Autarky: Closing controlled channels with self-paging enclaves

Meni Orenbach; Andrew Baumann; Mark Silberstein

doi:10.1145/3342195.3387541

Autarky: Closing controlled channels with self-paging enclaves

Meni Orenbach, Andrew Baumann, Mark Silberstein

Technion - Israel Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

As the first widely-deployed secure enclave hardware, Intel SGX shows promise as a practical basis for confidential cloud computing. However, side channels remain SGX's greatest security weakness. Inparticular, the "controlled-channel attack" on enclave page faults exploits a longstanding architectural side channel and still lacks effective mitigation. We propose Autarky: A set of minor, backward-compatible modifications to the SGX ISA that hide an enclave's page access trace from the host, and give the enclave full control over its page faults. A trusted library OS implements an enclave self-paging policy. We prototype Autarky on current SGX hardware and the Graphene library OS, implementing three paging schemes: A fast software oblivious RAM system made practical by leveraging the proposed ISA, a novel page cluster abstraction for application-Aware secure self-paging, and a rate-limiting paging mechanism for unmodified binaries. Overall, Autarky provides a comprehensive defense for controlled-channel attacks which supports efficient secure demand paging, and adds no overheads in page-fault free execution.

Original language	English
Title of host publication	Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020
ISBN (Electronic)	9781450368827
DOIs	https://doi.org/10.1145/3342195.3387541
State	Published - 15 Apr 2020
Event	15th European Conference on Computer Systems, EuroSys 2020 - Heraklion, Greece Duration: 27 Apr 2020 → 30 Apr 2020

Publication series

Name	Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020

Conference

Conference	15th European Conference on Computer Systems, EuroSys 2020
Country/Territory	Greece
City	Heraklion
Period	27/04/20 → 30/04/20

All Science Journal Classification (ASJC) codes

Information Systems
Computer Networks and Communications
Hardware and Architecture
Software
Control and Systems Engineering

Access to Document

10.1145/3342195.3387541

Cite this

@inproceedings{e51dc6bc42804b438d413c726bc64b4b,

title = "Autarky: Closing controlled channels with self-paging enclaves",

abstract = "As the first widely-deployed secure enclave hardware, Intel SGX shows promise as a practical basis for confidential cloud computing. However, side channels remain SGX's greatest security weakness. Inparticular, the {"}controlled-channel attack{"} on enclave page faults exploits a longstanding architectural side channel and still lacks effective mitigation. We propose Autarky: A set of minor, backward-compatible modifications to the SGX ISA that hide an enclave's page access trace from the host, and give the enclave full control over its page faults. A trusted library OS implements an enclave self-paging policy. We prototype Autarky on current SGX hardware and the Graphene library OS, implementing three paging schemes: A fast software oblivious RAM system made practical by leveraging the proposed ISA, a novel page cluster abstraction for application-Aware secure self-paging, and a rate-limiting paging mechanism for unmodified binaries. Overall, Autarky provides a comprehensive defense for controlled-channel attacks which supports efficient secure demand paging, and adds no overheads in page-fault free execution.",

author = "Meni Orenbach and Andrew Baumann and Mark Silberstein",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 15th European Conference on Computer Systems, EuroSys 2020 ; Conference date: 27-04-2020 Through 30-04-2020",

year = "2020",

month = apr,

day = "15",

doi = "10.1145/3342195.3387541",

language = "الإنجليزيّة",

series = "Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020",

booktitle = "Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020",

}

Orenbach, M, Baumann, A & Silberstein, M 2020, Autarky: Closing controlled channels with self-paging enclaves. in Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020. Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020, 15th European Conference on Computer Systems, EuroSys 2020, Heraklion, Greece, 27/04/20. https://doi.org/10.1145/3342195.3387541

Autarky: Closing controlled channels with self-paging enclaves. / Orenbach, Meni; Baumann, Andrew; Silberstein, Mark.
Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020. 2020. (Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Autarky

T2 - 15th European Conference on Computer Systems, EuroSys 2020

AU - Orenbach, Meni

AU - Baumann, Andrew

AU - Silberstein, Mark

PY - 2020/4/15

Y1 - 2020/4/15

N2 - As the first widely-deployed secure enclave hardware, Intel SGX shows promise as a practical basis for confidential cloud computing. However, side channels remain SGX's greatest security weakness. Inparticular, the "controlled-channel attack" on enclave page faults exploits a longstanding architectural side channel and still lacks effective mitigation. We propose Autarky: A set of minor, backward-compatible modifications to the SGX ISA that hide an enclave's page access trace from the host, and give the enclave full control over its page faults. A trusted library OS implements an enclave self-paging policy. We prototype Autarky on current SGX hardware and the Graphene library OS, implementing three paging schemes: A fast software oblivious RAM system made practical by leveraging the proposed ISA, a novel page cluster abstraction for application-Aware secure self-paging, and a rate-limiting paging mechanism for unmodified binaries. Overall, Autarky provides a comprehensive defense for controlled-channel attacks which supports efficient secure demand paging, and adds no overheads in page-fault free execution.

AB - As the first widely-deployed secure enclave hardware, Intel SGX shows promise as a practical basis for confidential cloud computing. However, side channels remain SGX's greatest security weakness. Inparticular, the "controlled-channel attack" on enclave page faults exploits a longstanding architectural side channel and still lacks effective mitigation. We propose Autarky: A set of minor, backward-compatible modifications to the SGX ISA that hide an enclave's page access trace from the host, and give the enclave full control over its page faults. A trusted library OS implements an enclave self-paging policy. We prototype Autarky on current SGX hardware and the Graphene library OS, implementing three paging schemes: A fast software oblivious RAM system made practical by leveraging the proposed ISA, a novel page cluster abstraction for application-Aware secure self-paging, and a rate-limiting paging mechanism for unmodified binaries. Overall, Autarky provides a comprehensive defense for controlled-channel attacks which supports efficient secure demand paging, and adds no overheads in page-fault free execution.

UR - http://www.scopus.com/inward/record.url?scp=85087106963&partnerID=8YFLogxK

U2 - 10.1145/3342195.3387541

DO - 10.1145/3342195.3387541

M3 - منشور من مؤتمر

T3 - Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020

BT - Proceedings of the 15th European Conference on Computer Systems, EuroSys 2020

Y2 - 27 April 2020 through 30 April 2020

ER -

Autarky: Closing controlled channels with self-paging enclaves

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this