Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services

Similar documents
Advanced Systems Security: Cloud Computing Security

The Road to a Secure, Compliant Cloud

Module: Cloud Computing Security

Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing

Distributed OS Hermann Härtig Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing

EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)

Design and Implementation of Virtual TAP for Software-Defined Networks

Flicker: An Execution Infrastructure for TCB Minimization

SANDPIPER: BLACK-BOX AND GRAY-BOX STRATEGIES FOR VIRTUAL MACHINE MIGRATION

Hypervisor Security First Published On: Last Updated On:

Stefan Saroiu Microsoft Research (Redmond)

A Comparison Study of Intel SGX and AMD Memory Encryption Technology

SentinelOne Technical Brief

TPM v.s. Embedded Board. James Y

ROTE: Rollback Protection for Trusted Execution

Defending against VM Rollback Attack

Logical Partitions on Many-core Processors

McAfee Network Security Platform 8.3

Intel s s Security Vision for Xen

Security and Privacy in Cloud Computing

The Convergence of Storage and Server Virtualization Solarflare Communications, Inc.

OS Security IV: Virtualization and Trusted Computing

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

McAfee Network Security Platform

Framework for Prevention of Insider attacks in Cloud Infrastructure through Hardware Security

Preventing Information Leakage from Virtual Machines Memory in IaaS Clouds

Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing. Hermann Härtig Technische Universität Dresden Summer Semester 2009

Massively Parallel Hardware Security Platform

McAfee Network Security Platform 8.3

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Authenticated Booting, Remote Attestation, Sealed Memory aka Trusted Computing. Hermann Härtig Technische Universität Dresden Summer Semester 2007

Intel Software Guard Extensions

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization

McAfee Network Security Platform 8.3

McAfee Network Security Platform 9.2

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

McAfee Virtual Network Security Platform 8.4 Revision A

McAfee Network Security Platform 9.2

Ascend: Architecture for Secure Computation on Encrypted Data Oblivious RAM (ORAM)

McAfee Network Security Platform 8.3

McAfee Network Security Platform 9.1

BUILDING A PRIVATE CLOUD. By Mark Black Jay Muelhoefer Parviz Peiravi Marco Righini

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017

Increasing Cloud Power Efficiency through Consolidation Techniques

Lecture Embedded System Security Trusted Platform Module

Lecture Embedded System Security Introduction to Trusted Computing

Demonstration Lecture: Cyber Security (MIT Department) Trusted cloud hardware and advanced cryptographic solutions. Andrei Costin

How Shielded VMs Protect Your Data

McAfee Network Security Platform 9.1

Solaris Engineered Systems

Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas

Fast and Easy Persistent Storage for Docker* Containers with Storidge and Intel

White Paper. Securing the virtual infrastructure without impacting performance

Technical Brief Distributed Trusted Computing

McAfee Network Security Platform 8.3

CSE543 - Computer and Network Security Module: Virtualization

TERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004

Enhance your Cloud Security with AMD EPYC Hardware Memory Encryption

12d Synergy Requirements

McAfee Network Security Platform 9.2

Isolating Operating System Components with Intel SGX

MICRO-SEGMENTATION FOR CLOUD-SCALE SECURITY TECHNICAL WHITE PAPER

Network Security Platform 8.1

Sealing and Attestation in Intel Software Guard Extensions (SGX)

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

RT- Xen: Real- Time Virtualiza2on. Chenyang Lu Cyber- Physical Systems Laboratory Department of Computer Science and Engineering

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Empirical Evaluation of Latency-Sensitive Application Performance in the Cloud

Advanced Systems Security: Virtual Machine Systems

Nested Virtualization and Server Consolidation

SR-IOV Support for Virtualization on InfiniBand Clusters: Early Experience

OPENSTACK: THE OPEN CLOUD

The Software Driven Datacenter

Enforcing declara.ve data policies

The SHARED hosting plan is designed to meet the advanced hosting needs of businesses who are not yet ready to move on to a server solution.

Secure Remote Storage Using Oblivious RAM

An Analysis and Empirical Study of Container Networks

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms

CLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.

Establishing and Sustaining System Integrity via Root of Trust Installation

CSC 5930/9010 Cloud S & P: Virtualization

System Approach for Single Keyword Search for Encrypted data files Guarantees in Public Infrastructure Clouds

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

McAfee Network Security Platform 9.1

INF3510 Information Security Spring Lecture 4 Computer Security. University of Oslo Audun Jøsang

Securing Containers Using a PNSC and a Cisco VSG

Designing Distributed Systems using Approximate Synchrony in Data Center Networks

Trusted Virtual Domains: Towards Trustworthy Distributed Services. Ahmad-Reza Sadeghi System Security Lab Ruhr-Universität Bochum

PrivApprox. Privacy- Preserving Stream Analytics.

Securing Containers Using a PNSC and a Cisco VSG

Justifying Integrity Using a Virtual Machine Verifier

AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

TRUSTED COMPUTING TRUSTED COMPUTING. Overview. Why trusted computing?

