Trusted Execution Environment
Total Page:16
File Type:pdf, Size:1020Kb
Running secure user services in a hostile environment TROOS – Trusted Open OS, the basis for a trustzone based open TEE Assaf Rosenbuam, Eli Biham and Sara Bitan Department of Computer Science, Technion Do you trust your OS? We don’t... Current TEE technologies Our contribution – TROOS Secure world interface The normal world OS utilizes the secure world in- Our goal is to provide a TEE for user services (much Intel software guard extension (SGX) terface in order to create and execute trustlets ac- like Intel’s SGX). We use Genode as the basis for cording to its needs via SMCs. As part of our efforts 60 SGX enables to run secure services in an isolated our trusted OS. On top of the native Core and Init 40 to keep the system attack surface as small as possi- execution environment (called enclave), embedded components, which are the system kernel and first 20 ble, we keep the number of SMCs at the bare min- in the process virtual memory space. user process respectively, we added a few more com- 0 imum. The most significant SMCs are described in ponents to enable trusted user services – trustlets – the following table: loading and execution. Critical vulnerabiliteis found SMC Description Jan–Apr 2017 Tcreate create a new (empty) trustlet Tload load and measure the trustlet code How to protect critical assets Tinit mark trustlet as ready to run from a compromised OS? Tstart start executing a trustlet Tresume resume trustlet run after it was stopped Exploitation of an OS vulnerability might leave the Tdestroy stop the trustlet run and free its resources system resources completely exposed to attacks. Hence, we need a mechanism (entity) that can be trusted even when the OS is breached. ARM TrsutZone Future work TrustZone provides a technology to run two virtual TZ VMM: Intercepts SMCs and handles the switch Our next step is to complete the system implemen- worlds – a Normal World (NW) and Secure World between the two worlds. tation with all of the designed components. We (SW) – on the same CPU. This mechanism is an Loader: Responsible of loading and verifying the then plan to deliver an elaborated security analysis infrastructure on which we can create a Trusted trustlets code from the normal world. of the system and a comparison to existing TEEs Execution Environment. Trustlet Manager: Acts as a container for the (TrustZone based and others). The preference im- trustlets. Manages the trustlets resources pact on the normal world will be tested as well. allocation. Due to time constrains, there are aspects that we Crypto: Will provide each trustlet with unique do not plan to address at this stage, even though keys, accessible only to it and only while they surely are beneficial to TROOS. For example: running on the secure world. • Integrating a secure element. Trustlet TCB on TROOS • Extending system abilities with secure IO. • Utilizing on chip memory to better protect trustlets code and data against probing. Trusted Execution Environment Trustlet1 Trustlet2 Trustlet3 (TEE) TZ VMM Trustlets Manager Loader Crypto Contact Information We need an environment in which we can safely The Genode OS framework store critical data and perform critical processing Init Genode is an open source operat- ing system framework designed for Core User Space increased security. Genode main- Application TCB OS tains strong application isolation Notice that in TROOS, a trustlet must not trust the TEE in Genode properties and is designed to keep other trustlets in the system. A trustlet doesn’t each application Trusted Computing Base (TCB) even need to trust the TROOS services, unless it as small as possible. wishes to use them..