Wang, Jianqiang ; Mahmoody, Pouya ; Brasser, Ferdinand ; Jauernig, Patrick ; Sadeghi, Ahmad-Reza ; Yu, Donghui ; Pan, Dahan ; Zhang, Yuanyuan (2022)
VirTEE: a full backward-compatible TEE with native live migration and secure I/O.
59th ACM/IEEE Design Automation Conference. San Francisco, USA (10.-14.07.2022)
doi: 10.1145/3489517.3530436
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Modern security architectures provide Trusted Execution Environments (TEEs) to protect critical data and applications against malicious privileged software in so-called enclaves. However, the seamless integration of existing TEEs into the cloud is hindered, as they require substantial adaptation of the software executing inside an enclave as well as the cloud management software to handle enclaved workloads. We tackle these challenges by presenting VirTEE, the first TEE architecture that allows strongly isolated execution of unmodified virtual machines (VMs) in enclaves, as well as secure live migration of VM enclaves between VirTEE-enabled servers. Combined with its secure I/O capabilities, VirTEE enables the integration of enclaved computing in today's complex cloud infrastructure. We thoroughly evaluate our RISC-V-based prototype, and show its effectiveness and efficiency.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2022 |
| Autor(en): | Wang, Jianqiang ; Mahmoody, Pouya ; Brasser, Ferdinand ; Jauernig, Patrick ; Sadeghi, Ahmad-Reza ; Yu, Donghui ; Pan, Dahan ; Zhang, Yuanyuan |
| Art des Eintrags: | Bibliographie |
| Titel: | VirTEE: a full backward-compatible TEE with native live migration and secure I/O |
| Sprache: | Englisch |
| Publikationsjahr: | 23 August 2022 |
| Verlag: | ACM |
| Buchtitel: | DAC'22: Proceedings of the 59th ACM/IEEE Design Automation Conference |
| Veranstaltungstitel: | 59th ACM/IEEE Design Automation Conference |
| Veranstaltungsort: | San Francisco, USA |
| Veranstaltungsdatum: | 10.-14.07.2022 |
| DOI: | 10.1145/3489517.3530436 |
| Kurzbeschreibung (Abstract): | Modern security architectures provide Trusted Execution Environments (TEEs) to protect critical data and applications against malicious privileged software in so-called enclaves. However, the seamless integration of existing TEEs into the cloud is hindered, as they require substantial adaptation of the software executing inside an enclave as well as the cloud management software to handle enclaved workloads. We tackle these challenges by presenting VirTEE, the first TEE architecture that allows strongly isolated execution of unmodified virtual machines (VMs) in enclaves, as well as secure live migration of VM enclaves between VirTEE-enabled servers. Combined with its secure I/O capabilities, VirTEE enables the integration of enclaved computing in today's complex cloud infrastructure. We thoroughly evaluate our RISC-V-based prototype, and show its effectiveness and efficiency. |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Systemsicherheit Profilbereiche Profilbereiche > Cybersicherheit (CYSEC) |
| Hinterlegungsdatum: | 18 Apr 2023 07:11 |
| Letzte Änderung: | 26 Jul 2023 12:41 |
| PPN: | 509941524 |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum