iperfTZ: Understanding Network Bottlenecks for TrustZone-based Trusted Applications

09/14/2019
by   Christian Göttel, et al.
0

The growing availability of hardware-based trusted execution environments (TEEs) in commodity processors has recently advanced support (i.e., design, implementation and deployment frameworks) for network-based secure services. Examples of such TEEs include ARM TrustZone or Intel SGX, largely available in embedded, mobile and server-grade processors. TEEs shield services from compromised hosts, malicious users or powerful attackers. TEE-enabled devices are largely being deployed on the edge of the network, paving the way for large-scale deployments of trusted applications. These applications allow processing and disseminating sensitive data without having to trust cloud providers. However, uncovering network performance limitations of such trusted applications is difficult and currently lacking, despite the interest and reliance by developers and system deployers. iperfTZ is an open-source tool to uncover network performance bottlenecks rooted at the design and implementation of trusted applications for ARM TrustZone and underlying runtime systems. Our evaluation based on micro-benchmarks shows current trade-offs for trusted applications, both from a network as well as an energy perspective; an often overlooked yet relevant aspect for edge-based deployments.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
04/25/2019

Developing Secure Services for IoT with OP-TEE: A First Look at Performance and Usability

The implementation, deployment and testing of secure services for Intern...
research
02/20/2018

ISA-Based Trusted Network Functions And Server Applications In The Untrusted Cloud

Nowadays, enterprises widely deploy Network Functions (NFs) and server a...
research
09/24/2022

Certified Hardware Requirements Undermine Digital Currency

Design approaches based on certified hardware have featured prominently ...
research
02/10/2018

Aurora: Providing Trusted System Services for Enclaves On an Untrusted System

Intel SGX provisions shielded executions for security-sensitive computat...
research
03/31/2020

Trust Management as a Service: Enabling Trusted Execution in the Face of Byzantine Stakeholders

Trust is arguably the most important challenge for critical services bot...
research
07/03/2020

MQT-TZ: Secure MQTT Broker for Biomedical Signal Processing on the Edge

Physical health records belong to healthcare providers, but the informat...
research
07/24/2020

MQT-TZ: Hardening IoT Brokers Using ARM TrustZone

The publish-subscribe paradigm is an efficient communication scheme with...

Please sign up or login with your details

Forgot password? Click here to reset