Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker
- URL: http://arxiv.org/abs/2310.03522v1
- Date: Thu, 5 Oct 2023 13:13:55 GMT
- Title: Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker
- Authors: Melker Veltman, Alexandra Parkegren, Victor Morel
- Abstract summary: Software services place implicit trust in the cloud provider, without an explicit trust relationship.
There is currently no cloud provider that exposes Trusted Platform Module capabilities.
We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
- Score: 49.1574468325115
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: When software services use cloud providers to run their workloads, they place
implicit trust in the cloud provider, without an explicit trust relationship.
One way to achieve such explicit trust in a computer system is to use a
hardware Trusted Platform Module (TPM), a coprocessor for trusted computing.
However, in the case of managed platform-as-a-service (PaaS) offerings, there
is currently no cloud provider that exposes TPM capabilities. In this paper, we
improve trust by integrating a virtual TPM device into the Firecracker
hypervisor, originally developed by Amazon Web Services. In addition to this,
multiple performance tests along with an attack surface analysis are performed
to evaluate the impact of the changes introduced. We discuss the results and
conclude that the slight performance decrease and attack surface increase are
acceptable trade-offs in order to enable trusted computing in PaaS offerings.
Related papers
- SRAS: Self-governed Remote Attestation Scheme for Multi-party Collaboration [1.6646558152898505]
In multi-party cloud computing, how to select a Relying Party to verify the TEE of each party and avoid leaking sensitive data to each other remains an open question.
We propose SRAS, an open self-governed remote attestation scheme with verification functions for verifying the trustworthiness of TEEs and computing assets.
We provide an open-source prototype implementation of SRAS to facilitate the adoption of this technology by cloud users or developers.
arXiv Detail & Related papers (2024-07-04T08:57:18Z) - Formal Security Analysis of the AMD SEV-SNP Software Interface [0.0]
AMD Secure Encrypted technologies enable confidential computing by protecting virtual machines from highly privileged software such as hypervisors.
We develop the first, comprehensive symbolic model of the software interface of the latest SEV iteration called SEV Secure Nested Paging (SEV-SNP)
arXiv Detail & Related papers (2024-03-15T13:39:55Z) - Trustworthy confidential virtual machines for the masses [1.6503985024334136]
We present Revelio, an approach that allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows tampering even by the service providers.
We focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established.
arXiv Detail & Related papers (2024-02-23T11:54:07Z) - HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs)
TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks.
We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z) - Microarchitectural Security of AWS Firecracker VMM for Serverless Cloud Platforms [9.345368209757495]
Firecracker is a virtual machine manager built by Amazon Web Services (AWS) for serverless cloud platforms.
We show that AWS overstates the security inherent to the Firecracker VMM and provides incomplete guidance for properly securing cloud systems that use Firecracker.
arXiv Detail & Related papers (2023-11-27T16:46:03Z) - Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard.
TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent.
This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z) - Robust and Actively Secure Serverless Collaborative Learning [48.01929996757643]
Collaborative machine learning (ML) is widely used to enable institutions to learn better models from distributed data.
While collaborative approaches to learning intuitively protect user data, they remain vulnerable to either the server, the clients, or both.
We propose a peer-to-peer (P2P) learning scheme that is secure against malicious servers and robust to malicious clients.
arXiv Detail & Related papers (2023-10-25T14:43:03Z) - SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes.
SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices.
We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z) - Federated Learning with Unreliable Clients: Performance Analysis and
Mechanism Design [76.29738151117583]
Federated Learning (FL) has become a promising tool for training effective machine learning models among distributed clients.
However, low quality models could be uploaded to the aggregator server by unreliable clients, leading to a degradation or even a collapse of training.
We model these unreliable behaviors of clients and propose a defensive mechanism to mitigate such a security risk.
arXiv Detail & Related papers (2021-05-10T08:02:27Z) - Perun: Secure Multi-Stakeholder Machine Learning Framework with GPU
Support [1.5362025549031049]
Perun is a framework for confidential multi-stakeholder machine learning.
It executes ML training on hardware accelerators (e.g., GPU) while providing security guarantees.
During the ML training on CIFAR-10 and real-world medical datasets, Perun achieved a 161x to 1560x speedup.
arXiv Detail & Related papers (2021-03-31T08:31:07Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.