Trustworthy confidential virtual machines for the masses

• URL: http://arxiv.org/abs/2402.15277v1
• Date: Fri, 23 Feb 2024 11:54:07 GMT
• Title: Trustworthy confidential virtual machines for the masses
• Authors: Anna Galanou, Khushboo Bindlish, Luca Preibsch, Yvonne-Anne Pignolet, Christof Fetzer, Rüdiger Kapitza,
• Abstract summary: We present Revelio, an approach that allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows tampering even by the service providers. We focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established.
• Score: 1.6503985024334136
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: Confidential computing alleviates the concerns of distrustful customers by removing the cloud provider from their trusted computing base and resolves their disincentive to migrate their workloads to the cloud. This is facilitated by new hardware extensions, like AMD's SEV Secure Nested Paging (SEV-SNP), which can run a whole virtual machine with confidentiality and integrity protection against a potentially malicious hypervisor owned by an untrusted cloud provider. However, the assurance of such protection to either the service providers deploying sensitive workloads or the end-users passing sensitive data to services requires sending proof to the interested parties. Service providers can retrieve such proof by performing remote attestation while end-users have typically no means to acquire this proof or validate its correctness and therefore have to rely on the trustworthiness of the service providers. In this paper, we present Revelio, an approach that features two main contributions: i) it allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows any tampering even by the service providers and ii) it empowers users to easily validate their integrity. In particular, we focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established. To highlight the benefits of Revelio, we discuss how a standalone stateful VM that hosts an open-source collaboration office suite can be secured and present a replicated protocol proxy that enables commodity users to securely access the Internet Computer, a decentralized blockchain infrastructure.

Related papers

• Confidential Prompting: Protecting User Prompts from Cloud LLM Providers [0.688204255655161]
  We introduce Secure Multi-party Decoding (SMD) to confine user prompts to a trusted execution environment. We also introduce a novel cryptographic method, Prompt Obfuscation (PO) to ensure robustness against reconstruction attacks. Our solution can enable privacy-preserving cloud LLM services that handle sensitive prompts, such as clinical records, financial data, and personal information.
  arXiv  Detail & Related papers  (2024-09-27T20:32:42Z)
• CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing [0.757843972001219]
  Cloud-native applications rely on orchestration and have their services frequently restarted. During restarts, attackers can revert the state of confidential services to a previous version that may aid their malicious intent. This paper presents CRISP, a rollback protection mechanism that uses an existing runtime for Intel SGX and transparently prevents rollback.
  arXiv  Detail & Related papers  (2024-08-13T11:29:30Z)
• Confidential Federated Computations [16.415880530250092]
  Federated Learning and Analytics (FLA) have seen widespread adoption by technology platforms for processing sensitive on-device data. FLA systems do not necessarily require anonymization mechanisms like differential privacy (DP) This paper introduces a novel system architecture that leverages trusted execution environments (TEEs) and open-sourcing to ensure confidentiality of server-side computations.
  arXiv  Detail & Related papers  (2024-04-16T17:47:27Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
  Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
  arXiv  Detail & Related papers  (2024-01-03T07:47:22Z)
• Robust and Actively Secure Serverless Collaborative Learning [48.01929996757643]
  Collaborative machine learning (ML) is widely used to enable institutions to learn better models from distributed data. While collaborative approaches to learning intuitively protect user data, they remain vulnerable to either the server, the clients, or both. We propose a peer-to-peer (P2P) learning scheme that is secure against malicious servers and robust to malicious clients.
  arXiv  Detail & Related papers  (2023-10-25T14:43:03Z)
• Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker [49.1574468325115]
  Software services place implicit trust in the cloud provider, without an explicit trust relationship. There is currently no cloud provider that exposes Trusted Platform Module capabilities. We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
  arXiv  Detail & Related papers  (2023-10-05T13:13:55Z)
• Collusion Resistant Federated Learning with Oblivious Distributed Differential Privacy [4.951247283741297]
  Privacy-preserving federated learning enables a population of distributed clients to jointly learn a shared model. We present an efficient mechanism based on oblivious distributed differential privacy that is the first to protect against such client collusion. We conclude with empirical analysis of the protocol's execution speed, learning accuracy, and privacy performance on two data sets.
  arXiv  Detail & Related papers  (2022-02-20T19:52:53Z)
• Secure Byzantine-Robust Machine Learning [61.03711813598128]
  We propose a secure two-server protocol that offers both input privacy and Byzantine-robustness. In addition, this protocol is communication-efficient, fault-tolerant and enjoys local differential privacy.
  arXiv  Detail & Related papers  (2020-06-08T16:55:15Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.