Flexible Software Isolation for Modern Computing Environment
Event details
Date | 13.06.2022 |
Hour | 16:00 › 18:00 |
Speaker | Charly Castes |
Location | |
Category | Conferences - Seminars |
EDIC candidacy exam
Exam president: Prof. Mathias Payer
Thesis advisor: Prof. Edouard Bugnion
Co-examiner: Prof. James Larus
Abstract
The last two decades saw the birth and flourishing development of trusted execution environments, motivated by security, confidentiality, and privacy concerns due to increasing software complexity and adoption of public clouds in modern infrastructures. Despite the impressive diversity of proposed environments and intensive research from both academia and industry, no unifying design has emerged yet.
In this proposal, we discuss in chronological order three designs of trusted execution environments that serve as motivation for our research. We highlight the underlying mechanisms used by these environments, the evolution of available technology, and current limitations. In the light of previous works, we propose our research direction aiming at identifying and implementing the minimal requirements for trusted execution environments, enabling more flexible designs on top of a unifying abstraction.
Background papers
- Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems
https://dl.acm.org/doi/pdf/10.1145/1353535.1346284
- TrustVisor: Efficient TCB Reduction and Attestation
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5504713
- SCONE: Secure Linux Containers with Intel SGX
https://www.usenix.org/system/files/conference/osdi16/osdi16-arnautov.pdf
Exam president: Prof. Mathias Payer
Thesis advisor: Prof. Edouard Bugnion
Co-examiner: Prof. James Larus
Abstract
The last two decades saw the birth and flourishing development of trusted execution environments, motivated by security, confidentiality, and privacy concerns due to increasing software complexity and adoption of public clouds in modern infrastructures. Despite the impressive diversity of proposed environments and intensive research from both academia and industry, no unifying design has emerged yet.
In this proposal, we discuss in chronological order three designs of trusted execution environments that serve as motivation for our research. We highlight the underlying mechanisms used by these environments, the evolution of available technology, and current limitations. In the light of previous works, we propose our research direction aiming at identifying and implementing the minimal requirements for trusted execution environments, enabling more flexible designs on top of a unifying abstraction.
Background papers
- Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems
https://dl.acm.org/doi/pdf/10.1145/1353535.1346284
- TrustVisor: Efficient TCB Reduction and Attestation
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5504713
- SCONE: Secure Linux Containers with Intel SGX
https://www.usenix.org/system/files/conference/osdi16/osdi16-arnautov.pdf
Practical information
- General public
- Free