A user-level enclave as an extension of CCA’s primary Realm VM-style architecture
We propose Shelter as a complement to CCA’s primary Realm VM-style architecture, aiming to allow third-party developers to deploy their applications with isolation in userspace as SApp. Shelter is designed by cooperating with Arm CCA hardware primitive to provide hardware-based isolation while removing the need for software workloads to trust their data to a Host OS, hypervisor, or privileged software.
This work is partly supported by :
The National Natural Science Foundation of China under Grant No.62002151 and No. 62102175
Shenzhen Science and Technology Program under Grant No. SGDX20201103095408029 and No. ZDSYS20210623092007023
PolyU Grant (ZVG0) and Hong Kong RGC Project (No. PolyU15222320).
StrongBox
A GPU TEE on Arm Endpoints
To address the security problems, we present StrongBox, the first GPU TEE for secured general computation on Arm endpoints. StrongBox leverages the existing Arm hardware features to protect the GPU memory and GPU device, and perform necessary checks for the GPU device and memory content. Under a compromised operating system, StrongBox provides an isolated execution environment for sensitive GPU computation, ensuring data confidentiality and code integrity.
This work is partly supported by :
The National Natural Science Foundation of China under Grant No.62002151 and No. 62102175
Science, Technology and Innovation Commission of Shenzhen
Municipality under Grant No. SGDX20201103095408029
The
Research Institute for Artificial Intelligence of Things
The Hong
Kong Polytechnic University
HK RGC General Research Fund
No. PolyU 15220020
Nailgun
Break the privilege isolation in ARM devices
Processors nowadays are consistently equipped with debugging features to facilitate the program debugging and analysis. Specifically, the ARM debugging architecture involves a series of CoreSight components and debug registers to aid the system debugging, but the security of the debugging features is under-examined since it normally requires physical access to use these features in the traditional debugging model.
The idea of Nailgun Attack is to misuse the debugging architecture with the inter-processor debugging model. In the inter-processor debugging model, a processor (debug host) is able to pause and debug another processor (debug target) on the same chip even when the debug target owns a higher privilege. With Nailgun, we are able to obtain sensitive information (e.g., AES encryption key and fingerprint image) and achieve arbitrary payload execution in a high-privilege mode.
This work is partly supported by :
The National Science
Foundation Grant No. OAC-1738929 and IIS-1724227
