ASCLEPIOS Trusted Execution Environment Platform Deployer (TEEPD)

Why we need it?
Beyond computational efficiency, modern computing platforms extensively consider security aspects of program execution. Nowadays, most commodity platforms contain dedicated hardware and firmware components for cryptographic operations, hardware root of trust, and confidential computing environments. However, hardware and firmware support is not sufficient in practice – operators also need a robust and scalable software support to deploy, update, and destroy the workloads that are running on the platforms and protected by the security functionality. Moreover, considering the diversity of commodity computing platforms, such software support must be extensible, generic whenever possible, and capable to support back-ends with different architectural approaches.
The ASCLEPIOS Trusted Execution Environment Platform Deployer (TEEPD) is a helpful tool to manage application code and data in confidential computing environments, such as Intel SGX enclaves. This tool simplifies and scales the tedious task of creating confidential computing enclaves, populating them with workloads and later managing the workloads. In this context, managing is about deploying, updating, patching and finally destroying the workloads. This is particularly helpful for deployments that consist of several components that each run in a separate confidential computing enclave. In this case, the workloads can be managed through a single deployment broker. This allows an administrator to protect the code and data of a distributed system by running them in confidential computing enclaves, separate from the platform operating system where code and data are vulnerable to malicious adversaries or even curious system administrators.
How does it work?
The ASCLEPIOS Trusted Execution Environment Platform Deployer (TEEPD) is an implementation of the Trusted Execution Environment Platform Architecture formulated by the Internet Engineering Task Force (IETF) (Featured image).
The TEEP Deployer consists of several components: a Trusted Application Manager (TAM) that takes inputs from application developers, device administrators and other parties. The data is communicated using a broker component to a TEEP agent running inside the confidential computing enclave. The broker cannot access the data transmitted between the TAM and the TEEP agent and acts only as a relay. Finally, the TEEP agent implements the commands received from the TAM to manage the workloads. The TEEP broker also relays the messages from other applications running on the same platform in order to request specific maintenance actions, such as repeated attestation of the confidential computing enclave, workload integrity validation, and other operations. The TEEP Deployer can be integrated with resource management frameworks such as Micado-Scale, Kubernetes or Inclavare in order to help workload deployment and monitoring at scale.