Trusted execution environments (TEEs) promise a cost-effective, “lift-and-shift” solution for deploying security-sensitive applications in untrusted clouds. For this, they must support rich, multi-component applications, but a large trusted computing base (TCB) inside the TEE risks that attackers can compromise application security. Fine-grained compartmentalisation can increase security through defense-in-depth, but current solutions either run all software components unprotected in the same TEE, lack efficient shared memory support, or isolate application processes using separate TEEs, impacting performance and compatibility. We describe the Spons & Shields framework (SSF) for Intel SGX TEEs, which offers intra-TEE compartmentalisation using two new abstraction, Spons and Shields. Spons and Shields generalise process, library and user/kernel isolation inside the TEE while allowing for efficient memory sharing. When users deploy unmodified multi-component applications in a TEE, SSF dynamically creates Spons (one per POSIX process or library) and Shields (to enforce a given security policy for memory accesses). Applications can be hardened with minor code changes, e.g., by using a separate Shield to isolate an SSL library. SSF uses compiler instrumentation to protect Shield boundaries, exploiting MPX instructions if available. We evaluate SSF using a complex application service (NGINX, PHP interpreter and PostgreSQL) and show that its overhead is comparable to process isolation.
Fri 16 AprDisplayed time zone: Pacific Time (US & Canada) change
14:00 - 15:30 | |||
14:00 30mTalk | Adaptive Live Migration of Virtual Machines under Limited Network Bandwidth Research Papers Handong Li , Xiao Guangrong , Yulei Zhang , Ping Gao , Qiumin Lu , Jianguo Yao Shanghai Jiao Tong University DOI | ||
14:30 30mTalk | How to Design a Library OS for Practical Containers? Research Papers DOI Media Attached | ||
15:00 30mTalk | Spons & Shields: Practical Isolation for Trusted Execution Research Papers Vasily Sartakov Imperial College London, Dan O'Keeffe , Dave Eyers University of Otago, Lluís Vilanova , Peter Pietzuch Imperial College London DOI |