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances

Lecture Embedded System Security Introduction to Trusted Computing

McAfee Network Security Platform

Transcription:

Max Planck Institute for Software Systems Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services 1, Rodrigo Rodrigues 2, Krishna P. Gummadi 1, Stefan Saroiu 3 MPI-SWS 1, CITI / Universidade Nova Lisboa 2, Microsoft Research 3

Managing the Cloud is Complex & Error-Prone Data Customer Is my data properly managed? Cloud Software Administrator Cloud Provider Cloud software admins. can compromise customers data 2

Trusted Computing Can Help Mitigate Threats Attest Customer VM Customer 1. Newer hypervisors can offer protection from SW admins. } e.g., nested virtualization: CloudVisor [SOSP 11], Credo [MSR-TR] Hypervisor HW TPM Cloud Node Cloud Provider 2. Trusted computing can attest cloud node runs correct hypervisor } Trusted Platform Module (TPM) But, TPMs alone ill-suited for the cloud 3

TPMs Alone Are Ill-Suited for the Cloud 1. Stifle VM and data migration across cloud nodes } TPMs root-of-trust not transferable from one node to another 2. Cloud providers hesitant to reveal low-level cloud details } TPMs abstractions can reveal node s identity and details of the node s entire software stack 3. Commodity TPMs can hinder the cloud s ability to scale } TPMs poor performance may introduce bottlenecks 4

Our Contributions 1. Policy-sealed data abstraction } Data is handled only by nodes satisfying customer-chosen policy } Examples: } Handle data only by nodes running CloudVisor } Handle data only by nodes located in the EU 2. Use attribute-based encryption (CP-ABE) to implement abstraction efficiently } Binds policies and node attributes to node configurations } Ciphertext-Policy Attribute-Based Encryption [Bethencourt07] Excalibur incorporates both contributions 5

Excalibur Addresses TPM Limitations in Cloud Policy-sealed data } Enables flexible data migration across cloud nodes } Customer data accessible to any node that satisfies the customer policy } Hides node s identities and lowlevel details of the software } Only high-level attributes are revealed Attribute-based encryption } Masks TPMs poor performance } Enforcing policies does not require direct calls to TPMs 6

Outline } Introduction } Threat model } Policy-sealed data } Design } Monitor } CP-ABE } Evaluation 7

Threat Model The attacker can } configure nodes remotely } reboot nodes The attacker cannot } perform physical attacks } e.g., scrape TPMs to learn its secrets } install software platform } access disk } eavesdrop network } compromise system s TCB } monitor } secure hypervisor } compromise CP-ABE 8

Outline } Introduction } Threat model } Policy-sealed data } Design } Monitor } CP-ABE } Evaluation 9

Policy-Sealed Data Seal encrypt and bind data to policy + Policy-Sealed Data Unseal decrypt data iff node meets policy Seal to: visor = secure visor Customer Provider Hypervisors Secure Commodity 10

Policy-Sealed Data: Attributes & Policies } Node configurations expressed as set of attributes } Attributes mapped to nodes identities and software config } } node id à hardware attributes software config à software attributes } Customers select trusted node configurations in policies } Logic expressions over attributes Node Attributes service : EC2 hypervz : CloudVisor version : 1 country : Germany zone : z1 Data Policy service = EC2 and hypervz = CloudVisor and version >= 1 and (country = Germany or country = UK ) 11

Outline } Introduction } Threat model } Policy-sealed data } Design } Monitor } CP-ABE } Evaluation 12

Excalibur Architecture } Check node configurations } Monitor attests nodes in background } Scalable policy enforcement } CP-ABE operations at client-side lib Customer Monitor seal attest & send credential + Policy-Sealed Data unseal 13 Datacenter

Excalibur Mediates TPM Access w/ Monitor Monitor goals: Customer } Track node ids + TPM-based attestations } Hides low-level details from users TPM } Track nodes attributes that cannot be attested via today s TPMs } e.g., nodes locations (EU vs. US) Cloud Node Monitor } Form the cloud s root of trust } Customers only need to attest the monitor s software configuration 14

Attribute-based Encryption Is Key to Scalability Customers seal data to a policy with a CP-ABE encryption key Once each node attests its configuration, monitor hands CP-ABE decryption key } Ciphertext-Policy Attribute-Based Encryption [Bethencourt07] Encryption Seal (, Data, Policy ) Key Master Key Decryption Key Attributes Policy-Sealed Data Unseal (, ) ) à Data Monitor Node 15

Outline } Introduction } Threat model } Policy-sealed data } Design } Monitor } CP-ABE } Evaluation 16

Methodology } Two questions: } What is the overhead of policy-sealed data? } Is the monitor a scalability bottleneck? } Implemented cloud service akin to EC2 } Based on Eucalyptus / Xen cloud platform } Supports location attribute } Interposed seal / unseal in VM management operations } Testbed: single monitor and five nodes } Intel Xeon, 2.83Ghz 8-core CPU, 1.6 GB RAM, TPM v1.2 17

What Is the Overhead of Seal / Unseal? Overhead of CP-ABE in Eucalyptus / Xen platform 18 CP-ABE s overhead could be significant However, VM operations are infrequent

Is the Monitor a Scalability Bottleneck? } Monitor can attest a large number of nodes } Max throughput: 630 attestation-verifications/sec } E.g., 10K node cluster attests in ~15 seconds } Monitor can serve many attestation requests from customers } Max throughput: 4800 attestation-requests/sec } Increases throughput of standard TPM attestation } Batches multiple attestation requests into single TPM call } Speedup orders of magnitude over standard TPM attestation 19

Conclusions } Excalibur overcomes TPM s limitations in the cloud } Policy-sealed data: new trusted computing primitive } Flexible sealed storage } Reduce overexposure } CP-ABE makes Excalibur scale } Masks low performance of TPMs } Evaluation indicates that the system is practical 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback