StrongBox

Deng, Yunjie; Wang, Chenxu; Yu, Shunchang; Liu, Shiqing; Ning, Zhenyu; Leach, Kevin; Li, Jin; Yan, Shoumeng; He, Zhengyu; Cao, Jin Xin; Zhang, Fengwei

doi:10.1145/3548606.3560627

Cited by 17 publications

(13 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For Intel architecture, HIX [71] extends the protection scope of the original Intel SGX technology to GPU computation by modifying the bus between the CPU and GPU, and the GPU driver to ensure an isolated GPU execution environment; SGX‐FPGA [72] designs a scheme to create a TEE between SGX and FPGA by embedding a CPU controller and FPGA security monitor in the CPU‐FPGA architecture to authenticate and encrypt communication data between the CPU and FPGA components. For ARM architecture, StrongBox [73] utilizes traditional Arm TrustZone technology to ensure GPU data security on edge devices; Cronus [74] utilizes ARM secure virtualization technology to build an isolated TEE for heterogeneous chips such as GPU and FPGA, ensuring the heterogeneous computation security of Arm cloud servers; CAGE [75] utilizes the RME hardware extension introduced by Arm CCA to achieve access control of GPU memory, providing confidential GPU computing support for the next generation of ARM cloud and edge devices. In addition, HETEE [76] designs a rack‐scale heterogeneous confidential computing environment that physically isolates protected devices as a whole, allowing the use of trusted peripherals in the TEE.…”

Section: Confidential Computing Architecture and Technologymentioning

confidence: 99%

Survey of research on confidential computing

Feng,

Qin,

Feng

et al. 2024

IET Communications

View full text Add to dashboard Cite

As the global data strategy deepens and data elements accelerate integrating and flowing more rapidly, the demand for data security and privacy protection has become increasingly prominent. Confidential computing emerges as a crucial security technology to solve security and privacy problem, and it is also a hot subject of in contemporary security technologies. Leveraging collaborative security in both hardware and software, it builds a trusted execution environment to ensure confidentiality and integrity protection for data in use. This paper provides a comprehensive overview of the development process of confidential computing, summarizing its current research status and issues, which focuses on the security requirements for data security and privacy protection. Furthermore, it deeply analyses the common technical features of confidential computing, and proposes a trusted confidential computing architecture based on collaborative hardware and software trust. Then, it elaborates on the research status and issues of confidential computing from four aspects: hardware security, architecture and key technologies, applications, and standards and evaluation. Finally, this paper provides a synthesis and outlook for the future development of confidential computing. In summary, confidential computing is currently in a rapidly developing stage and will play an important role in cyber security in the future.

show abstract

Section: Confidential Computing Architecture and Technologymentioning

confidence: 99%

Survey of research on confidential computing

Feng,

Qin,

Feng

et al. 2024

IET Communications

View full text Add to dashboard Cite

show abstract

“…CAGE can combine them to generate an attestation report for each realm to validate the GPU computing environment. CAGE can benefit from other works [32], [39], [63] to manage keys for each realm. Specifically, the user can exchange keys with its realm via Diffie-Hellman [40] or Elliptic-curve Diffie-Hellman [64] protocol.…”

Section: E Trust Establishment In Cagementioning

confidence: 99%

“…However, most solutions [31], [39], [52], [54], [61], [67], [70], [76], [81] rely on hardware security primitives that are not suitable for next-generation Arm devices (e.g., customized hardware, Intel-based security primitive, or traditional Arm security hardware), incurring tremendous challenges in mitigation. For example, HIX [52] leverages the Intel SGX, which is not supported in Arm devices, and StrongBox [39] trusts secure world software, which are not trusted in Arm CCA. Overall, it leads to a critical question: How can we extend the support of GPU acceleration to Arm CCA?…”

