- 中国精品科技期刊
- CCF推荐A类中文期刊
- 计算领域高质量科技期刊T1类
| Citation: |
Li Wei, Feng Wei, Qin Yu, Feng Dengguo. Scheme of Runtime Monitoring in Confidential Computing with Dynamic Integrity Measurement[J]. Journal of Computer Research and Development, 2024, 61(10): 2482-2500. DOI: 10.7544/issn1000-1239.202440480
|
Li Wei: born in 1996. PhD candidate. His main research interests include trusted execution environment and confidential computing
Feng Wei: born in 1986. PhD, associate professor. His main research interests include system security, confidential computing, and trusted computing
Qin Yu: born in 1979. PhD, senior engineer. His main research interests include confidential computing, trusted computing, and system security
Feng Dengguo: born in 1965, PhD supervisor. Academician of CAS, Senior member of CCF. His main research interests include confidential computing, cryptography, and trusted computing
Confidential computing (CC) is based on the hardware TEE, which protects the confidentiality and integrity of data in use through isolation, integrity measurement, and remote attestation, and is protected from attacks by privileged adversaries. However, the measurement and attestation mechanisms of existing CC platforms focus on the launch time integrity instead of the runtime. When potential memory vulnerabilities in user workloads are exploited by adversaries, it can lead to attacks such as control flow hijacking. The existing CC platforms that only protect integrity at startup cannot effectively prevent or detect such runtime attacks. To address that, we propose a scheme of runtime monitoring in CC based on dynamic integrity measurement. By introducing control and data flow measurements into the TEE and verifying the measurements by a trusted verifier, the remote attestation and runtime integrity protection are achieved on the CC platform. The implementation of our prototype on CSV/SEV servers with confidential VM/container architecture shows that the scheme achieves higher runtime security with about 16% performance overhead.
| [1] |
国家密码管理局. GB/T 29829−2013 信息安全技术 可信计算密码支撑平台功能与接口规范[S]. 北京:中国标准出版社,2022
State Cryptography Administration. GB/T 29829-2013 Information security techniques- Functionality and interface specification of cryptographic support platform for trusted computing[S]. Beijing: Standards Press of China, 2022 (in Chinese)
|
| [2] |
TCG. TPM 2.0 mobile reference architecture specification[S/OL]. Beaverton, OR: Trusted Computing Group, 2014[2024-06-03]. https://trustedcomputinggroup.org
|
| [3] |
Costan V, Devadas S. Intel SGX explained[J/OL]. Cryptology ePrint Archive, ePrint: 2016/086, 2016[2024-06-03]. https://eprint.iacr.org/2016/086
|
| [4] |
Wang Wenhao, Chen Guoxing, Pan Xiaorui, et al. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX[C]//Proc of the 2017 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2017: 2421−2434
|
| [5] |
Cheng P C, Ozga W, Valdez E, et al. Intel TDX demystified: A top-down approach[J]. ACM Computing Surveys, 2024, 56(9): 1−33
|
| [6] |
Lee J, Jang J, Jang Y, et al. Hacking in darkness: Return-oriented programming against secure enclaves[C]//Proc of the 26th USENIX Security Symp. Berkeley, CA: USENIX Association, 2017: 523−539
|
| [7] |
Biondo A, Conti M, Davi L, et al. The guard’s dilemma: Efficient code-reuse attacks against Intel SGX[C]//Proc of the 27th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 1213−1227
|
| [8] |
