CRC: Fully General Model of Confidential Remote Computing

04/08/2021
by   Kubilay Ahmet Küçük, et al.
0

Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware developments, allowing a fuller, more general, exploration of the possibilities than has previously been seen in the literature. Drawing on and consolidating the disparate strains of research, technologies and methods employed throughout the adaptation of confidential computing, we present a novel, dedicated Confidential Remote Computing (CRC) model. CRC proposes a compact solution for next-generation applications to be built on strong hardware-based security primitives, control of secure software products' trusted computing base, and a way to make correct use of proofs and evidence reports generated by the attestation mechanisms. The CRC model illustrates the trade-offs between decentralisation, task size and transparency overhead. We conclude the paper with six lessons learned from our approach, and suggest two future research directions.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

05/02/2021

SoK: Opportunities for Software-Hardware-Security Codesign for Next Generation Secure Computing

Users are demanding increased data security. As a result, security is ra...
11/14/2020

Tiny-CFA: A Minimalistic Approach for Control-Flow Attestation Using Verified Proofs of Execution

The design of tiny trust anchors has received significant attention over...
04/01/2019

Secure OTA Software Updates in Connected Vehicles: A survey

This survey highlights and discusses remote OTA software updates in the ...
10/20/2020

PIE: A Platform-wide TEE

While modern computing architectures rely on specialized hardware such a...
12/15/2020

Beyond Privacy Trade-offs with Structured Transparency

Many socially valuable activities depend on sensitive information, such ...
08/02/2018

StreamBox-TZ: A Secure IoT Analytics Engine at the Edge

We present StreamBox-TZ, a stream analytics engine for an edge platform....
06/02/2021

How Flexible is Your Computing System

In literature computer architectures are frequently claimed to be highly...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.