Related papers: Confidential, Attestable, and Efficient Inter-CVM Communication with Arm CCA

Confidential, Attestable, and Efficient Inter-CVM Communication with Arm CCA

URL: http://arxiv.org/abs/2512.01594v2
Date: Tue, 02 Dec 2025 08:57:45 GMT
Title: Confidential, Attestable, and Efficient Inter-CVM Communication with Arm CCA
Authors: Sina Abdollahi, Amir Al Sadi, Marios Kogias, David Kotz, Hamed Haddadi,
Abstract summary: Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries.<n>Existing CVM architectures lack first-class mechanisms for inter-CVM data sharing.<n>We introduce CAEC, a system that enables protected memory sharing between CVMs.
Score: 5.737719088870378
License: http://creativecommons.org/licenses/by/4.0/
Abstract: Confidential Virtual Machines (CVMs) are increasingly adopted to protect sensitive workloads from privileged adversaries such as the hypervisor. While they provide strong isolation guarantees, existing CVM architectures lack first-class mechanisms for inter-CVM data sharing due to their disjoint memory model, making inter-CVM data exchange a performance bottleneck in compartmentalized or collaborative multi-CVM systems. Under this model, a CVM's accessible memory is either shared with the hypervisor or protected from both the hypervisor and all other CVMs. This design simplifies reasoning about memory ownership; however, it fundamentally precludes plaintext data sharing between CVMs because all inter-CVM communication must pass through hypervisor-accessible memory, requiring costly encryption and decryption to preserve confidentiality and integrity. In this paper, we introduce CAEC, a system that enables protected memory sharing between CVMs. CAEC builds on Arm Confidential Compute Architecture (CCA) and extends its firmware to support Confidential Shared Memory (CSM), a memory region securely shared between multiple CVMs while remaining inaccessible to the hypervisor and all non-participating CVMs. CAEC's design is fully compatible with CCA hardware and introduces only a modest increase (4%) in CCA firmware code size. CAEC delivers substantial performance benefits across a range of workloads. For instance, inter-CVM communication over CAEC achieves up to 209$\times$ reduction in CPU cycles compared to encryption-based mechanisms over hypervisor-accessible shared memory. By combining high performance, strong isolation guarantees, and attestable sharing semantics, CAEC provides a practical and scalable foundation for the next generation of trusted multi-CVM services across both edge and cloud environments.

Related papers

Proof of Cloud: Data Center Execution Assurance for Confidential VMs [3.3382699707745522]
Data Center Execution Assurance (DCEA) is a design generating "Proofs of Cloud"<n>DCEA binds a CVM to its underlying platform using vTPM-anchored measurements, ensuring CVM launch evidence and TPM quotes refer to the same physical chassis.<n>Our approach applies to CVMs accessing vTPMs and running on top of software stacks fully controlled by the cloud provider.
arXiv Detail & Related papers (2025-10-14T13:01:48Z)
Towards Reliable Service Provisioning for Dynamic UAV Clusters in Low-Altitude Economy Networks [48.73244147035607]
Unmanned Aerial Vehicle (UAV) cluster services are crucial for promoting the low-altitude economy by enabling scalable, flexible, and adaptive aerial networks.<n>We propose a Lightweight and Privacy-Preserving Cluster Authentication and Session Key Update (LP2-CA) scheme for dynamic UAV clusters in low-altitude economy networks.
arXiv Detail & Related papers (2025-09-07T15:54:11Z)
NanoZone: Scalable, Efficient, and Secure Memory Protection for Arm CCA [4.597444093276292]
Arm Confidential Computing Architecture (CCA) currently isolates at the granularity of an entire Confidential Virtual Machine (CVM)<n>We extend CCA with a three-tier zone model that spawns an unlimited number of lightweight isolation domains inside a single process.<n>To block domain-switch abuse, we also add a fast user-level Code-Pointer Integrity (CPI) mechanism.
arXiv Detail & Related papers (2025-06-08T07:55:48Z)
Efficiently Disentangling CLIP for Multi-Object Perception [62.523137132812764]
Vision-language models like CLIP excel at recognizing the single, prominent object in a scene, but struggle in complex scenes containing multiple objects.<n>We propose DCLIP, an efficient framework that learns an optimal level of mutual information while adding only minimal learnable parameters to a frozen VLM.
arXiv Detail & Related papers (2025-02-05T08:20:31Z)
CSR:Achieving 1 Bit Key-Value Cache via Sparse Representation [63.65323577445951]
We propose a novel approach called Cache Sparse Representation (CSR)<n>CSR transforms the dense Key-Value cache tensor into sparse indexes and weights, offering a more memory-efficient representation during LLM inference.<n>Our experiments demonstrate CSR achieves performance comparable to state-of-the-art KV cache quantization algorithms.
arXiv Detail & Related papers (2024-12-16T13:01:53Z)
Ditto: Elastic Confidential VMs with Secure and Dynamic CPU Scaling [35.971391128345125]
"Elastic CVM" and the Worker vCPU design pave the way for more flexible and cost-effective confidential computing environments. "Elastic CVM" and the Worker vCPU design not only optimize cloud resource utilization but also pave the way for more flexible and cost-effective confidential computing environments.
arXiv Detail & Related papers (2024-09-23T20:52:10Z)
Devlore: Extending Arm CCA to Integrated Devices A Journey Beyond Memory to Interrupt Isolation [10.221747752230131]
Arm Confidential Computing Architecture executes sensitive computation in an abstraction called realm. CCA does not allow integrated devices on the platform to access realm. We present Devlore which allows realm to directly access integrated peripherals.
arXiv Detail & Related papers (2024-08-11T17:33:48Z)
CORM: Cache Optimization with Recent Message for Large Language Model Inference [57.109354287786154]
We introduce an innovative method for optimizing the KV cache, which considerably minimizes its memory footprint. CORM, a KV cache eviction policy, dynamically retains essential key-value pairs for inference without the need for model fine-tuning. Our validation shows that CORM reduces the inference memory usage of KV cache by up to 70% with negligible performance degradation across six tasks in LongBench.
arXiv Detail & Related papers (2024-04-24T16:11:54Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
virtCCA: Virtualized Arm Confidential Compute Architecture with TrustZone [14.919299635479046]
ARM recently introduced the Confidential Compute Architecture (CCA) as part of the upcoming ARMv9-A architecture. We present virtCCA, an architecture that facilitates CCA using TrustZone, a mature hardware feature available on existing ARM platforms. virtCCA is fully compatible with the CCA specifications at the API level.
arXiv Detail & Related papers (2023-06-19T15:19:50Z)
Dual Cluster Contrastive learning for Person Re-Identification [78.42770787790532]
We formulate a unified cluster contrastive framework, named Dual Cluster Contrastive learning (DCC) DCC maintains two types of memory banks: individual and centroid cluster memory banks. It can be easily applied for unsupervised or supervised person ReID.
arXiv Detail & Related papers (2021-12-09T02:43:25Z)

This list is automatically generated from the titles and abstracts of the papers in this site.