Beyond computational efficiency, modern commodity computing platforms also extensively consider security aspects of program execution. Thus, mostly such platforms commonly contain dedicated hardware and firmware components for cryptographic operations, hardware root of trust, and trusted execution environments (TEEs). However, hardware and firmware support are not sufficient in practice – operators also need a robust and scalable software support to deploy, update, and destroy the workloads that are running on the platforms and are protected by the security functionality. Moreover, considering the diversity of commodity computing platforms, such software support must be extensible, generic whenever possible, and capable to support back-ends with different architectural approaches. These considerations have led to the creation of the Trusted Execution Environment Platform Working Group of the Internet Engineering Task Force, that defined the TEEP architecture for deployment and management of workloads in TEEs.
Within the scope of project ASCLEPIOS, RISE is working on the “TEEP Deployer” (TEEPD), an implementation of the TEEP architecture. TEEPD will implement important core operations needed for TEE deployment. In particular, the intended functionality includes:
- querying the target platform about the presence of the TEE
- installing an application in the TEE on the platform
- and finally messaging the installed application, for example to send updates or configuration changes
This functionality will provide a sufficient basis for integrating with the applications developed within project ASCLEPIOS and intended to be executed within a TEE.
Implementation of a high-level architecture – especially a partial implementation of a standardisation in progress – requires making certain design and implementation choices. Some of the choices we are facing when designing the implementation of TEEPD are: choice of target TEE back-end, message encoding and implementation of the architecture component abstractions (for example, should the abstractions be implemented as separate software components or merged into fewer ones?). So far, we have made the design decision to follow the broader consensus within ASCLEPIOS and use Intel SGX as a TEE back-end.
Further design decisions will be documented as the implementation progresses and will be described in future blog posts. Stay tuned!