Xinliang Miao,Rui Chang,Jianhong Zhao,Yongwang Zhao,Shuang Cao,Tao Wei,Liehui Jiang,Kui Ren

DOI: https://doi.org/10.1109/TDSC.2021.3133576

2023-01-01

Abstract:Sensitive resources in Trusted Execution Environment (TEE) have suffered serious security threats in recent years. Previous protection approaches either lack a strong assurance of TEE security properties or are limited to a single platform. We propose a compatible verified TEE architecture, called CVTEE, which delegates a security monitor to manage TEE resources securely. This architecture has two key advantages: i) its functional correctness and security are guaranteed by a machine-checkable proof of security objectives of Trusted Application (TA) isolation, runtime confidentiality, and runtime integrity, and ii) it is applicable to different TEE platforms and implementation-independent due to its high level of abstraction and non-determinism of data types. Note that access control policy and information flow control policy are the core for security management of resources. After formally specifying the security attributes of TEE resources, we develop these policies based on Common Criteria (CC) in the security monitor and provide atomic interfaces. CVTEE is formally verified with 386 lemmas/theorems and similar to 10,000 LOC of Isabelle/HOL. In addition, we implement a proof of concept for the access control module of Teaclave, and prove that the constructed access control model meets the security requirements through 5 theorems.

Yongwang Zhao,Fanlang Zeng,Zhuoruo Zhang,Chenyang Yu,Rui Chang,Zijun Zhang

DOI: https://doi.org/10.1109/ISSRE59848.2023.00031

2023-10-09

Abstract:Trusted Execution Environments (TEEs) play a crucial role in embedded systems, IoT, and cloud computing. However, their security issues are a major concern, particularly related to defects or improper implementations in access control mechanisms. Such issues can result in severe problems like privilege escalation and unintended memory accesses during inter-domain communication. Moreover, employing mathematical methods for rigorous security guarantees is essential.To address these challenges, we propose Lark, a cross-domain access control for TEEs, which is modeled and verified in Isabelle/HOL. Lark applies orthogonal access control attributes on memory to decouple access permissions of different privilege levels. Additionally, it enforces strict access permission checks for inter-domain communications. For a strict security guarantee, Lark is formalized and verified in Isabelle/HOL, with 84 definitions and 35 lemmas containing ∼1,600 lines of code. The machine-checkable proofs demonstrate that Lark ensures memory isolation and information flow security. We identify and resolve an inter-domain communication issue within an open-source TEE, and develop a prototype that implements the access control features of Lark. Exhaustive evaluations on real-world applications demonstrate that Lark introduces less than 5% performance overhead.

Computer Science,Engineering

Tong Sun,Borui Li,Yixiao Teng,Yi Gao,Wei Dong

DOI: https://doi.org/10.1109/ipsn61024.2024.00021

2024-01-01

Abstract:Internet of Things (IoT) applications have recently been widely used in safety-critical scenarios. To prevent sensitive information leaks, IoT device vendors provide hardware-assisted protections, called Trusted Execution Environments (TEEs), like ARM Trust-Zone. Programming a TEE-based application requires separate code for two components, significantly slowing down the development process. Existing solutions tackle this issue by automatic code partition while not successfully applying it in two complicated scenarios: adding trusted logic and interactions with secure peripherals.We propose dTEE, a declarative approach to secure IoT applications based on TrustZone. dTEE proposes a rapid approach that enables developers to declare tiered-sensitive variables and functions of existing applications. Besides, dTEE automatically transforms device drivers into trusted ones. We evaluate dTEE on four real-world IoT applications and seven micro-benchmarks. Results show that dTEE achieves high expressiveness for supporting 50% more applications than existing approaches and reduces 90% of the lines of code against handcrafted development.

Yong Huang,Lingdi Ping,Shanping Li,Xuezeng Pan

DOI: https://doi.org/10.4304/jsw.4.1.90-97

2009-01-01

Journal of Software

Abstract:Real-time information flow security properties such as timed noninterference provide assurances that some time dependent information flows may not become possible. However, with transitive noninterference formulation, it is difficult to deal with intransitive flow policies like channel control and secure downgrading of information with time constraints. In this paper, we introduce the notion of trust domain into Timed Secure Process Algebra (tSPA), extending intransitive noninterference to real-time systems. Based on weak timed bisimulation equivalence, some security properties for intransitive flow are reformulated in a realtime setting, in particular one property which is persistent, meaning that if a system is secure then all of its reachable states are secure too. Furthermore, we prove that such persistent intransitive timed property is compositional, which is thus possible to alleviate the state space explosion problem caused by the interleaving of all the possible executions of parallel processes. Finally, we provide one case study showing that it is possible to model and analyze the real-time system through our approach.

