3. Cloud Computing has been widely adopted thanks to its many advantages
• Deployment cost reduction
• Physical resource sharing between VM using virtualization
But, cloud computing has opened the door for many additional threats as customers share the same physical resources
Two main families: Software-based solutions, Hardware-based solutions
4. Software-based solutions
• The first cloud security solutions to show up in the market
Easy to implement, inexpensive and offer the ability to review and upgrade implementations.
• But, Insufficient to protect VM
Because, VM require a trusted hypervisor with millions of lines of code (LOC) in TCB*
code injection, code reuses, fork, roll-back, rootkit attack.. etc
* TCB: Trust Computing Base
5. Hardware-based solutions
• Use dedicated Integrated Circuits (IC) or separate processor designed specifically to provide security operations
• Industrial-scale
1. TPM: Trust Processor Module
2. Intel TXT: Trust eXecution Technology
3. ARM TrustZone
4. AMD SEV: Secure Execution Virtualization
5. Intel SGX: Software Guard eXtention
• Theses solution can be leveraged by CSP* to offer a TEE** for end-users to execute their application in cloud
* CSP: Cloud Service Provider
* TEE: Trusted Execution Environment
6. Compare four industrial-scale hardware-based security solutions
• Four Industrial-scale
1. Intel TXT ( include Intel TPM )
2. ARM TrustZone
3. AMD SEV
4. Intel SGX
* TEE: Trusted Execution Environment
7. Fig.1 Intel TXT components
* VT-d: VMDirectPath (Direct input/output from vm to pcie host os (esxi, xen, etc.) device)
** ACM: Authenticated Code Module
Trust eXecution Technology)
• IOH/PCH ( leveraging Intel VT-d* tech.)
8. Fig.3 Hardware components interation in ARM TrustZone
* SMC: System Monitor Call
Fig.2 Processor modes in ARM TrustZone
• Provides a secure execution environment by splitting
computer resources into execution worlds
: Normal World, Secure World, (Moniter Mode)
• NS bit is triggered by SMC* on Moniter Mode
• Secure World --> Normal World (o)
• Secure World <-- Normal World (x)
9. Secure Execution Virtualization)
• Encrpyts transparently the memory contents of a VM
with a unique key for each guest VM.
• The management of these keys and the secure data
transfer is handled by the SEV firmware.
• Encypting VMs can help protecting them from physical
threats, other VMs threats or even the VMM itself.
• AMD SME* encrypts all the system memory with a
single key that is generated by the AMD Secure
Processor at boot.
• It does not require any application s/w changes,
vm's encrpytion is performed by hardware engines.
Fig.4 AMD SEV architecute
* SME: Secure Memory Encryption
10. Intel SGX
• Protect a portion of their address spaces and secure their
code and data within containers called enclaves.
• A new set of CPU instructions allowing a user application to
create enclaves as a hardware-assisted TEE.
• The untrusted section and the trusted section
• Secret data/code are located in the trusted section, and are
accessed from the untrusted section through SGX call gates.
• With the upcoming version SGX v2, a new feature called
oversubscribing will allow multiple VMs to share the EPC *.
* EPC: Enclave Page Cache
Fig.5 Intel SGX trusted execution path
17. • Hardware-based security solutions are a promising way toward a trusted cloud computing enviroment
• We presented four industrial-scale hardware-based trust solutions: Intel TXT, ARM TrustZone, AMD SEV, Intel SGX
• According to our comparison with respect to three criteria categories.
• Intel SGX is a better chocie, but still not the best.
• Requires code modification of legacy application
• Puts the responsibility on the application developers to write code that resists to side channel attacks