Seo J, Lee B, Kim S, et al. SGX-Shield: Enabling address space layout randomization for SGX programs[C]//Proc of Network and Distributed System Security Symp. Reston, VA: The Internet Society, 2017. http://dx.doi.org/10.14722/ndss.2017.23037
|
| [9] |
Kuvaiskii D, Oleksenko O, Arnautov S, et al. SGXBOUNDS: Memory safety for shielded execution[C]//Proc of the 12th European Conf on Computer Systems. New York: ACM, 2017: 205−221
|
| [10] |
Mishra S, Polychronakis M. SGXPecial: Specializing SGX interfaces against code reuse attacks[C]//Proc of the 16th European Conf on Computer Systems. New York: ACM, 2021: 48−54
|
| [11] |
Morbitzer M, Kopf B, Zieris P. GuaranTEE: Introducing control-flow attestation for trusted execution environments[C]//Proc of 2023 IEEE 16th Int Conf on Cloud Computing. Piscataway, NJ: IEEE, 2023: 547−553
|
| [12] |
Toffalini F, Payer M, Zhou Jianying, et al. Designing a provenance analysis for SGX enclaves[C]//Proc of the 38th Annual Computer Security Applications Conf. New York: ACM, 2022: 102−116
|
| [13] |
Lei Zhou, Ding Xuhua, Zhang Fengwei. Smile: Secure memory introspection for live enclave[C]//Proc of the 2022 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2022: 386−401
|
| [14] |
Gu Jinyu, Zhu Bojun, Li Mingyu, et al. A hardware-software co-design for efficient intra-enclave isolation[C]//Proc of the 31st USENIX Security Symp. Berkeley, CA: USENIX Association, 2022: 3129−3145
|
| [15] |
Li Wenhao, Xia Yubin, Lu Long, et al. TEEv: Virtualizing trusted execution environments on mobile platforms[C]//Proc of the 15th ACM SIGPLAN/SIGOPS Int Conf on Virtual Execution Environments. New York: ACM, 2019: 2−16
|
| [16] |
Zhao Wenjia, Lu Kangjie, Qi Yong, et al. Mptee: Bringing flexible and efficient memory protection to Intel SGX[C]//Proc of the 15th European Conf on Computer Systems. New York: ACM, 2020: 1−15
|
| [17] |
Cloosters T, Rodler M, Davi L. TeeRex: Discovery and exploitation of memory corruption vulnerabilities in SGX enclave[C]//Proc of the 29th USENIX Security Symp. Berkeley, CA: USENIX Association, 2020: 841−858
|
| [18] |
Alder F, Daniel L, Oswald D, et al. Pandora: Principled symbolic validation of Intel SGX enclave runtimes[C]//Proc of 2024 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2024. https://doi.ieeecomputersociety.org/10.1109/SP54263.2024.00090
|
| [19] |
Ghaniyoun M, Kristin B, Xiao Yuan, et al. TEESec: Pre-silicon vulnerability discovery for trusted execution environments[C]//Proc of the 50th Annual Int Symp on Computer Architecture. New York: ACM, 2023. https://doi.org/10.1145/3579371.3589070
|
| [20] |
Li Mengyuan, Wilke L, Wichelmann J, et al. A systematic look at ciphertext side channels on AMD SEV-SNP[C]//Proc of 2022 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2022: 337−351
|
| [21] |
Deng Sen, Li Mengyuan, Tang Yining, et al. CipherH: Automated detection of ciphertext side-channel vulnerabilities in cryptographic implementations[C]//Proc of the 32nd USENIX Security Symp. Berkeley, CA: USENIX Association, 2023: 6843−6860
|
| [22] |
Chen Sanchuan, Lin Zhiqiang, Zhang Yinqian. Controlled data races in enclaves: Attacks and detection[C]//Proc of the 32nd USENIX Security Symp. Berkeley, CA: USENIX Association, 2023: 4069−4086
|
| [23] |
Checkoway S, Shacham H. Iago attacks: Why the system call API is a bad untrusted RPC interface[J]. ACM SIGARCH Computer Architecture News, 2013, 41(1): 253−264
|
| [24] |