Haiyong Sun,Hang Lei

DOI: https://doi.org/10.1109/ACCESS.2020.2974487

IF: 3.9

2020-01-01

IEEE Access

Abstract:Hardware support for isolated execution (e.g., ARM TrustZone) enables the development of a trusted execution environment (TEE) that ensures the security of the code and data while communicating with a compromised rich execution environment (REE). The ability to satisfy various security services is complicated and usually consists of trusted applications, a trusted kernel and a secure monitor. However, formally verifying the security of an entire TEE security remains challenging. We present a methodology for designing a TEE in a way that enables verification of its security properties. Our methodology consists of forcing a trusted application and kernel to communicate with an REE via a narrow interface and compile and link them with a small secure monitor that implements the interface and runs at the highest privilege level. We provide functional verification of the secure monitor to ensure that it correctly switches the TEE/REE, communicates with the REE at a pre-defined memory space and has no integer overflow vulnerability. We also perform a verification of the secure monitors scheduler to ensure that it satisfies information flow noninterference. We present a modular verification framework that can prove an end-to-end security property for cross-language programmes (e.g., C and assembly languages). Our evaluation suggests that the methodology scales to real-world TEE applications.

Anbang Ruan,Qingni Shen,Liang Gu,Li Wang,Lei Shi,Yahui Yang,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-11145-7_18

2009-01-01

Abstract:The Trusted Computing Group (TCG) proposed remote attestation as a solution for establishing trust among distributed applications. However, current TCG attestation architecture requires challengers to attest to every program loaded on the target platform, which will increase the attestation overhead and bring privacy leakage and other security risks. In this paper, we define a conceptual model called the Trusted Isolation Environment (TIE) to facilitate remote attestation. We then present the implementation of TIE with our tailored Usage CONtrol model (UCONRA) and a set of system-defined policies. With its continuous and mutable feature and obligation support, we construct the TIE with flexibility. Lastly, we propose our attestation architecture with UCONRA gaining the benefits of scalable and lightweight.

Yongkai Fan,Shengle Liu,Gang Tan,Fei Qiao

DOI: https://doi.org/10.1016/j.future.2018.05.062

IF: 7.307

2020-01-01

Future Generation Computer Systems

Abstract:With the wide adoption of mobile devices, it becomes increasingly a reality that mobile users use a variety of apps from various sources. Since the enforcement of strict privacy is difficult, the inappropriate access by malicious apps is a major concern for mobile users, and access control becomes a challenge. In order to prevent the leakage of sensitive information ( such as the contact lists, or private pictures) by inappropriate or illegal access, we propose a fine-grained access-control scheme based on Ciphertext-Policy Attribute-Based Encryption (CPABE) and Trusted Execution Environment (TEE), which can effectively protect data. In the scheme, CPABE is adopted in a novel way to solve the important security problems by supporting fine-grained access control during the access period and by supporting the critical operations running in the trusted execution environment. The scheme can be used to mitigate the sensitive information attacks and enhance confidentiality. Moreover, it can reduce the risk in the case of one single authority. Compared to the traditional access-control mechanisms, our experimental results indicate that the proposed scheme satisfies the security requirements, and is superior to other existing schemes. (C) 2018 Elsevier B.V. All rights reserved.

Abhiroop Sarkar,Robert Krook,Alejandro Russo,Koen Claessen

DOI: https://doi.org/10.1145/3609026.3609731

2023-07-25

Abstract:Trusted Execution Environments (TEEs) are hardware-enforced memory isolation units, emerging as a pivotal security solution for security-critical applications. TEEs, like Intel SGX and ARM TrustZone, allow the isolation of confidential code and data within an untrusted host environment, such as the cloud and IoT. Despite strong security guarantees, TEE adoption has been hindered by an awkward programming model. This model requires manual application partitioning and the use of error-prone, memory-unsafe, and potentially information-leaking low-level C/C++ libraries. We address the above with \textit{HasTEE}, a domain-specific language (DSL) embedded in Haskell for programming TEE applications. HasTEE includes a port of the GHC runtime for the Intel-SGX TEE. HasTEE uses Haskell's type system to automatically partition an application and to enforce \textit{Information Flow Control} on confidential data. The DSL, being embedded in Haskell, allows for the usage of higher-order functions, monads, and a restricted set of I/O operations to write any standard Haskell application. Contrary to previous work, HasTEE is lightweight, simple, and is provided as a \emph{simple security library}; thus avoiding any GHC modifications. We show the applicability of HasTEE by implementing case studies on federated learning, an encrypted password wallet, and a differentially-private data clean room.

