en enklav. Olika TLS-bibliotek har olika prestanda när de används med Intel’s SGX. Det är önskvärt att använda TLS-bibliotekets bästa prestanda för specifika kryptografiska funktioner. Denna avhandling beskriver en prestationsutvärdering av flera populära TLS-bibliotekens prestanda på Intel SGX. Genom att använda utvärderingsresultaten och kombinera flera olika TLS-bibliotek tillsammans, presenterar avhandlingen en ny design och lösning för att förbättra prestanda för TLS-bibliotek på Intel SGX. Den resulterande prestanda åberopar TLS-bibliotekets bästa prestanda inom en viss datastorlek samtidigt som krypteringsfunktionerna är mångsidiga.
9
Zhang, Ning. "Attack and Defense with Hardware-Aided Security." Diss., Virginia Tech, 2016. http://hdl.handle.net/10919/72855.
Full textAbstract:
Riding on recent advances in computing and networking, our society is now experiencing the evolution into the age of information. While the development of these technologies brings great value to our daily life, the lucrative reward from cyber-crimes has also attracted criminals. As computing continues to play an increasing role in the society, security has become a pressing issue. Failures in computing systems could result in loss of infrastructure or human life, as demonstrated in both academic research and production environment. With the continuing widespread of malicious software and new vulnerabilities revealing every day, protecting the heterogeneous computing systems across the Internet has become a daunting task. Our approach to this challenge consists of two directions. The first direction aims to gain a better understanding of the inner working of both attacks and defenses in the cyber environment. Meanwhile, our other direction is designing secure systems in adversarial environment.Ph. D.
10
Elbashir, Khalid. "Trusted Execution Environments for Open vSwitch : A security enabler for the 5G mobile network." Thesis, KTH, Radio Systems Laboratory (RS Lab), 2017. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-218070.
Full textAbstract:
The advent of virtualization introduced the need for virtual switches to interconnect virtual machines deployed in a cloud infrastructure. With Software Defined Networking (SDN), a central controller can configure these virtual switches. Virtual switches execute on commodity operating systems. Open vSwitch is an open source project that is widely used in production cloud environments. If an adversary gains access with full privileges to the operating system hosting the virtual switch, then Open vSwitch becomes vulnerable to a variety of different attacks that could compromise the whole network. The purpose of this thesis project is to improve the security of Open vSwitch implementations in order to ensure that only authenticated switches and controllers can communicate with each other, while maintaining code integrity and confidentiality of keys and certificates. The thesis project proposes a design and shows an implementation that leverages Intel® Safe Guard Extensions (SGX) technology. A new library, TLSonSGX, is implemented. This library replaces the use of the OpenSSL library in Open vSwitch. In addition to implementing standard Transport Level Security (TLS) connectivity, TLSonSGX confines TLS communication in the protected memory enclave and hence protects TLS sensitive components necessary to provide confidentiality and integrity, such as private keys and negotiated symmetric keys. Moreover, TLSonSGX introduces new, secure, and automatic means to generate keys and obtain signed certificates from a central Certificate Authority that validates using Linux Integrity Measurements Architecture (IMA) that the Open vSwitch binaries have not been tampered with before issuing a signed certificate. The generated keys and obtained certificates are stored in the memory enclave and hence never exposed as plaintext outside the enclave. This new mechanism is a replacement for the existing manual and unsecure procedures (as described in Open vSwitch project). A security analysis of the system is provided as well as an examination of performance impact of the use of a trusted execution environment. Results show that generating keys and certificates using TLSonSGX takes less than 0.5 seconds while adding 30% latency overhead for the first packet in a flow compared to using OpenSSL when both are executed on Intel® CoreTM i7-6600U processor clocked at 2.6 GHz. These results show that TLSonSGX can enhance Open vSwitch security and reduce its TLS configuration overhead.Framkomsten av virtualisering införde behovet av virtuella växlar för att koppla tillsammans virtuella maskiner placerade i molninfrastruktur. Med mjukvarubaserad nätverksteknik (SDN), kan ett centralt styrenhet konfigurera dessa virtuella växlar. Virtuella växlar kör på standardoperativsystem. Open vSwitch är ett open-source projekt som ofta används i molntjänster. Om en motståndare får tillgång med fullständiga privilegier till operativsystemet där Open vSwitch körs, blir Open vSwitch utsatt för olika attacker som kan kompromettera hela nätverket. Syftet med detta examensarbete är att förbättra säkerheten hos Open vSwitch för att garantera att endast autentiserade växlar