DeepAI AI Chat
Log In Sign Up

SoK: Hardware-supported Trusted Execution Environments

by   Moritz Schneider, et al.

The growing complexity of modern computing platforms and the need for strong isolation protections among their software components has led to the increased adoption of Trusted Execution Environments (TEEs). While several commercial and academic TEE architectures have emerged in recent times, they remain hard to compare and contrast. More generally, existing TEEs have not been subject to a holistic systematization to understand the available design alternatives for various aspects of TEE design and their corresponding pros-and-cons. Therefore, in this work, we analyze the design of existing TEEs and systematize the mechanisms that TEEs implement to achieve their security goals, namely, verifiable launch, run-time isolation, trusted IO, and secure storage. More specifically, we analyze the typical architectural building blocks underlying TEE solutions, design alternatives for each of these components and the trade-offs that they entail. We focus on hardware-assisted TEEs and cover a wide range of TEE proposals from academia and the industry. Our analysis shows that although TEEs are diverse in terms of their goals, usage models, and instruction set architectures, they all share many common building blocks in terms of their design.


Enclave-Aware Compartmentalization and Secure Sharing with Sirius

Hardware-assisted trusted execution environments (TEEs) are critical bui...

Keystone: An Open Framework for Architecting TEEs

Trusted execution environments (TEEs) are being used in all the devices ...

Hardware-aware mobile building block evaluation for computer vision

In this work we propose a methodology to accurately evaluate and compare...

Attestation Mechanisms for Trusted Execution Environments Demystified

Attestation is a fundamental building block to establish trust over soft...

An Enclave-based TEE for SE-in-SoC in RISC-V Industry

Secure Element (SE) in SoC sees an increasing adoption in industry. Many...

Keystone: A Framework for Architecting TEEs

Trusted execution environments (TEEs) are becoming a requirement across ...

CURE: A Security Architecture with CUstomizable and Resilient Enclaves

Security architectures providing Trusted Execution Environments (TEEs) h...