Programming Languages

Weijie Liu,Hongbo Chen,XiaoFeng Wang,Zhi Li,Danfeng Zhang,Wenhao Wang,Haixu Tang

DOI: https://doi.org/10.48550/arXiv.2109.01923

2021-09-05

Abstract:As an emerging technique for confidential computing, trusted execution environment (TEE) receives a lot of attention. To better develop, deploy, and run secure applications on a TEE platform such as Intel's SGX, both academic and industrial teams have devoted much effort to developing reliable and convenient TEE containers. In this paper, we studied the isolation strategies of 15 existing TEE containers to protect secure applications from potentially malicious operating systems (OS) or untrusted applications, using a semi-automatic approach combining a feedback-guided analyzer with manual code review. Our analysis reveals the isolation protection each of these TEE containers enforces, and their security weaknesses. We observe that none of the existing TEE containers can fulfill the goal they set, due to various pitfalls in their design and implementation. We report the lessons learnt from our study for guiding the development of more secure containers, and further discuss the trend of TEE container designs. We also release our analyzer that helps evaluate the container middleware both from the enclave and from the kernel.

Cryptography and Security

Hasini Witharana,Hansika Weerasena,Prabhat Mishra

DOI: https://doi.org/10.1109/tcad.2024.3443008

IF: 2.9

2024-11-09

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Trusted execution environments (TEEs) provide a secure environment for computation, ensuring that the code and data inside the TEE are protected with respect to confidentiality and integrity. Virtual machine (VM)-based TEEs extend this concept by utilizing virtualization technology to create isolated execution spaces that can support a complete operating system or specific applications. As the complexity and importance of VM-based TEEs grow, ensuring their reliability and security through formal verification becomes crucial. However, these technologies often operate without formal assurances of their security properties. Our research introduces a formal framework for representing and verifying VM-based TEEs. This approach provides a rigorous foundation for defining and verifying key security attributes for safeguarding execution environments. To demonstrate the applicability of our verification framework, we conduct an analysis of real-world TEE platforms, including Intel's trust domain extensions (TDX). This work not only emphasizes the necessity of formal verification in enhancing the security of VM-based TEEs but also provides a systematic approach for evaluating the resilience of these platforms against sophisticated adversarial models.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Jilin Hu,Fanlang Zeng,Yongwang Zhao,Zhuoruo Zhang,Leping Zhang,Jianhong Zhao,Rui Chang,Kui Ren

DOI: https://doi.org/10.1109/tdsc.2024.3375311

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The Trusted Execution Environment (TEE) plays a crucial role in modern computer systems and the compromise of TEE can result in enormous losses. Although numerous TEE products have been proposed, most of them lack robust security guarantees. To address this concern, GlobalPlatform (GP) defines the TEE security standard, Protection Profile (PP), which has gained widespread adoption in the TEE development and Common Criteria (CC) evaluation. However, despite its importance, GPTEE PP has never been formally specified and verified. In this paper, we present ProveriT , a parameterized, composable, and formally verified model of GPTEE PP. Firstly, we propose the first formal specification of GPTEE PP in a parameterized manner, encompassing the definition of security problems, security objectives, and security functional requirements. Secondly, we provide a compositional framework, utilizing horizontal calculus and vertical calculus, to flexibly combine specific security functional requirements for TEE developers and reduce proof efforts for verification. ProveriT is extensible and reusable for the verification and CC evaluation of specific TEE products. Thirdly, we conduct a comprehensive formal verification of rationales in the model to ensure the correctness of GPTEE PP. During the verification, 8 issues are discovered and we provide suggestions to resolve them. Finally, we demonstrate the extensibility and effectiveness of ProveriT by applying it to the verification of a commercial TEE. All the specifications and verification are carried out in the Isabelle/HOL theorem prover.

computer science, information systems, software engineering, hardware & architecture

