Hardware Isolation for Trusted Execution

Abstract

For more than a decade, Trusted Execution Environments (TEEs), found primarily in mobile phone and tablets, have been used to implement operator and third-party secure services like payment clients, electronic identities, rights management and device-local attestation. For many years, ARM TrustZone A (TM) (TZA) primitives were more or less the only available hardware mechanism to build a TEE, but in recent years alternative hardware security solutions have emerged for the same general purpose --- some are more tailored to the upcoming IoT device market whereas we also now have hardware that potentially can bring TEEs into the cloud infrastructure. In my talk I will introduce the contemporary TEE as is being deployed in today's devices, but one focal point of the presentation is on a functional comparison between the hardware support provided by TZA and the recently released and deployed Intel SGX(TM) and ARM TrustZone M (TM) architectures. Each solution has its relative strengths and drawbacks that reflects its main deployment purpose, and as a result, the software stack that completes the TEE environment will have to significantly adapt to each individual hardware platform. The final part of the talk will present a few conducted tests and research prototypes where we have gone beyond the TEE as it typically is set up today -- e.g. exploring problems emerging in a cloud environment with migrating workloads as well as policy enforcement in IoT devices.