Khandaker M R, Cheng Yueqiang, Wang Zhi, et al. COIN attacks: On insecurity of enclave untrusted interfaces in SGX[C]//Proc of the 25h Int Conf on Architectural Support for Programming Languages and Operating Systems. New York: ACM, 2020: 971−985
|
| [25] |
Bulck J V, Oswald D, Marin E, et al. A tale of two worlds: Assessing the vulnerability of enclave shielding runtimes[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 1741−1758
|
| [26] |
Randazzo A, Tinnirello I. KATA Containers: An emerging architecture for enabling MEC services in fast and secure way[C]//Proc of 2019 6th Int Conf on Internet of Things: Systems, Management and Security. Piscataway, NJ: IEEE, 2019: 209−214
|
| [27] |
Petroni N L, Fraster T, Molina J, et al. Copilot - a coprocessor-based kernel runtime integrity monitor[C]//Proc of 13th USENIX Security Symp. Berkeley, CA: USENIX Association, 2004. https://www.usenix.org/conference/13th-usenix-security-symposium/copilot%E2%80%94-coprocessor-based-kernel-runtime-integrity
|
| [28] |
Moon H, Lee H, Lee J, et al. Vigilare: Toward snoop-based kernel integrity monitor[C]//Proc of the 2012 ACM Conf on Computer and Communications Security. New York: ACM, 2012: 28–37
|
| [29] |
Petroni N L, Fraser T, Walters A, et al. An architecture for specification-based detection of semantic integrity violations in kernel dynamic data[C]//Proc of the 15th USENIX Security Symp. Berkeley, CA: USENIX Association, 2006: 289–304
|
| [30] |
Loscocco P A, Wilson P W, Pendergrass J A, et al. Linux kernel integrity measurement using contextual inspection[C]//Proc of the 2007 ACM Workshop on Scalable Trusted Computing. New York: ACM, 2007: 21–29
|
| [31] |
Petroni N L, Hicks M. Automated detection of persistent kernel control-flow attacks[C]//Proc of the 14th ACM Conf on Computer and Communications Security. New York: ACM, 2007: 103–115
|
| [32] |
Dautenhahn N, Criswell J, Adve V. KCoFI: Complete control-flow integrity for commodity operating system kernels[C]//Proc of 2014 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2014: 292−307
|
| [33] |
Baliga A, Ganapathy V, Iftode L. Automatic inference and enforcement of kernel data structure invariants[C]//Proc of the 2008 Annual Computer Security Applications Conf. Piscataway, NJ: IEEE, 2008: 77−86
|
| [34] |
Carbone M, Cui Weidong, Lu Long, et al. Mapping kernel objects to enable systematic integrity checking[C]//Proc of the 16th ACM Conf on Computer and Communications Security. New York: ACM, 2009: 555–565
|
| [35] |
Lin Zhiqiang, Rhee J, Zhang Xuxian, et al. SigGraph: Brute force scanning of kernel data structure instances using graph-based signatures[C]//Proc of the 18th Annual Network & Distributed System Security Symp. Reston, VA: The Internet Society, 2011. https://www.ndss-symposium.org/ndss2011/siggraph-brute-force-scanning-of-kernel-data-structure-instances-using-graph-based-signatures/
|
| [36] |
Song Chengyu, Lee B, Lu Kangjie, et al. Enforcing kernel security invariants with data flow integrity[C]//Proc of the 23rd Annual Network & Distributed System Security Symp Proceedings. Reston, VA: The Internet Society, 2016. http://dx.doi.org/10.14722/ndss.2016.23218
|
| [37] |
刘孜文,冯登国. 基于可信计算的动态完整性度量架构[J]. 电子与信息学报,2010,32(4):875−879
Liu Ziwen, Feng Dengguo. TPM-based dynamic integrity measurement architecture[J]. Journal of Electronics & Information Technology. 2010, 32(4): 875−879 (in Chinese)
|
| [38] |
贾巧雯,马昊玉,厉严,等. 一种嵌入式Linux系统上的新型完整性度量架构[J]. 计算机研究与发展,2022,59(10):2362−2375 doi: 10.7544/issn1000-1239.20220525