Hongfeng Chai,Zhijun Lu,Qingyang Meng,Jun Wang,Xiubang Zhang,Zhijian Zhang

DOI: https://doi.org/10.1109/TrustCom.2014.121

2014-01-01

Abstract:Mobile security becomes a hot topic recently, especially in mobile payment and privacy data fields. Traditional solution can't keep a good balance between convenience and security. Against this background, a dual OS security solution named Trusted Execution Environment (TEE) is proposed and implemented by many institutions and companies. However, it raised TEE fragmentation and control problem. Addressing this issue, a mobile security infrastructure named Trusted Execution Environment Integration (TEEI) is presented to integrate multiple different TEEs. By using Trusted Virtual Machine (TVM) tech-nology, TEEI allows multiple TEEs running on one secure world on one mobile device at the same time and isolates them safely. Furthermore, a Virtual Network protocol is proposed to enable communication and cooperation among TEEs which includes TEE on TVM and TEE on SE. At last, a SOA-like Internal Trusted Service (ITS) framework is given to facilitate the development and maintenance of TEEs.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

DOI: https://doi.org/10.23919/tst.2017.8030534

2017-01-01

Tsinghua Science & Technology

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yang Xiang,Yuxia Cheng,Abdulhameed Alelaiwi

DOI: https://doi.org/10.1007/s10586-017-0833-4

2017-01-01

Cluster Computing

Abstract:With the rapid development of Internet of Things technology and the promotion of embedded devices’ computation performance, smart devices are probably open to security threats and attacks while connecting with rich and novel Internet. Attracting lots of attention in embedded system security community recently, Trusted Execution Environment (TEE), allows for the execution of arbitrary code within environments completely isolated from the rest of a system. However, existing memory protection methods in a TEE are inadequate. In general, the software-based formal methods are not practical and the hardware-based implementation approaches lack of theoretical proof. To address the memory isolation and protection problems in TEE, in this paper, we propose a practical memory integrity protection method on an ARM-based platform, called MIPE, to defend against security threats including kernel data attacks and direct memory access attacks. MIPE utilizes TrustZone technique to create a isolated execution environment, which can protect the sensitive code and data against attacks. To present the integrity protection strategies, we provide the design of MIPE using B method, which is a practical formal method. We also implement MIPE on the Xilinx Zynq ZC702 evaluation board. The evaluation results show that the automatic proof rate of machines using B method is about 78.32%, and the proposed method is effective and feasible in terms of both load time and overhead.

Xiaohan Zhang,Jinwen Wang,Yueqiang Cheng,Qi Li,Kun Sun,Yao Zheng,Ning Zhang,Xinghua Li

DOI: https://doi.org/10.1109/tnet.2023.3294019

2024-01-01

Abstract:With the accelerating adaption of Cloud and Edge computing, cloud-based networked deployment emerges to enable providers to deliver services in a cost-effective and elastic manner. However, security concern remains one of the major obstacles to its wider adaption. Trusted Execution Environment (TEE) has been advocated to protect cloud services in an isolated execution environment. In this paper, we present a new genre of side-channel attack called interface-based side-channel attack and demonstrate its effectiveness on the TEE-assisted networked service system. The root cause of this attack is the input-dependent interface invocation (e.g., interface information and invocation patterns) that can be observed by untrusted software to reveal the control flows inside the enclave. Our evaluation demonstrates that the attack can effectively re-identify encrypted web pages processed in the SGX enclave with an accuracy of 87.6% and a recall of 76.6%, and can reduce the search domain of the 1024 bits RSA private keys to $1.69 \times 10^{-6}$ of the original search domain. As countermeasures, we propose, implement and evaluate a set of static analysis tools to mitigate the newly discovered threats. The key idea is to use inter-procedural dataflow analysis to identify potential leakage via the interface, and then mitigate them during compilation using techniques including branch obfuscation, loop obfuscation, and constant size wrapper.

Carlton Shepherd,Raja N. Akram,Konstantinos Markantonakis

DOI: https://doi.org/10.48550/arXiv.1804.10707

2018-11-26

Abstract:Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm execution, tamper-resistant credential storage, and platform integrity using remote attestation. However, the challenge of remotely managing credentials between TEEs remains largely unaddressed in existing literature. In this work, we present novel protocols using mutual attestation for supporting four aspects of secure remote credential management with TEEs: backups, updates, migration, and revocation. The proposed protocols are agnostic to the underlying TEE implementation and subjected to formal verification using Scyther, which found no attacks.