och styrenheter kan kommunicera med varandra, samtidigt som att upprätthålla kod integritet och konfidentialitet av nycklar och certifikat. Detta examensarbete föreslår en design och visar en implementation som andvändar Intel®s Safe Guard Extensions (SGX) teknologi. Ett nytt bibliotek, TLSonSGX, är implementerat. Detta bibliotek ersätter biblioteket OpenSSL i Open vSwitch. Utöver att det implementerar ett standard “Transport Layer Security” (TLS) anslutning, TLSonSGX begränsar TLS kommunikation i den skyddade minnes enklaven och skyddar därför TLS känsliga komponenter som är nödvändiga för att ge sekretess och integritet, såsom privata nycklar och förhandlade symmetriska nycklar. Dessutom introducerar TLSonSGX nya, säkra och automatiska medel för att generera nycklar och få signerade certifikat från en central certifikatmyndighet som validerar, med hjälp av Linux Integrity Measurements Architecture (IMA), att Open vSwitch-binärerna inte har manipulerats innan de utfärdade ett signerat certifikat. De genererade nycklarna och erhållna certifikat lagras i minnes enklaven och är därför aldrig utsatta utanför enklaven. Denna nya mekanism ersätter de manuella och osäkra procedurerna som beskrivs i Open vSwitch projektet. En säkerhetsanalys av systemet ges såväl som en granskning av prestandaffekten av användningen av en pålitlig exekveringsmiljö. Resultaten visar att använda TLSonSGX för att generera nycklar och certifikat tar mindre än 0,5 sekunder medan det lägger 30% latens overhead för det första paketet i ett flöde jämfört med att använda OpenSSL när båda exekveras på Intel® Core TM processor i7-6600U klockad vid 2,6 GHz. Dessa resultat visar att TLSonSGX kan förbättra Open vSwitch säkerhet och minska TLS konfigurationskostnaden.
Book chapters on the topic "Trusted Execution Environment (TEE)"
1
Nagy, Roland, Márton Bak, Dorottya Papp, and Levente Buttyán. "T-RAID: TEE-based Remote Attestation for IoT Devices." In Communications in Computer and Information Science, 76–88. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-09357-9_7.
Full textAbstract:
AbstractThe Internet of Things (IoT) consists of network-connected embedded devices that enable a multitude of new applications, but also create new risks. In particular, embedded IoT devices can be infected by malware. Operators of IoT systems not only need malware detection tools, but also scalable methods to reliably and remotely verify malware freedom of their IoT devices. In this paper, we address this problem by proposing T-RAID, a remote attestation scheme for IoT devices that takes advantage of the security guarantees provided by a Trusted Execution Environment running on each device.
2
Vo, Viet. "Memory-Efficient Encrypted Search Using Trusted Execution Environment." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 340–51. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-91424-0_20.
Full text
3
Liu, Bingyu, Shangyu Xie, and Yuan Hong. "Efficient and Private Divisible Double Auction in Trusted Execution Environment." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 75–92. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-80851-8_6.
Full text
4
Yao, Jiewen, and Vincent Zimmer. "Trusted Execution Environment." In Building Secure Firmware, 681–743. Berkeley, CA: Apress, 2020. http://dx.doi.org/10.1007/978-1-4842-6106-4_17.
Full text
5
Keerup, Kalmer, Dan Bogdanov, Baldur Kubo, and Per Gunnar Auran. "Privacy-Preserving Analytics, Processing and Data Management." In Big Data in Bioeconomy, 157–68. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-71069-9_12.
Full textAbstract:
AbstractTypically, data cannot be shared among competing organizations due to confidentiality or regulatory restrictions. We present several technological alternatives to solve the problem: secure multi-party computation (MPC), trusted execution environments (TEE) and multi-key fully homomorphic encryption (MKFHE). We compare these privacy-enhancing technologies from deployment and performance point of view and explain how we selected technology and machine learning methods. We introduce a demonstrator built in the DataBio project for securely combining private and public data for planning of fisheries. The secure machine learning of best catch locations is a web solution utilizing Intel® Software Guard Extensions (Intel® SGX)-based TEE and built with the Sharemind HI (Hardware Isolation) development tools. Knowing where to go fishing is a competitive advantage that a fishery is not interested to share with competitors. Therefore, joint intelligence from public and private sector data while protecting secrets of each contributing organization is an important enabler. Finally, we discuss the wider business impact of secure machine learning in situations where data confidentiality is a concern.
6
Umar, Assad, and Keith Mayes. "Trusted Execution Environment and Host Card Emulation." In Smart Cards, Tokens, Security and Applications, 497–519. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-50500-8_18.
Full text
7
Mattsson, Ulf. "HSM, TPM, and Trusted Execution Environments." In Controlling Privacy and the Use of Data Assets, 211–14. Boca Raton: CRC Press, 2022. http://dx.doi.org/10.1201/9781003189664-20.
