Conferences >2023 IEEE International Confe...

Enabling Trusted TEE-as-a-Service Models with Privacy Preserving Automatons

Download PDF
Download References
Request Permissions
Save to
Alerts

Abstract:

The ideal TEE service model foresees that data owners load their TEE software in an untrusted platform where the specific processing of the business application can take ...Show More

Metadata

Abstract:

The ideal TEE service model foresees that data owners load their TEE software in an untrusted platform where the specific processing of the business application can take place inside an enclave, shielded against privileged attackers. In this situation, the data owner needs to trust the TEE hardware vendor only. However, it is very common that the enclave software is offered by a third-party that does not share its source code. Therefore, the service provider must be trusted as well. This is not acceptable when privacy requirements are stringent such as in the fintech ecosystem. In this paper, we propose PRIVATON, an approach based on a dual sandbox strategy leveraging TEE technologies with an embedded WebAssembly sandboxed run-time to compute privacy preserving computations modelled as finite state automatons with verifiable proofs of computations. With PRIVATON, the data owner will have the guarantee that even a malicious TEE developer will not be able to get access to the sensitive data. An implementation of PRIVATON was evaluated in the case study provided by the Credora company who is playing the role of a distributed and privacy-preserving credit oracle in the ecosystem of cryptocurrencies trading.

Published in: 2023 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

Date of Conference: 04-06 December 2023

Date Added to IEEE Xplore: 25 March 2024

ISBN Information:

ISSN Information:

DOI: 10.1109/CloudCom59040.2023.00048

Conference Location: Naples, Italy

Contents

I. Introduction

Today’s computing services are often offered in remote environment where control over data is limited. Of the three states of data that constitute the data security triad (i.e., data-at-rest, data-in-transit, data-in-use), the most worrying situation unarguably relates to attacks targeting the data-in-use since in this state data needs to be decrypted before being processed. For this reason, in recent years, there has been a major industrial and research trend to close the gap in data security by protecting data while it is being used. The Confidential Computing Consortium [1] is bringing together hardware vendors, cloud providers, and software developers to accelerate the adoption of the most mature technology for privacy-preserving computing, i.e., hardware-assisted Trusted Execution Environment (TEE). In the ideal TEE model, a user is expected to deploy her TEE into the untrusted platform and thus have the sensitive code and data in a protected enclave of her ownership. However, it is frequent that the TEE is in the hand of a third-party allowing customers to take advantage of its benefits —i.e., protection even against malicious platform providers— without having to deal with the implementation and management of the secure enclave, also denoted as TEE-as-a-Service. Or more, the TEE could be part of a particular business service offering privacy-preserving computing to customers. In these situations, the number of entities to trust grows and the user must be confident that not only the TEE hardware vendor is benign but also that the third-party owning the TEE code is virtuous. To the best of our knowledge, there is no way to give guarantees that, e.g., a malicious TEE developer did not left a backdoor to extract sensitive data from the TEE. We found in literature some works in this area [2] [3] [4] where researchers explored the concept of a two-way sandbox to secure an application even against a malicious TEE service provider. These studies are promising but they give to customers no ways to formally verify that the TEE is secured against leakages and actually does what is expected to do.

References is not available for this document.

MIT Libraries

MIT Libraries

Enabling Trusted TEE-as-a-Service Models with Privacy Preserving Automatons

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References

IEEE Account

Purchase Details

Profile Information

Need Help?

MIT Libraries

MIT Libraries

Enabling Trusted TEE-as-a-Service Models with Privacy Preserving Automatons

Alerts

Abstract:

Metadata

Abstract:

ISSN Information:

I. Introduction

References