BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Memento EPFL// BEGIN:VEVENT SUMMARY:IC Colloquium: Co-designing systems software and hardware for conf idential computing DTSTART:20210211T150000 DTEND:20210211T160000 DTSTAMP:20260406T210206Z UID:76fd15dd03a320176a109ae0f0ec8cf79711d9f9d948a52dc56d45d1 CATEGORIES:Conferences - Seminars DESCRIPTION:By: Andrew Baumann - Microsoft Research\n\nAbstract\nGeneral-p urpose “trusted computing” platforms have largely failed to inspire tr ust. Rather\, security for many cloud applications rests on a messy combin ation of cryptography\, reputation\, law\, and blind faith. As more comput ation moves to the cloud\, this is a serious concern: users rely on both t he cloud provider's staff and its globally-distributed software/hardware p latform not to expose any of their private data.\n\nIn this talk\, I'll fi rst introduce the notion of confidential computing\, which protects the co nfidentiality and integrity of a program and its data from the platform on which it runs (e.g.\, the cloud operator's host OS\, VMM and firmware)\, before presenting two systems that implement it in different ways. The fir st\, Haven\, leverages Intel SGX hardware and a library OS to demonstrate “shielded execution” of unmodified applications\, including SQL Server and Apache\, in an enclave. Insights from Haven informed the design of SG X\, which is now the basis of confidential computing offerings by major cl oud providers.\n\nHowever\, to implement SGX\, Intel extended the x86 arch itecture with an isolation mechanism approaching the complexity of an OS m icrokernel\, implemented by an inscrutable mix of silicon and microcode. W hile hardware-based security can improve performance and offer features th at are difficult or impossible to achieve in pure software\, hardware-only solutions are difficult to update\, either to patch security flaws or int roduce new features. Such updates are also dependent on the slowing deploy ment of new CPUs.\n\nThe second system\, Komodo illustrates an alternative approach. Komodo decouples the core hardware mechanisms such as memory en cryption\, address-space isolation and attestation from a privileged softw are monitor that in turn implements enclaves. The monitor is backed by a m achine-checkable proof of both functional correctness and high-level secur ity properties of enclave integrity and confidentiality. A prototype in ve rified assembly code on an ARM TrustZone platform demonstrates the practic ality of the approach.\n\nBio\nAndrew Baumann is a Principal Researcher at Microsoft Research\, Redmond\, which he joined in 2010 after completing a post-doctorate at ETH Zurich and a PhD at The University of New South Wal es. His research interests are operating systems and systems security\, wi th a particular focus on problems driven by hardware evolution\, or close to the hardware/software\nboundary. His significant research projects incl ude the Barrelfish multikernel OS\, Drawbridge library OS\, and Haven trus ted cloud platform. Andrew has published at and served on the program comm ittees of conferences such as SOSP\, OSDI\, EuroSys\, NSDI\, ASPLOS\, and Usenix ATC\, and served as program co-chair for VEE 2020. His work receive d best paper awards at OSDI 2014 and SOSP 2019\, and the SIGOPS hall of fa me award in 2020.\n\nMore information LOCATION:https://epfl.zoom.us/j/83368442605?pwd=NE9zWEYrRjBCd0IxS0dJOERHZH QrQT09 STATUS:CONFIRMED END:VEVENT END:VCALENDAR