2020 IEEE Symposium on Security and Privacy (SP) 2020
DOI: 10.1109/sp40000.2020.00054
|View full text |Cite
|
Sign up to set email alerts
|

Enabling Rack-scale Confidential Computing using Heterogeneous Trusted Execution Environment

Abstract: With its huge real-world demands, large-scale confidential computing still cannot be supported by today's Trusted Execution Environment (TEE), due to the lack of scalable and effective protection of high-throughput accelerators like GPUs, FPGAs, and TPUs etc. Although attempts have been made recently to extend the CPU-like enclave to GPUs, these solutions require change to the CPU or GPU chips, may introduce new security risks due to the side-channel leaks in CPU-GPU communication and are still under the resou… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
40
0
1

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
3
1

Relationship

0
9

Authors

Journals

citations
Cited by 57 publications
(41 citation statements)
references
References 36 publications
(22 reference statements)
0
40
0
1
Order By: Relevance
“…The effect of using a GPU node in this case study is noticable. GPU is more oriented to compute-intensive tasks rather than data-intensive tasks because the cost of data transfer between GPU memory and the host memory is expensive and time-consuming [Zhu, Hou, Wang et al (2019)]. Hence, data cleansing and preprocessing are executed by CPU nodes only.…”
Section: Resultsmentioning
confidence: 99%
“…The effect of using a GPU node in this case study is noticable. GPU is more oriented to compute-intensive tasks rather than data-intensive tasks because the cost of data transfer between GPU memory and the host memory is expensive and time-consuming [Zhu, Hou, Wang et al (2019)]. Hence, data cleansing and preprocessing are executed by CPU nodes only.…”
Section: Resultsmentioning
confidence: 99%
“…HIX [54] separated the driver out from the OS and ran it inside a trusted CPU enclave, essentially creating a heterogeneous trusted environment across both CPU and GPU, but requiring changes to the CPU and PCIe root complex. HETEE [105] proposed fabricating a tamper-resistant box of accelerators (namely GPUs) that a rack of servers can access via a centralized security controller in a dedicated FPGA. However, it did not consider the unique challenges that arise in cloud FPGAs (Section 2.4) and required a specialized tamper-resistant chassis.…”
Section: Related Workmentioning
confidence: 99%
“…Unfortunately, recently-proposed TEEs for accelerators, including FPGAs, are either insecure against direct physical attacks [54,105], require fundamental hardware changes [54,94,105], only address isolated challenges such as attestation [36,52,72,99], or rely on external CPU TEEs [52,54,94]. Moreover, they ignore the Shell logic [3,57,60,88], a fundamental untrusted operating system for cloud FPGA logic.…”
mentioning
confidence: 99%
“…It has been shown that HW assisted TEEs can improve security in a distributed cloud environment and with low performance overhead [28]. The concept of open framework and elastic scaling of TEEs on edge platforms needs to be analyzed more; first studies indicate that privacy and trust can be provided by scalable TEEs for heterogeneous systems (such as a combination of CPUs and GPUs) for performing data intensive computation [29] as needed for demanding 6G use cases such as mixed and augmented reality. Building on the principle of transitive trust [27], TEEs can provide attestation of trust anchored in the confirmed genuineness of enclaves on different processing unit (xPU) levels and of direct relevance to application and user.…”
Section: Security Appmentioning
confidence: 99%