Cryptography and Security

Rabimba Karanjai,Rowan Collier,Zhimin Gao,Lin Chen,Xinxin Fan,Taeweon Suh,Weidong Shi,Lei Xu

DOI: https://doi.org/10.1145/3594556.3594626

2023-08-03

Abstract:Trusted execution environment (TEE) technology has found many applications in mitigating various security risks in an efficient manner, which is attractive for critical infrastructure protection. First, the natural of critical infrastructure requires it to be well protected from various cyber attacks. Second, performance is usually important for critical infrastructure and it cannot afford an expensive protection mechanism. While a large number of TEE-based critical infrastructure protection systems have been proposed to address various security challenges (e.g., secure sensing and reliable control), most existing works ignore one important feature, i.e., devices comprised the critical infrastructure may be equipped with multiple incompatible TEE technologies and belongs to different owners. This feature makes it hard for these devices to establish mutual trust and form a unified TEE environment. To address these challenges and fully unleash the potential of TEE technology for critical infrastructure protection, we propose DHTee, a decentralized coordination mechanism. DHTee uses blockchain technology to support key TEE functions in a heterogeneous TEE environment, especially the attestation service. A Device equipped with one TEE can interact securely with the blockchain to verify whether another potential collaborating device claiming to have a different TEE meets the security requirements. DHTee is also flexible and can support new TEE schemes without affecting devices using existing TEEs that have been supported by the system.

Cryptography and Security,Hardware Architecture

Gianluca Scopelliti,Sepideh Pouyanrad,Job Noorman,Fritz Alder,Christoph Baumann,Frank Piessens,Jan Tobias Mühlberg

DOI: https://doi.org/10.1145/3592607

2023-06-29

Abstract:This paper presents an approach to provide strong assurance of the secure execution of distributed event-driven applications on shared infrastructures, while relying on a small Trusted Computing Base. We build upon and extend security primitives provided by Trusted Execution Environments (TEEs) to guarantee authenticity and integrity properties of applications, and to secure control of input and output devices. More specifically, we guarantee that if an output is produced by the application, it was allowed to be produced by the application's source code based on an authentic trace of inputs. We present an integrated open-source framework to develop, deploy, and use such applications across heterogeneous TEEs. Beyond authenticity and integrity, our framework optionally provides confidentiality and a notion of availability, and facilitates software development at a high level of abstraction over the platform-specific TEE layer. We support event-driven programming to develop distributed enclave applications in Rust and C for heterogeneous TEE, including Intel SGX, ARM TrustZone and Sancus. In this article we discuss the workings of our approach, the extensions we made to the Sancus processor, and the integration of our development model with commercial TEEs. Our evaluation of security and performance aspects show that TEEs, together with our programming model, form a basis for powerful security architectures for dependable systems in domains such as Industrial Control Systems and the Internet of Things, illustrating our framework's unique suitability for a broad range of use cases which combine cloud processing, mobile and edge devices, and lightweight sensing and actuation.

Cryptography and Security

Gabriel P. Fernandez,Andrey Brito,Ardhi Putra Pratama Hartono,Muhammad Usama Sardar,Christof Fetzer

DOI: https://doi.org/10.48550/arXiv.2311.06154

2023-11-11

Abstract:Our objective is to protect the integrity and confidentiality of applications operating in untrusted environments. Trusted Execution Environments (TEEs) are not a panacea. Hardware TEEs fail to protect applications against Sybil, Fork and Rollback Attacks and, consequently, fail to preserve the consistency and integrity of applications. We introduce a novel system, LLD, that enforces the integrity and consistency of applications in a transparent and scalable fashion. Our solution augments TEEs with instantiation control and rollback protection. Instantiation control, enforced with TEE-supported leases, mitigates Sybil/Fork Attacks without incurring the high costs of solving crypto-puzzles. Our rollback detection mechanism does not need excessive replication, nor does it sacrifice durability. We show that implementing these functionalities in the LLD runtime automatically protects applications and services such as a popular DBMS.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Rujia Li,Qin Wang,Qi Wang,David Galindo,Mark Ryan

DOI: https://doi.org/10.56553/popets-2022-0093

2022-07-01

Proceedings on Privacy Enhancing Technologies

Abstract:The blockchain-based smart contract lacks privacy, since the contract state and instruction code are exposed to the public. Combining smart-contract execution with Trusted Execution Environments provides an efficient solution, called TEE-assisted smart contracts (TCSC), for protecting the confidentiality of contract states. However, the combination approaches are varied, and a systematic study is absent. Newly released systems may fail to draw upon the experience learned from existing protocols, such as repeating known design mistakes or applying TEE technology in insecure ways. In this paper, we first investigate and categorize existing systems into two types: the layer-one solution and the layer-two solution. Then, we establish an analysis framework to capture their common aspects, covering desired properties (for contract services), threat models, and security considerations (for underlying systems). Based on our taxonomy, we identify their ideal functionalities, and uncover fundamental flaws and challenges in each specification’s design. We believe that this work would provide a guide for the development of TEE-assisted smart contracts, as well as a framework to evaluate future TCSC systems.

English Else