| 引用本文: |
-
朱轶凡,李沛南,白云开,黄玉彪,王诗文,孟丹,侯锐.可信执行环境安全威胁综述[J].信息安全学报,已采用 [点击复制]
- ZHU Yifan,LI Peinan,BAI Yunkai,HUANG Yubiao,WANG Shiwen,MENG Dan,HOU Rui.A Survey of Trusted Execution Environment Security Threats[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 随着信息技术的飞速发展,人们对个人隐私的重视程度日益提高。为了确保用户隐私数据在云服务、个人终端等设备计算处理过程中的安全,学术界和工业界纷纷推出了机密计算技术。在其中,可信执行环境成为目前备受关注且应用广泛的机密计算技术。这一技术将用户的隐私数据放入单独的隔离区域进行处理,通过加密和度量等机制,可信执行环境能够确保程序运行时这些隐私数据和代码的机密性以及完整性。然而,不同于传统程序在计算中遭受的安全风险,可信执行环境面临着更为强大的威胁模型。攻击者可以任意控制设备的高特权软硬件,窃取用户的隐私。面对这种强大的威胁模型,现有的可信执行环境设计并不能满足用户的安全需求,以提供完全安全的机密计算。这也导致了层出不穷的攻击手段使得攻击者能够绕过原本的隔离机制窃取隐私或机密信息。基于此现状,本文对现有的可信执行环境中存在的安全问题进行了调研,并将针对可信执行环境的攻击进行了分类。进一步地,本文介绍现有的针对于可信执行环境攻击的防御机制。最后,本文总结了安全的可信执行环境设计目前仍然面临的挑战以及今后的发展趋势。 |
| 关键词: 机密计算 可信执行环境 软件攻击 微架构攻击 |
| DOI: |
| 投稿时间:2024-01-05修订日期:2024-03-25 |
| 基金项目:国家杰出青年科学基金,国家自然科学基金青年基金项目 |
|
| A Survey of Trusted Execution Environment Security Threats |
|
ZHU Yifan, LI Peinan, BAI Yunkai, HUANG Yubiao, WANG Shiwen, MENG Dan, HOU Rui
|
| (Institute of Information Engineering, Chinese Academy of Sciences) |
| Abstract: |
| With the rapid development of information technology, people are paying more attention to their personal privacy. To ensure the security of user privacy data during processing in cloud services, personal terminals, and other devices, aca-demia and industry have introduced confidential computing technologies. Among these, the Trusted Execution Environ-ment (TEE) has gradually emerged as a widely used confidential computing technology. This technology puts the user's private data into a separate isolated region for processing, and through encryption and measurement mechanisms, TEE can ensure the confidentiality and integrity of these private data and code while the program is running. However, unlike the security risks faced by traditional execution environments, TEE faces a more powerful threat model. Attackers can arbitrarily control the high-privileged software and hardware of the device to steal private or confidential information. Faced with this powerful threat model, existing TEE designs cannot meet the security requirements of users to provide fully secure confidential computing. Numerous attack methods make attackers bypass the original isolation mechanism of TEE to steal privacy or confidential information. Based on this situation, this paper surveys the existing security issues in TEE and categorizes the attacks against TEE. Furthermore, it introduces existing defense mechanisms for attacks on TEE. Finally, it summarizes the current challenges faced by secure TEE and future development trends. |
| Key words: confidential computing, trusted execution environment, software-based attack, microarchitecture-based attack |