Section: Introductionmentioning

confidence: 99%

“…We analyze the system design of CAGE by fairly comparing it with other CCA extensions (including the RME-DA) and the state-ofthe-art GPU TEEs. Moreover, we compare the performance by running the Rodinia GPU benchmark suite [37], a popular benchmark for varied GPU TEEs [39], [52]. Next, we examine the effectiveness of our optimization techniques and verify the robustness with three neural network models (LeNet-5 [56], SqueezeNet [50], and MobileNet-v1 [46]).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

CAGE: Complementing Arm CCA with GPU Extensions

University),

Zhang,

Deng

et al. 2024

Proceedings 2024 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Confidential computing is an emerging technique that provides users and third-party developers with an isolated and transparent execution environment. To support this technique, Arm introduced the Confidential Computing Architecture (CCA), which creates multiple isolated address spaces, known as realms, to ensure data confidentiality and integrity in securitysensitive tasks. Arm recently proposed the concept of confidential computing on GPU hardware, which is widely used in generalpurpose, high-performance, and artificial intelligence computing scenarios. However, hardware and firmware supporting confidential GPU workloads remain unavailable. Existing studies leverage Trusted Execution Environments (TEEs) to secure GPU computing on Arm-or Intel-based platforms, but they are not suitable for CCA's realm-style architecture, such as using incompatible hardware or introducing a large trusted computing base (TCB). Therefore, there is a need to complement existing Arm CCA capabilities with GPU acceleration.To address this challenge, we present CAGE to support confidential GPU computing for Arm CCA. By leveraging the existing security features in Arm CCA, CAGE ensures data security during confidential computing on unified-memory GPUs, the mainstream accelerators in Arm devices. To adapt the GPU workflow to CCA's realm-style architecture, CAGE proposes a novel shadow task mechanism to manage confidential GPU applications flexibly. Additionally, CAGE leverages the memory isolation mechanism in Arm CCA to protect data confidentiality and integrity from the strong adversary. Based on this, CAGE also optimizes security operations in memory isolation to mitigate performance overhead. Without hardware changes, our approach uses the generic hardware security primitives in Arm CCA to defend against a privileged adversary. We present two prototypes to verify CAGE's functionality and evaluate performance, respectively. Results show that CAGE effectively provides GPU support for Arm CCA with an average of 2.45% performance overhead.

show abstract

“…This paper is an extended version of our previous work [38] accepted in ACM Conference on Computer and Communications Security 2022. Based on that work, we further reduce the TCB size by defending against vulnerable implementations of secure world.…”

mentioning

confidence: 99%

Building a Lightweight Trusted Execution Environment for Arm GPUs

Wang,

Deng,

Ning

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

A wide range of Arm endpoints leverage integrated and discrete GPUs to accelerate computation. However, Arm GPU security has not been explored by the community. Existing work has used Trusted Execution Environments (TEEs) to address GPU security concerns on Intel-based platforms, but there are numerous architectural differences that lead to novel technical challenges in deploying TEEs for Arm GPUs. There is a need for generalizable and efficient Arm-based GPU security mechanisms.To address these problems, we present STRONGBOX, the first GPU TEE for secured general computation on Arm endpoints. STRONGBOX provides an isolated execution environment by ensuring exclusive access to GPU. Our approach is based in part on a dynamic, fine-grained memory protection policy as Arm-based GPUs typically share a unified memory with the CPU. Furthermore, STRONGBOX reduces runtime overhead from the redundant security introspection operations. We also design an effective defense mechanism within secure world to protect the confidential GPU computation. Our design leverages the widely-deployed Arm TrustZone and generic Arm features, without hardware modification or architectural changes. We prototype STRONGBOX using an off-the-shelf Arm Mali GPU and perform an extensive evaluation. Results show that STRONGBOX successfully ensures GPU computation security with a low (4.70% -15.26%) overhead.

show abstract

StrongBox

Cited by 17 publications

References 33 publications

Survey of research on confidential computing

Survey of research on confidential computing

CAGE: Complementing Arm CCA with GPU Extensions

Building a Lightweight Trusted Execution Environment for Arm GPUs

Contact Info

Product

Resources

About