Full text
8
Srinivas, Podili V. S., Ch Pravallika, and K. Srujan Raju. "Trusted Execution Environment for Data Protection in Cloud." In Advances in Intelligent Systems and Computing, 657–65. New Delhi: Springer India, 2016. http://dx.doi.org/10.1007/978-81-322-2757-1_65.
Full text
9
Wang, Wennan, Linkai Zhu, Baoping Wang, Li Guang, Sheng Peng, and Zhiming Cai. "Decentralized M-Learning Platform with Trusted Execution Environment." In Advances in Web-Based Learning – ICWL 2021, 3–13. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-90785-3_1.
Full text
10
Zou, Deqing, Jinjiu Long, and Hai Jin. "Trusted Deployment of Virtual Execution Environment in Grid Systems." In Advances in Computer Science - ASIAN 2009. Information Security and Privacy, 124–36. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-10622-4_10.
Full textConference papers on the topic "Trusted Execution Environment (TEE)"
1
McGillion, Brian, Tanel Dettenborn, Thomas Nyman, and N. Asokan. "Open-TEE -- An Open Virtual Trusted Execution Environment." In 2015 IEEE Trustcom/BigDataSE/ISPA. IEEE, 2015. http://dx.doi.org/10.1109/trustcom.2015.400.
Full text
2
Bailleu, Maurice, Donald Dragoti, Pramod Bhatotia, and Christof Fetzer. "TEE-Perf: A Profiler for Trusted Execution Environments." In 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 2019. http://dx.doi.org/10.1109/dsn.2019.00050.
Full text
3
Bicakci, Kemal, Ihsan Kagan Ak, Betul Askin Ozdemir, and Mesut Gozutok. "Open-TEE is No Longer Virtual: Towards Software-Only Trusted Execution Environments Using White-Box Cryptography." In 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA). IEEE, 2019. http://dx.doi.org/10.1109/tps-isa48467.2019.00029.
Full text
4
Shao, Jinjin, Shiyu Ji, Alvin Oliver Glova, Yifan Qiao, Tao Yang, and Tim Sherwood. "Index Obfuscation for Oblivious Document Retrieval in a Trusted Execution Environment." In CIKM '20: The 29th ACM International Conference on Information and Knowledge Management. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3340531.3412035.
Full text
5
Janjua, Hassaan, Mahmoud Ammar, Bruno Crispo, and Danny Hughes. "Towards a standards-compliant pure-software trusted execution environment for resource-constrained embedded devices." In the 4th Workshop. New York, New York, USA: ACM Press, 2019. http://dx.doi.org/10.1145/3342559.3365338.
Full text
6
Li, Wenhao, Yubin Xia, Long Lu, Haibo Chen, and Binyu Zang. "TEEv: virtualizing trusted execution environments on mobile platforms." In the 15th ACM SIGPLAN/SIGOPS International Conference. New York, New York, USA: ACM Press, 2019. http://dx.doi.org/10.1145/3313808.3313810.
Full text
7
Bao, LuWei, GeHao Lu, and LiYu Fu. "Trusted blockchain of ring signature in TEE environment." In ASSE' 22: 2022 3rd Asia Service Sciences and Software Engineering Conference. New York, NY, USA: ACM, 2022. http://dx.doi.org/10.1145/3523181.3523183.
Full text
8
Jang, Jinsoo, Sunjune Kong, Minsu Kim, Daegyeong Kim, and Brent Byunghoon Kang. "SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment." In Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2015. http://dx.doi.org/10.14722/ndss.2015.23189.
Full text
9
Ekberg, Jan-Erik, Kari Kostiainen, and N. Asokan. "Trusted execution environments on mobile devices." In the 2013 ACM SIGSAC conference. New York, New York, USA: ACM Press, 2013. http://dx.doi.org/10.1145/2508859.2516758.
Full text
10
Pires, Rafael Pereira, Pascal Felber, and Marcelo Pasin. "Distributed systems and trusted execution environments: Trade-offs and challenges." In XXXVIII Simpósio Brasileiro de Redes de Computadores e Sistemas Distribuídos. Sociedade Brasileira de Computação, 2020. http://dx.doi.org/10.5753/sbrc_estendido.2020.12412.
Full textAbstract:
This extended abstract summarises my PhD thesis, which explores design strategies for distributed systems that leverage trusted execution environments (TEEs). We aim at achieving better security and privacy guarantees while maintaining or improving performance in comparison to existing equivalent approaches. To that end, we propose a few original systems that take advantage of TEEs. On top of prototypes built with Intel software guard extensions (SGX) and deployed on real hardware, we evaluate their limitations and discuss the outcomes of such an emergent technology.