Jia Qiaowen, Ma Haoyu, Li Yan, et al. A novel integrity measurement architecture for embedded Linux systems[J]. Journal of Computer Research and Development, 2022, 59(10): 2362−2375 (in Chinese) doi: 10.7544/issn1000-1239.20220525
|
| [39] |
Qin Yu, Liu Jingbin, Zhao Shijun, et al. RIPTE: Runtime integrity protection based on trusted execution for IoT device[J]. Security and Communication Networks, 2020, 2020(1): Article ID 8957641
|
| [40] |
Abadi M, Budiu M, Erlingsson U, et al. Control-flow integrity[C]//Proc of the 12th ACM Conf on Computer and Communications Security. New York: ACM, 2009: 340−353
|
| [41] |
Castro M, Costa M, Harris T. Securing software by enforcing data flow integrity[C]//Proc of the 7th Symp on Operating Systems Design and Implementation. Berkeley, CA: USENIX Association, 2006: 147−160
|
| [42] |
Abera T, Asokan N, Davi L, et al. C-FLAT: Control-flow attestation for embedded systems software[C]//Proc of the 2016 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2016: 743−754
|
| [43] |
Toffalini F, Losiouk E, Biondo A, et al. ScaRR: Scalable runtime remote attestation for complex Systems[C]//Proc of the 22nd Int Symp on Research in Attacks, Intrusions and Defenses. Berkeley, CA: USENIX Association, 2019: 121−134
|
| [44] |
Yadav N, Ganapathy V. Whole-program control-flow path attestation[C]//Proc of the 2023 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2023: 2680−2694
|
| [45] |
Abera T, Bahmani R, Brasser F, et al. DIAT: Data integrity attestation for resilient collaboration of autonomous systems[C]//Proc of Annual Network & Distributed System Security Symp Proc. Reston, VA: The Internet Society, 2019. https://dx.doi.org/10.14722/ndss.2019.23420
|
| [46] |
Sun Zhichuang, Feng Bo, Lu Long, et al. OAT: Attesting operation integrity of embedded devices[C]//Proc of 2020 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2020: 1433−1449
|
| [47] |
Wang Jinwen, Wang Yujie, Li Ao, et al. ARI: Attestation of real-time mission execution integrity[C]//Proc of 32nd USENIX Security Symp. Berkeley, CA: USENIX Association, 2023: 2761−2778
|
| [48] |
Ji Dongxu, Zhang Qianying, Zhao Shijun, et al. Guan. MicroTEE: Designing TEE OS based on the microkernel architecture[C]//Proc of 2019 18th IEEE Int Conf on Trust, Security and Privacy in Computing and Communications/13th IEEE Int Conf on Big Data Science and Engineering. Piscataway, NJ: IEEE, 2019: 26−33
|
| [49] |
Toffalini F, Graziano M, Conti M, et al. SnakeGX: A sneaky attack against SGX enclaves[C]//Proc of Int Conf on Applied Cryptography and Network Security. Berlin: Springer, 2021: 333−362
|
| [50] |
Ding Ren, Qian Chenxiong, Song Chengyu, et al. Efficient protection of path-sensitive control security[C]//Proc of 26th USENIX Security Symp. Berkeley, CA: USENIX Association, 2017: 131−148
|
| [51] |
Burmester F. Retrofitting remote control-flow attestation for ARM TrustZone[D/OL]. Lubeck: University zu Lubeck, 2022[2024-06-03]. https://www.its.uni-luebeck.de/en/teaching/theses
|
| [52] |
Chen Guoxing, Zhang Yinqian, Lai T H. OPERA: Open remote attestation for Intel’s secure enclaves[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 2317–2331
|
| [53] |
Chen Guoxing, Zhang Yinqian. MAGE: Mutual attestation for a group of enclaves without trusted third parties[C]//Proc of 31st USENIX Security Symp. Berkeley, CA: USENIX Association, 2022: 4095−4110
|
| [54] |
Zhao Shixuan, Li Mengyuan, Zhang Yinqian, et al. VSGX: Virtualizing SGX enclaves on AMD SEV[C]//Proc of 2022 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 2022: 321−336
|
