Securing TEEs With Verifiable Execution Contracts

被引:1
|
作者
Chen, Guoxing [1 ]
Zhang, Yinqian [2 ,3 ]
机构
[1] Shanghai Jiao Tong Univ, Dept Comp Sci & Engn, Shanghai 200240, Peoples R China
[2] Southern Univ Sci & Technol, Res Inst Trust Worthy Autonomous Syst, Shenzhen 518055, Peoples R China
[3] Southern Univ Sci & Technol, Dept Comp Sci & Engn, Shenzhen 518055, Peoples R China
来源
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING | 2023年 / 20卷 / 04期
基金
中国国家自然科学基金;
关键词
Trusted execution environments; Intel SGX; side channels; CHANNEL ATTACKS; CACHE ATTACKS; CLOUD;
D O I
10.1109/TDSC.2022.3194871
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Recent works have demonstrated that trusted execution environments, such as Intel Software Guard Extensions, are vulnerable to various attacks from the privileged software, including side-channel attacks. Existing solutions, such as T-SGX, Deja Vu, Cloak and Varys, detect side-channel attacks at runtime. But they are limited by design, because false detection is unavoidable in these detection methods and therefore any security policy developed atop these mechanisms has to tolerate some malicious operations to achieve practical false positive detection rates. In this article, we propose the concept of verifiable execution contracts, which request the privileged software to provide a benign execution environment for enclaves within which launching attacks becomes very difficult, if not impossible. Since the privileged software is untrusted, we design methods for verifying that the execution contracts are observed. With the proposed verifiable execution contracts, we analyzed how existing attacks could be mitigated.
引用
收藏
页码:3222 / 3237
页数:16
相关论文
共 50 条
  • [1] SECAUCTEE: Securing Auction Smart Contracts using Trusted Execution Environments
    Desai, Harsh
    Kantarcioglu, Murat
    [J]. 2021 IEEE INTERNATIONAL CONFERENCE ON BLOCKCHAIN (BLOCKCHAIN 2021), 2021, : 448 - 455
  • [2] Externally verifiable code execution
    Seshadri, Arvind
    Luk, Mark
    Perrig, Adrian
    Van Doorn, Leendert
    Khosla, Pradeep
    [J]. COMMUNICATIONS OF THE ACM, 2006, 49 (09) : 45 - 49
  • [3] AssureMR: Verifiable SQL Execution on MapReduce
    Zhang, Bo
    Dong, Boxiang
    Wang, Wendy Hui
    [J]. 2018 IEEE 34TH INTERNATIONAL CONFERENCE ON DATA ENGINEERING (ICDE), 2018, : 1228 - 1231
  • [4] Verifiable Computation using Smart Contracts
    Avizheh, Sepideh
    Nabi, Mahmudun
    Safavi-Naini, Reihaneh
    Venkateswarlu, Muni K.
    [J]. CCSW'19: PROCEEDINGS OF THE 2019 ACM SIGSAC CONFERENCE ON CLOUD COMPUTING SECURITY WORKSHOP, 2019, : 17 - 28
  • [5] Securing Smart Contracts in Blockchain
    Kongmanee, Jaturong
    Kijsanayothin, Phongphun
    Hewett, Rattikorn
    [J]. 2019 34TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING WORKSHOPS (ASEW 2019), 2019, : 69 - 76
  • [6] Contracts for Model Execution Verification
    Cariou, Eric
    Ballagny, Cyril
    Feugas, Alexandre
    Barbier, Franck
    [J]. MODELLING FOUNDATIONS AND APPLICATIONS, 2011, 6698 : 3 - 18
  • [7] Challenges in Execution of Outsourcing Contracts
    Rao, Nagesh Mukunda
    [J]. ISEC 2009 - PROCEEDINGS OF THE 2ND INDIA SOFTWARE ENGINEERING CONFERENCE, 2009, : 75 - 79
  • [8] SecSEC: Securing Smart Ethereum Contracts
    Yashavant, Chavhan Sujeet
    [J]. PROCEEDINGS OF THE 17TH INNOVATIONS IN SOFTWARE ENGINEERING CONFERENCE, ISEC 2024, 2024,
  • [9] Commitment with renegotiable debt contracts and verifiable cash flow
    Usman, Murat
    [J]. ECONOMICS LETTERS, 2008, 99 (02) : 249 - 251
  • [10] Automated Execution of Financial Contracts on Blockchains
    Benjamin Egelund-Müller
    Martin Elsman
    Fritz Henglein
    Omri Ross
    [J]. Business & Information Systems Engineering, 2017, 59 : 457 - 467
12345