Cabin: Confining Untrusted Programs within Confidential VMs
Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system kernels, making them susceptible to attacks exploiting kernel wea...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Mei, Benshan Xia, Saisai Wang, Wenhao Lin, Dongdai |
| description | Confidential computing safeguards sensitive computations from untrusted
clouds, with Confidential Virtual Machines (CVMs) providing a secure
environment for guest OS. However, CVMs often come with large and vulnerable
operating system kernels, making them susceptible to attacks exploiting kernel
weaknesses. The imprecise control over the read/write access in the page table
has allowed attackers to exploit vulnerabilities. The lack of security
hierarchy leads to insufficient separation between untrusted applications and
guest OS, making the kernel susceptible to direct threats from untrusted
programs. This study proposes Cabin, an isolated execution framework within
guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted
processes to the user space of a lower virtual machine privilege level (VMPL)
by introducing a proxy-kernel between the confined processes and the guest OS.
Furthermore, we propose execution protection mechanisms based on fine-gained
control of VMPL privilege for vulnerable programs and the proxy-kernel to
minimize the attack surface. We introduce asynchronous forwarding mechanism and
anonymous memory management to reduce the performance impact. The evaluation
results show that the Cabin framework incurs a modest overhead (5% on average)
on Nbench and WolfSSL benchmarks. |
| doi_str_mv | 10.48550/arxiv.2407.12334 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2407_12334</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2407_12334</sourcerecordid><originalsourceid>FETCH-arxiv_primary_2407_123343</originalsourceid><addsrcrecordid>eNpjYJA0NNAzsTA1NdBPLKrILNMzMjEw1zM0MjY24WSwdk5MysyzUnDOz0vLzMvMS1cIzSspKi0uSU1RCCjKTy9KzC1WKM8sycjMg6hJSc0ryUzMUQjzLeZhYE1LzClO5YXS3Azybq4hzh66YGviC4oycxOLKuNB1sWDrTMmrAIAuLI0wQ</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Cabin: Confining Untrusted Programs within Confidential VMs</title><source>arXiv.org</source><creator>Mei, Benshan ; Xia, Saisai ; Wang, Wenhao ; Lin, Dongdai</creator><creatorcontrib>Mei, Benshan ; Xia, Saisai ; Wang, Wenhao ; Lin, Dongdai</creatorcontrib><description>Confidential computing safeguards sensitive computations from untrusted
clouds, with Confidential Virtual Machines (CVMs) providing a secure
environment for guest OS. However, CVMs often come with large and vulnerable
operating system kernels, making them susceptible to attacks exploiting kernel
weaknesses. The imprecise control over the read/write access in the page table
has allowed attackers to exploit vulnerabilities. The lack of security
hierarchy leads to insufficient separation between untrusted applications and
guest OS, making the kernel susceptible to direct threats from untrusted
programs. This study proposes Cabin, an isolated execution framework within
guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted
processes to the user space of a lower virtual machine privilege level (VMPL)
by introducing a proxy-kernel between the confined processes and the guest OS.
Furthermore, we propose execution protection mechanisms based on fine-gained
control of VMPL privilege for vulnerable programs and the proxy-kernel to
minimize the attack surface. We introduce asynchronous forwarding mechanism and
anonymous memory management to reduce the performance impact. The evaluation
results show that the Cabin framework incurs a modest overhead (5% on average)
on Nbench and WolfSSL benchmarks.</description><identifier>DOI: 10.48550/arxiv.2407.12334</identifier><language>eng</language><subject>Computer Science - Cryptography and Security</subject><creationdate>2024-07</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,885</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2407.12334$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2407.12334$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Mei, Benshan</creatorcontrib><creatorcontrib>Xia, Saisai</creatorcontrib><creatorcontrib>Wang, Wenhao</creatorcontrib><creatorcontrib>Lin, Dongdai</creatorcontrib><title>Cabin: Confining Untrusted Programs within Confidential VMs</title><description>Confidential computing safeguards sensitive computations from untrusted
clouds, with Confidential Virtual Machines (CVMs) providing a secure
environment for guest OS. However, CVMs often come with large and vulnerable
operating system kernels, making them susceptible to attacks exploiting kernel
weaknesses. The imprecise control over the read/write access in the page table
has allowed attackers to exploit vulnerabilities. The lack of security
hierarchy leads to insufficient separation between untrusted applications and
guest OS, making the kernel susceptible to direct threats from untrusted
programs. This study proposes Cabin, an isolated execution framework within
guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted
processes to the user space of a lower virtual machine privilege level (VMPL)
by introducing a proxy-kernel between the confined processes and the guest OS.