| [55] |
Gu Jinyu, Li Hao, Xia Yubin, et al. Unified enclave abstraction and secure enclave migration on heterogeneous security architectures[J]. Journal of Computer Science and Technology, 2022, 37(2): 468−486 doi: 10.1007/s11390-021-1083-8
|
| [56] |
Jia Yuekai, Liu Shuang, Wang Wenhao, et al. HyperEnclave: An open and cross-platform trusted execution environment[C]//Proc of 2022 USENIX Annual Technical Conf. Berkeley, CA: USENIX Association, 2022: 437−454
|
| [57] |
Pecholt J, Wessel S. CoCoTPM: Trusted platform modules for virtual machines in confidential computing environments[C]//Proc of the 38th Annual Computer Security Applications Conf. New York: ACM, 2022: 989–998
|
| [58] |
Vikram N, Claudio C, Angelo R, et al. Remote attestation of confidential VMs using ephemeral vTPMs[C]//Proc of the 39th Annual Computer Security Applications Conf. New York: ACM, 2023: 732–743
|
| [59] |
Liu Shen, Tan Gang, Trent J. PtrSplit: Supporting general pointers in automatic program partitioning[C]//Proc of the 24th ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2017: 2359−2371
|
| [60] |
Liu Shen, Zeng Dongrui, Huang Yongzhe. Program-mandering: Quantitative privilege separation[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 1023−1040
|
| [1] | Wu Haibo, Liu Hui, Sun Yi, Li Jun. A Concurrent Conflict Transaction Optimization Method for Consortium Blockchain Hyperledger Fabric[J]. Journal of Computer Research and Development, 2024, 61(8): 2110-2126. DOI: 10.7544/issn1000-1239.202220644 |
| [2] | Yang Bo, Guo Haoran, Feng Junhui, Li Ge, Jin Zhi. A Rule Conflict Detection Approach for Intelligent System of Internet of Things[J]. Journal of Computer Research and Development, 2023, 60(3): 592-605. DOI: 10.7544/issn1000-1239.202110941 |
| [3] | Ding Xue’er, Niu Jun, Zhang Kaile, Mao Xinyi. Code Search Method Based on the Reachability Analysis of Petri Nets[J]. Journal of Computer Research and Development, 2022, 59(1): 236-250. DOI: 10.7544/issn1000-1239.20200586 |
| [4] | Zhou Hang, Huang Zhiqiu, Hu Jun, Zhu Yi. Real-Time System Resource Conflict Checking Based on Time Petri Nets[J]. Journal of Computer Research and Development, 2009, 46(9): 1578-1585. |
| [5] | Zhao Mingfeng, Song Wen, Yang Yixian. Confusion Detection Based on Petri-Net[J]. Journal of Computer Research and Development, 2008, 45(10): 1631-1637. |
| [6] | Cui Huanqing and Wu Zhehui. Structural Properties of Parallel Program's Petri Net Model[J]. Journal of Computer Research and Development, 2007, 44(12): 2130-2135. |
| [7] | Lao Songyang, Huang Guanglian, Alan F. Smeaton, Gareth J. F. Jones, Hyowon Lee. A Query Description Model of Soccer Video Based on BSU Composite Petri-Net[J]. Journal of Computer Research and Development, 2006, 43(1): 159-168. |
| [8] | Li Botao and Luo Junzhou. Modeling and Analysis of Non-Repudiation Protocols by Using Petri Nets[J]. Journal of Computer Research and Development, 2005, 42(9): 1571-1577. |
| [9] | Yao Jian, Mao Bing, and Xie Li. A DAG-Based Security Policy Conflicts Detection Method[J]. Journal of Computer Research and Development, 2005, 42(7): 1108-1114. |
| [10] | Jiang Hao and Dong Yisheng. A Time Performance Evaluation Method for Workflow Based on Extended Timed Petri Net[J]. Journal of Computer Research and Development, 2005, 42(5): 849-855. |
微信订阅号
(实时资讯)
微信服务号
(同步网站)
微信视频号
(视频分享)
CCF
(扫码入会)
Copyright © Editorial Department of Computer Research and Development
Supported by: Beijing Renhe Information Technology Co.,
Ltd. 
DownLoad: