Securing applications using trusted execution environments
File(s)
Author(s)
Lind, Joshua David
Type
Thesis or dissertation
Abstract
Trusted execution environments (TEEs) have recently emerged as a powerful primitive for securing applications and protecting sensitive data. By employing hardware isolation in existing CPUs, TEEs offer a novel application security model: only the CPU and the isolated application code and data need to be trusted; all other software and hardware components are untrusted. This allows applications to execute with confidentiality and integrity guarantees.
However, TEEs are not a panacea: they pose fundamental security challenges that make it difficult for applications to leverage security guarantees: (1) as all code and data isolated by the TEE is trusted to be free from software bugs, applications must minimise the amount of trusted code and data. This reduces the size of the trusted computing base (TCB), and the risk of application vulnerabilities; (2) as all components outside the TEE are unprotected, e.g., the operating system and hardware peripherals, these components are untrusted and potentially malicious. Applications must therefore secure the TEE boundary interfaces between trusted and untrusted components, as these interfaces expose attack vectors; and (3) as TEEs do not provide availability guarantees, and current TEE implementations are vulnerable to attacks, e.g., side-channel attacks, applications must be designed to tolerate TEE failures and compromises.
In this thesis, we explore how applications can overcome the security challenges posed by the use of TEEs. We provide the following contributions:
1. Minimising the trusted computing base (TCB).
To minimise the TCB of applications and reduce the risk of vulnerabilities, we propose automatic application partitioning for TEEs: a principled approach for partitioning existing applications to be deployed with TEEs. Our approach partitions applications into security-sensitive and security-insensitive parts, and: (i) protects security-sensitive code and data by placing it into the TEE; and (ii) provides guarantees that the security-sensitive code cannot violate the confidentiality or integrity of security-sensitive data, even under attack.
2. Securing TEE boundary interfaces.
To secure applications against TEE boundary interface attacks, we propose a set of TEE interface design principles. By following these design principles, applications can: (i) better protect the confidentiality and integrity of security-sensitive information that crosses the boundary interface; and (ii) avoid leaking sensitive information about application execution, e.g., by exposing side-channel information through interface calls. By securing TEE boundary interfaces in this way, applications can maintain confidentiality and integrity guarantees even when interacting with untrusted and malicious components.
3. Tolerating TEE failures and compromises.
To tolerate TEE failures and compromises, we propose applications employ TEE-heterogeneity: the protection of security-critical functionality using multiple heterogeneous TEEs. By employing TEE-heterogeneity, applications: (i) tolerate independent TEE failures and compromises, as they adopt decentralised architectures that avoid relying on a single TEE; and (ii) tolerate global TEE failures and compromises, as they employ heterogeneous TEEs, protecting against vulnerabilities that can simultaneously compromise all TEEs in the deployment.
However, TEEs are not a panacea: they pose fundamental security challenges that make it difficult for applications to leverage security guarantees: (1) as all code and data isolated by the TEE is trusted to be free from software bugs, applications must minimise the amount of trusted code and data. This reduces the size of the trusted computing base (TCB), and the risk of application vulnerabilities; (2) as all components outside the TEE are unprotected, e.g., the operating system and hardware peripherals, these components are untrusted and potentially malicious. Applications must therefore secure the TEE boundary interfaces between trusted and untrusted components, as these interfaces expose attack vectors; and (3) as TEEs do not provide availability guarantees, and current TEE implementations are vulnerable to attacks, e.g., side-channel attacks, applications must be designed to tolerate TEE failures and compromises.
In this thesis, we explore how applications can overcome the security challenges posed by the use of TEEs. We provide the following contributions:
1. Minimising the trusted computing base (TCB).
To minimise the TCB of applications and reduce the risk of vulnerabilities, we propose automatic application partitioning for TEEs: a principled approach for partitioning existing applications to be deployed with TEEs. Our approach partitions applications into security-sensitive and security-insensitive parts, and: (i) protects security-sensitive code and data by placing it into the TEE; and (ii) provides guarantees that the security-sensitive code cannot violate the confidentiality or integrity of security-sensitive data, even under attack.
2. Securing TEE boundary interfaces.
To secure applications against TEE boundary interface attacks, we propose a set of TEE interface design principles. By following these design principles, applications can: (i) better protect the confidentiality and integrity of security-sensitive information that crosses the boundary interface; and (ii) avoid leaking sensitive information about application execution, e.g., by exposing side-channel information through interface calls. By securing TEE boundary interfaces in this way, applications can maintain confidentiality and integrity guarantees even when interacting with untrusted and malicious components.
3. Tolerating TEE failures and compromises.
To tolerate TEE failures and compromises, we propose applications employ TEE-heterogeneity: the protection of security-critical functionality using multiple heterogeneous TEEs. By employing TEE-heterogeneity, applications: (i) tolerate independent TEE failures and compromises, as they adopt decentralised architectures that avoid relying on a single TEE; and (ii) tolerate global TEE failures and compromises, as they employ heterogeneous TEEs, protecting against vulnerabilities that can simultaneously compromise all TEEs in the deployment.
Version
Open Access
Date Issued
2019-12
Date Awarded
2021-02
Copyright Statement
Creative Commons Attribution NonCommercial NoDerivatives Licence
Advisor
Pietzuch, Peter
Publisher Department
Computing
Publisher Institution
Imperial College London
Qualification Level
Doctoral
Qualification Name
Doctor of Philosophy (PhD)