SECURE ENCLAVES FOR REACTIVE CLOUD APPLICATIONS

The general objective of the SERECA project is to build a platform able to protect the confidentiality and integrity of applications and services executed in the cloud. SERECA wants to protect against the most worrisome type of attacks, e.g. a malicious cloud employees that leverages the physical access to the servers and controls the system software of the computers, in particular, the hypervisor and the host operating system. The insider attacker could in principle access all data being processed by services running in the cloud. In this way, one could, for example, steal keys used to encrypt or decrypt data at rest or being transmitted via the network. In SERECA all data is encrypted in memory and only the CPU has access to the encryption keys. Therefore, even physical access to a machine does not help in gaining access to the data protected with SGX.

SERECA aims to build an infrastructure to execute reactive applications securely in public Cloud Providers (CPs). SERECA wants to improve the state-of-the-art in cloud security for interactive, latency-sensitive applications by developing innovative and effective mechanisms to enforce data integrity, availabilityconfidentiality, and localisation based on secure CPU hardware. 

SERECA integrates the innovative Intel's CPU security extension, namely Software Guard Extension (SGX) (https://software.intel.com/en-us/sgx), with a popular reactive framework, namely Eclipse Vert.x (http://vertx.io). 

  • Intel SGX - Modern x86 Intel CPUs starting with the sixth Core-i microarchitecture support instruction set extensions called SGX which significantly improve application (ring 3) security. The focus of SGX lies on protecting confidentiality and integrity of code and data of applications. Using the SGX instruction set, a so called secure enclave can be created, which is an isolated range of memory within the application’s (virtual) address space to which the SGX security enhancements apply. When using SGX, even the main system memory will be encrypted and integrity protected. SGX permits to protect application state from the hypervisor and the operating system. The data and the computation inside of an enclave are protected from any accesses from the outside of the enclave. An application can create enclaves and transfer sensitive parts of the application code and data into the enclave. Besides protecting sensitive data, for example, encryption keys, enclaves also protect the confidentiality of data stored outside the enclave by encrypting and decrypting the data on demand.
     
  • Eclipse Vert.x - A toolset that helps developers in designing event driven, asynchronous, and micro-service based applications. Micro-services represents the state-of-the-art of cloud-based applications. Their intrinsic features, i.e., a well-partitioned architecture, allows to build highly available and scalable applications that perfectly fit for cloud environments. Services programmed with Vert.x are split in components (known as verticles) that can run in different address spaces and communicate with each other via an Event Bus.

SERECA Architecture

SERECA aims at supporting the execution of critical functionality inside of SGX Enclaves. Hence a central issue is the partition of applications. It is important to keep the code base inside the enclaves small as performance degradation and the Trusted Computing Base (TCB) are kept limited. The idea is to take advantage of the already well-partitioned micro-service design to run verticles partially inside of enclaves and partially outside enclaves much more easily. Vert.x micro-services typically need standard services like databases, key/value stores and coordination services. Within SERECA, several existing standard services are partitioned. In this way, the platform can ensure the confidentiality and integrity of data processed by these standard services. Moreover, another important aspect faced in SERECA is the secure communication between verticles, which is performed via an extension of the vert.x event bus. Enclaves depend on the untrusted operating system to perform I/O operations meaning that all messages must be encrypted. SGX allows to securely configure enclaves by providing hardware protected sealed storage. This means that only a trustworthy enclave is able to get access to keys to decrypt the sealed data. In this way, using asymmetric cryptography typically employed for key exchange can be avoided. Hence, symmetric keys for communication is used by the vert.x extended event bus.

To deploy secure reactive applications, in SERECA,  Docker containers are used. A container is a lightweight alternative to virtual machines that isolates processes running on the same OS kernel. Docker engine offers a rich REST API that allows to manipulate containers both on local and remote hosts. SERECA aims to minimize the number of changes to the engine such that the API can be reused out-of-the-box. Our support of containers will be in a form of a lean runtime that allows to securely configure and execute enclave-enabled applications in containers.  The SERECA consortium anticipates that cloud providers will gradually introduce hardware that supports secure enclaves in their cloud platform offerings. One such offering may involve a Metal-as-a- Service (MaaS) hosted and Rancher managed Docker Swarm deployment infrastructure with a modified Docker Swarm scheduling backend that assigns SERECA application containers to hosts with secure enclave support.

sereca arch

Use Cases

SERECA convincingly validate and demonstrate the benefits of the approach pursued by applying it to realistic and demanding industrial use cases. SERECA addresses this objective by running two industrial use cases with widely differing requirements on the SERECA platform.

  • First, a Water Supply Network Monitoring (WSNM) use case is hardened to provide integrity of monitoring data. With this use case the consortium wants to prove that the platform - through the advance security mechanisms - can empower the cloud migration of Critical Infrastructures (CIs) monitoring applications. In fact, CI administrators are still skeptical of moving their IT infrastructure to cloud environments as there are risks, e.g, that malicious cloud admnistrators leverage their privileged position to attack the integrity of sensitive data and so causing catastrophical events. Through the SERECA platform such a scenario would not be possible as SGX protects against those type of attacks. An existing SCADA application - useful to monitor key metrics of 7 dams in southern Italy - is extended to run securely on the SERECA platform. Data from sensors is sent to the cloud-based application to be securely processed, stored, and finally provided to the WSNM operators.
  • Second, an Application Performance Analysis Service (APAS) use case is hardened to provide confidentiality of monitoring data. The APAS use case, in fact, measures performance metrics of softwares service in the cloud (SaaS). It processes performance data from a variety of applications run by its customers to detect bottlenecks in the customer’s software stack. The data contains identifiers that could reveal the customers, which is why the performance data is confidential. The APAS use case represents a typical migration problem of a infrastructure monitoring system to a cloud platform, especially in regulated industries such as financial services and defence. This process of migration is difficult since security risks of cloud environments are not negligible, especially with regards to trusting the people and underlying systems software at the cloud provider / data centre. In SERECA – through the APAS use case – we demonstrate that the security mechanisms provided can mitigate some of the key security risks (around malicious attackers at the cloud provider / data centre).

Action acronym: SERECA
Action full title: "Secure Enclaves for REactive Cloud Applications"
Objective: ICT-07-2014: Advanced Cloud Infrastructures and Services
Grant agreement no: 645011