Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker

• URL: http://arxiv.org/abs/2310.03522v1
• Date: Thu, 5 Oct 2023 13:13:55 GMT
• Title: Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker
• Authors: Melker Veltman, Alexandra Parkegren, Victor Morel
• Abstract summary: Software services place implicit trust in the cloud provider, without an explicit trust relationship. There is currently no cloud provider that exposes Trusted Platform Module capabilities. We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
• Score: 49.1574468325115
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: When software services use cloud providers to run their workloads, they place implicit trust in the cloud provider, without an explicit trust relationship. One way to achieve such explicit trust in a computer system is to use a hardware Trusted Platform Module (TPM), a coprocessor for trusted computing. However, in the case of managed platform-as-a-service (PaaS) offerings, there is currently no cloud provider that exposes TPM capabilities. In this paper, we improve trust by integrating a virtual TPM device into the Firecracker hypervisor, originally developed by Amazon Web Services. In addition to this, multiple performance tests along with an attack surface analysis are performed to evaluate the impact of the changes introduced. We discuss the results and conclude that the slight performance decrease and attack surface increase are acceptable trade-offs in order to enable trusted computing in PaaS offerings.

Related papers

• The Impact of SBOM Generators on Vulnerability Assessment in Python: A Comparison and a Novel Approach [56.4040698609393]
  Software Bill of Materials (SBOM) has been promoted as a tool to increase transparency and verifiability in software composition. Current SBOM generation tools often suffer from inaccuracies in identifying components and dependencies. We propose PIP-sbom, a novel pip-inspired solution that addresses their shortcomings.
  arXiv  Detail & Related papers  (2024-09-10T10:12:37Z)
• Securing Network-Booting Linux Systems at the Example of bwLehrpool and bwForCluster NEMO [0.0]
  The universities of Baden-W"urttemberg are using stateless system remote boot for services such as computer labs and data centers. The aim of this work is to establish trust within this network, focusing on server-client identity, confidentiality and image authenticity.
  arXiv  Detail & Related papers  (2024-09-03T20:54:19Z)
• SRAS: Self-governed Remote Attestation Scheme for Multi-party Collaboration [1.6646558152898505]
  In multi-party cloud computing, how to select a Relying Party to verify the TEE of each party and avoid leaking sensitive data to each other remains an open question. We propose SRAS, an open self-governed remote attestation scheme with verification functions for verifying the trustworthiness of TEEs and computing assets. We provide an open-source prototype implementation of SRAS to facilitate the adoption of this technology by cloud users or developers.
  arXiv  Detail & Related papers  (2024-07-04T08:57:18Z)
• Formal Security Analysis of the AMD SEV-SNP Software Interface [0.0]
  AMD Secure Encrypted technologies enable confidential computing by protecting virtual machines from highly privileged software such as hypervisors. We develop the first, comprehensive symbolic model of the software interface of the latest SEV iteration called SEV Secure Nested Paging (SEV-SNP)
  arXiv  Detail & Related papers  (2024-03-15T13:39:55Z)
• Trustworthy confidential virtual machines for the masses [1.6503985024334136]
  We present Revelio, an approach that allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows tampering even by the service providers. We focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established.
  arXiv  Detail & Related papers  (2024-02-23T11:54:07Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms [9.345368209757495]
  Firecracker is a virtual machine manager built by Amazon Web Services (AWS) for serverless cloud platforms. We show that AWS overstates the security inherent to the Firecracker VMM and provides incomplete guidance for properly securing cloud systems that use Firecracker.
  arXiv  Detail & Related papers  (2023-11-27T16:46:03Z)
• Tamper-Evident Pairing [55.2480439325792]
  Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
  arXiv  Detail & Related papers  (2023-11-24T18:54:00Z)
• Robust and Actively Secure Serverless Collaborative Learning [48.01929996757643]
  Collaborative machine learning (ML) is widely used to enable institutions to learn better models from distributed data. While collaborative approaches to learning intuitively protect user data, they remain vulnerable to either the server, the clients, or both. We propose a peer-to-peer (P2P) learning scheme that is secure against malicious servers and robust to malicious clients.
  arXiv  Detail & Related papers  (2023-10-25T14:43:03Z)
• SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
  We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes. SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices. We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
  arXiv  Detail & Related papers  (2023-09-26T08:11:38Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.