SaTC: CORE: Medium: Fortifying and Enriching Confidential Computing Environments
Yale University, New Haven CT
Investigators
Abstract
Deploying applications on cloud servers is increasingly popular due to their cost-efficiency and ease of management. However, these servers are controlled by companies that users may hesitate to trust with sensitive data. To keep sensitive data safe, Confidential Computing Environments (CCEs) use a mix of secure hardware and software to protect data from the cloud platform's operating system and other untrusted software. While companies like Intel, ARM, and AMD have improved the hardware for these systems, the associated software remains insufficient to protect modern cloud applications completely. This project aims to solve this problem by designing better software, studying security weaknesses, and creating new ways to block attacks from malicious software. A central idea in our project is to "hide" real data by mixing it with extra, meaningless (“noise”) data to confuse attackers. The research will test these solutions in different cloud setups for popular applications like AI training, recommendation systems, and data analysis tools. Securing cloud applications is a key challenge for computing, and our work, if successful, will positively impact the security of cloud computing platforms. Confidential Computing Environments (CCEs) leverage a combination of trusted hardware and software to protect application data confidentiality and control-flow integrity from untrusted operating systems (OSes) and hypervisors in public cloud settings. While the hardware component has already seen two generations of updates, the system software support remains immature and fails to meet the needs of emerging cloud applications for two main reasons. First, existing approaches fail to define the right boundary between the trusted software that must run within the CCE and the untrusted system software that runs outside it to manage resources and provide common system services across applications. This results in a hard tradeoff between application performance, functionality, and data confidentiality. Second, interactions across the boundary — between the trusted software within the CCE and the untrusted system software outside it — present several side channels that the untrusted software can leverage to learn sensitive application data. This project aims to overcome these challenges through principled system design, security analysis, and development of algorithmic defenses. Our research will study and establish the appropriate boundaries between software within and outside the CCE for the two primary data paths available to applications: memory and I/O. We will study the vulnerabilities via side-channel leakages available to the untrusted software by developing novel attacks and devise novel defenses against them using the principles of noise injection, i.e., by injecting spurious interactions over the side channels along with legitimate ones to obfuscate the adversarial observations. We will evaluate our approach across a range of deployment settings and real-world cloud applications. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →