DeepAI AI Chat
Log In Sign Up

Private delegated computations using strong isolation

05/06/2022
by   Mathias Brossard, et al.
0

Sensitive computations are now routinely delegated to third-parties. In response, Confidential Computing technologies are being introduced to microprocessors, offering a protected processing environment, which we generically call an isolate, providing confidentiality and integrity guarantees to code and data hosted within – even in the face of a privileged attacker. Isolates, with an attestation protocol, permit remote third-parties to establish a trusted "beachhead" containing known code and data on an otherwise untrusted machine. Yet, the rise of these technologies introduces many new problems, including: how to ease provisioning of computations safely into isolates; how to develop distributed systems spanning multiple classes of isolate; and what to do about the billions of "legacy" devices without support for Confidential Computing? Tackling the problems above, we introduce Veracruz, a framework that eases the design and implementation of complex privacy-preserving, collaborative, delegated computations among a group of mutually mistrusting principals. Veracruz supports multiple isolation technologies and provides a common programming model and attestation protocol across all of them, smoothing deployment of delegated computations over supported technologies. We demonstrate Veracruz in operation, on private in-cloud object detection on encrypted video streaming from a video camera. In addition to supporting hardware-backed isolates – like AWS Nitro Enclaves and Arm Confidential Computing Architecture Realms – Veracruz also provides pragmatic "software isolates" on Armv8-A devices without hardware Confidential Computing capability, using the high-assurance seL4 microkernel and our IceCap framework.

READ FULL TEXT

page 1

page 2

page 3

page 4

07/05/2020

Offline Model Guard: Secure and Private ML on Mobile Devices

Performing machine learning tasks in mobile applications yields a challe...
03/31/2021

Perun: Secure Multi-Stakeholder Machine Learning Framework with GPU Support

Confidential multi-stakeholder machine learning (ML) allows multiple par...
06/08/2018

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware

As Machine Learning (ML) gets applied to security-critical or sensitive ...
08/26/2021

Stockade: Hardware Hardening for Distributed Trusted Sandboxes

The widening availability of hardware-based trusted execution environmen...
11/03/2020

A Scalable Approach for Privacy-Preserving Collaborative Machine Learning

We consider a collaborative learning scenario in which multiple data-own...
05/03/2019

A Hybrid Approach to Secure Function Evaluation Using SGX

A protocol for two-party secure function evaluation (2P-SFE) aims to all...
01/09/2020

Secure multiparty computations in floating-point arithmetic

Secure multiparty computations enable the distribution of so-called shar...

Code Repositories

veracruz

Main repository for the Veracruz privacy-preserving compute project, an adopted project of the Confidential Compute Consortium (CCC).


view repo