Furthermore, we propose execution protection mechanisms based on fine-gained
control of VMPL privilege for vulnerable programs and the proxy-kernel to
minimize the attack surface. We introduce asynchronous forwarding mechanism and
anonymous memory management to reduce the performance impact. The evaluation
results show that the Cabin framework incurs a modest overhead (5% on average)
on Nbench and WolfSSL benchmarks.</description><subject>Computer Science - Cryptography and Security</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNpjYJA0NNAzsTA1NdBPLKrILNMzMjEw1zM0MjY24WSwdk5MysyzUnDOz0vLzMvMS1cIzSspKi0uSU1RCCjKTy9KzC1WKM8sycjMg6hJSc0ryUzMUQjzLeZhYE1LzClO5YXS3Azybq4hzh66YGviC4oycxOLKuNB1sWDrTMmrAIAuLI0wQ</recordid><startdate>20240717</startdate><enddate>20240717</enddate><creator>Mei, Benshan</creator><creator>Xia, Saisai</creator><creator>Wang, Wenhao</creator><creator>Lin, Dongdai</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20240717</creationdate><title>Cabin: Confining Untrusted Programs within Confidential VMs</title><author>Mei, Benshan ; Xia, Saisai ; Wang, Wenhao ; Lin, Dongdai</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-arxiv_primary_2407_123343</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Computer Science - Cryptography and Security</topic><toplevel>online_resources</toplevel><creatorcontrib>Mei, Benshan</creatorcontrib><creatorcontrib>Xia, Saisai</creatorcontrib><creatorcontrib>Wang, Wenhao</creatorcontrib><creatorcontrib>Lin, Dongdai</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mei, Benshan</au><au>Xia, Saisai</au><au>Wang, Wenhao</au><au>Lin, Dongdai</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Cabin: Confining Untrusted Programs within Confidential VMs</atitle><date>2024-07-17</date><risdate>2024</risdate><abstract>Confidential computing safeguards sensitive computations from untrusted
clouds, with Confidential Virtual Machines (CVMs) providing a secure
environment for guest OS. However, CVMs often come with large and vulnerable
operating system kernels, making them susceptible to attacks exploiting kernel
weaknesses. The imprecise control over the read/write access in the page table
has allowed attackers to exploit vulnerabilities. The lack of security
hierarchy leads to insufficient separation between untrusted applications and
guest OS, making the kernel susceptible to direct threats from untrusted
programs. This study proposes Cabin, an isolated execution framework within
guest VM utilizing the latest AMD SEV-SNP technology. Cabin shields untrusted
processes to the user space of a lower virtual machine privilege level (VMPL)
by introducing a proxy-kernel between the confined processes and the guest OS.
Furthermore, we propose execution protection mechanisms based on fine-gained
control of VMPL privilege for vulnerable programs and the proxy-kernel to
minimize the attack surface. We introduce asynchronous forwarding mechanism and
anonymous memory management to reduce the performance impact. The evaluation
results show that the Cabin framework incurs a modest overhead (5% on average)
on Nbench and WolfSSL benchmarks.</abstract><doi>10.48550/arxiv.2407.12334</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2407.12334 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2407_12334 |
| source | arXiv.org |
| subjects | Computer Science - Cryptography and Security |
| title | Cabin: Confining Untrusted Programs within Confidential VMs |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-01T20%3A31%3A19IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Cabin:%20Confining%20Untrusted%20Programs%20within%20Confidential%20VMs&rft.au=Mei,%20Benshan&rft.date=2024-07-17&rft_id=info:doi/10.48550/arxiv.2407.12334&rft_dat=%3Carxiv_GOX%3E2407_12334%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |