Towards Trust Proof for Secure Confidential Virtual Machines
- URL: http://arxiv.org/abs/2405.01030v1
- Date: Thu, 2 May 2024 06:13:21 GMT
- Title: Towards Trust Proof for Secure Confidential Virtual Machines
- Authors: Jingkai Mao, Haoran Zhu, Junchao Fan, Lin Li, Xiaolin Chang,
- Abstract summary: AMD Secure-Encrypted-Virtualization (SEV) enables the establishment of Confidential (CVMs) to protect data privacy.
CVM lacks ways to provide the trust proof of its running state, degrading user confidence of using CVM.
This paper proposes an approach to generate the trust proof for AMD SEV-based CVM so as to ensure its security.
- Score: 7.554352010243056
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The Virtual Machine (VM)-based Trusted-Execution-Environment (TEE) technology, like AMD Secure-Encrypted-Virtualization (SEV), enables the establishment of Confidential VMs (CVMs) to protect data privacy. But CVM lacks ways to provide the trust proof of its running state, degrading the user confidence of using CVM. The technology of virtual Trusted Platform Module (vTPM) can be used to generate trust proof for CVM. However, the existing vTPM-based approaches have the weaknesses like lack of a well-defined root-of-trust, lack of vTPM protection, and lack of vTPM's trust proof. These weaknesses prevent the generation of the trust proof of the CVM. This paper proposes an approach to generate the trust proof for AMD SEV-based CVM so as to ensure its security by using a secure vTPM to construct Trusted Complete Chain for the CVM (T3CVM). T3CVM consists of three components: 1) TR-Manager, as the well-defined root-of-trust, helps to build complete trust chains for CVMs; 2) CN-TPMCVM, a special CVM provides secure vTPMs; 3) CN-CDriver, an enhanced TPM driver. Our approach overcomes the weaknesses of existing approaches and enables trusted computing-based applications to run seamlessly in the trusted CVM. We perform a formal security analysis of T3CVM, and implement a prototype system to evaluate its performance.
Related papers
- Cabin: Confining Untrusted Programs within Confidential VMs [13.022056111810599]
Confidential computing safeguards sensitive computations from untrusted clouds.
CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel weaknesses.
This study proposes Cabin, an isolated execution framework within guest VM utilizing the latest AMD SEV-SNP technology.
arXiv Detail & Related papers (2024-07-17T06:23:28Z) - SNPGuard: Remote Attestation of SEV-SNP VMs Using Open Source Tools [3.7752830020595796]
Cloud computing is a ubiquitous solution to handle today's complex computing demands.
VM-based Trusted Execution Environments (TEEs) are a promising solution to solve this issue.
They provide strong isolation guarantees to lock out the cloud service provider.
arXiv Detail & Related papers (2024-06-03T10:48:30Z) - Decoding Compressed Trust: Scrutinizing the Trustworthiness of Efficient LLMs Under Compression [109.23761449840222]
This study conducts the first, thorough evaluation of leading Large Language Models (LLMs)
We find that quantization is currently a more effective approach than pruning in achieving efficiency and trustworthiness simultaneously.
arXiv Detail & Related papers (2024-03-18T01:38:19Z) - Bridge the Future: High-Performance Networks in Confidential VMs without Trusted I/O devices [9.554247218443939]
Trusted I/O (TIO) is an appealing solution to improve I/O performance for confidential impact (CVMs)
This paper emphasizes that not all types of I/O can derive substantial benefits from TIO, particularly network I/O.
We present FOlio, a software solution crafted from a secure and efficient Data Plane Development Kit (DPDK) extension.
arXiv Detail & Related papers (2024-03-05T23:06:34Z) - Trustworthy confidential virtual machines for the masses [1.6503985024334136]
We present Revelio, an approach that allows confidential virtual machine (VM)-based workloads to be designed and deployed in a way that disallows tampering even by the service providers.
We focus on web-facing workloads, protect them leveraging SEV-SNP, and enable end-users to remotely attest them seamlessly each time a new web session is established.
arXiv Detail & Related papers (2024-02-23T11:54:07Z) - HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs)
TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks.
We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z) - Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker [49.1574468325115]
Software services place implicit trust in the cloud provider, without an explicit trust relationship.
There is currently no cloud provider that exposes Trusted Platform Module capabilities.
We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
arXiv Detail & Related papers (2023-10-05T13:13:55Z) - SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes.
SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices.
We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z) - TrustGuard: GNN-based Robust and Explainable Trust Evaluation with
Dynamicity Support [59.41529066449414]
We propose TrustGuard, a GNN-based accurate trust evaluation model that supports trust dynamicity.
TrustGuard is designed with a layered architecture that contains a snapshot input layer, a spatial aggregation layer, a temporal aggregation layer, and a prediction layer.
Experiments show that TrustGuard outperforms state-of-the-art GNN-based trust evaluation models with respect to trust prediction across single-timeslot and multi-timeslot.
arXiv Detail & Related papers (2023-06-23T07:39:12Z) - Evaluating robustness of support vector machines with the Lagrangian
dual approach [6.868150350359336]
We propose a method to improve the verification performance for vector machines (SVMs) with nonlinear kernels.
We evaluate the adversarial robustness of SVMs with linear and nonlinear kernels on the MNIST and Fashion-MNIST datasets.
The experimental results show that the percentage of provable robustness obtained by our method on the test set is better than that of the state-of-the-art.
arXiv Detail & Related papers (2023-06-05T07:15:54Z) - S3PRL-VC: Open-source Voice Conversion Framework with Self-supervised
Speech Representations [124.2620985250939]
This paper introduces S3PRL-VC, an open-source voice conversion framework based on the S3PRL toolkit.
In this work, we provide a series of in-depth analyses by benchmarking on the two tasks in VCC 2020.
We show that S3R is comparable with VCC 2020 top systems in the A2O setting in terms of similarity, and state-of-the-art in S3R-based A2A VC.
arXiv Detail & Related papers (2021-10-12T19:01:52Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.