CRC: Fully General Model of Confidential Remote Computing

by   Kubilay Ahmet Küçük, et al.

Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware developments, allowing a fuller, more general, exploration of the possibilities than has previously been seen in the literature. Drawing on and consolidating the disparate strains of research, technologies and methods employed throughout the adaptation of confidential computing, we present a novel, dedicated Confidential Remote Computing (CRC) model. CRC proposes a compact solution for next-generation applications to be built on strong hardware-based security primitives, control of secure software products' trusted computing base, and a way to make correct use of proofs and evidence reports generated by the attestation mechanisms. The CRC model illustrates the trade-offs between decentralisation, task size and transparency overhead. We conclude the paper with six lessons learned from our approach, and suggest two future research directions.



There are no comments yet.


page 1

page 2

page 3

page 4


SoK: Opportunities for Software-Hardware-Security Codesign for Next Generation Secure Computing

Users are demanding increased data security. As a result, security is ra...

Tiny-CFA: A Minimalistic Approach for Control-Flow Attestation Using Verified Proofs of Execution

The design of tiny trust anchors has received significant attention over...

Secure OTA Software Updates in Connected Vehicles: A survey

This survey highlights and discusses remote OTA software updates in the ...

PIE: A Platform-wide TEE

While modern computing architectures rely on specialized hardware such a...

Beyond Privacy Trade-offs with Structured Transparency

Many socially valuable activities depend on sensitive information, such ...

StreamBox-TZ: A Secure IoT Analytics Engine at the Edge

We present StreamBox-TZ, a stream analytics engine for an edge platform....

How Flexible is Your Computing System

In literature computer architectures are frequently claimed to be highly...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.