基于边缘计算的可信执行环境研究
|
摘要
边缘计算概念的提出引入了一个新兴的计算模型,它不仅可以缓解传统云计算模型中由于数据传输造成的高延迟问题,同时也有益于保持隐私数据及安全敏感数据的机密性.然而,边缘计算节点本身执行环境的安全性依然是一个不可忽略的问题,它时刻威胁着整个边缘计算模型的安全.得益于硬件厂商在各平台上推出可信执行环境,通过将这些可信执行环境集成至边缘计算节点中可以有效地保障这些节点上运算的安全性.此研究首先分析了一系列传统计算模型中的可信执行环境,并讨论了这些可信执行环境各自的优缺点.其后,在此基础上,深入研究了Intel软件防护扩展和ARM TrustZone这2个流行的可信执行环境,并分别在Intel雾计算节点参考设计样机和ARM Juno开发板上对这2个可信执行环境的安全性和性能进行了分析与测试.结果显示:这些硬件辅助的可信执行环境的引入能够在基本不影响整个系统性能的同时,增强边缘计算平台的安全性.为了帮助提高可信执行环境在边缘计算模型下的可靠性,最后总结了将可信执行环境使用在边缘计算模型中将要面对的安全挑战.
The concept of edge computing introduces a new emerging computing model that mitigates the high latency caused by the data transmission in the traditional cloud computing model and helps to keep the privacy-or security-sensitive data confidential. However, the security of the execution environment on the edge nodes is still a non-negligible concern that threatens the whole computing model. Recently, hardware vendors design dedicated trusted execution environments(TEEs) on different platforms, and integrating these TEEs to the edge nodes would be efficient to secure the computation on these nodes. In this paper, we investigate a variety of popular TEEs on the traditional computing model and discuss the pros and cons of each TEE based on recent research. Moreover, we further study two popular TEEs-Intel software guard extensions(SGX) and ARM TrustZone technology, and conduct comprehensive performance and security analysis on an Intel Fog Node Reference Architecture platform and an ARM Juno development board, respectively. The analysis results show that using these hardware-assisted TEEs on edge computing platforms produces low overhead while achieving higher security. The discussion on the security challenges of the TEEs is also presented to help improve the reliability of these TEEs and edge computing.
The concept of edge computing introduces a new emerging computing model that mitigates the high latency caused by the data transmission in the traditional cloud computing model and helps to keep the privacy-or security-sensitive data confidential. However, the security of the execution environment on the edge nodes is still a non-negligible concern that threatens the whole computing model. Recently, hardware vendors design dedicated trusted execution environments(TEEs) on different platforms, and integrating these TEEs to the edge nodes would be efficient to secure the computation on these nodes. In this paper, we investigate a variety of popular TEEs on the traditional computing model and discuss the pros and cons of each TEE based on recent research. Moreover, we further study two popular TEEs-Intel software guard extensions(SGX) and ARM TrustZone technology, and conduct comprehensive performance and security analysis on an Intel Fog Node Reference Architecture platform and an ARM Juno development board, respectively. The analysis results show that using these hardware-assisted TEEs on edge computing platforms produces low overhead while achieving higher security. The discussion on the security challenges of the TEEs is also presented to help improve the reliability of these TEEs and edge computing.
引文
[1]Armbrust M,Fox A,Griffith R,et al.A view of cloud computing[J].Communications of the ACM,2010,53(4):50- 58
[2]Dinh H T,Lee C,Niyato D,et al.A survey of mobile cloud computing:Architecture,applications,and approaches[J].Wireless Communication and Mobile Computing,2013,13(18):1587- 1611
[3]Gubbi J,Buyya R,Marusic S,et al.Internet of things (IoT):A vision,architectural elements,and future directions[J].Future Generation Computer Systems,2013,29(7):1645- 1660
[4]Etzion O,Fournier F,Arcushin S,et al.Tutorial on the Internet of everything[C] //Proc of the 8th ACM Int Conf on Distributed Event-Based Systems.New York:ACM,2014:236- 237
[5]Shi Weisong,Cao Jie,Zhang Quan,et al.Edge computing:Vision and challenges[J].IEEE Internet of Things Journal,2016,3(5):637- 646
[6]Bonomi F,Milito R,Zhu Jiang,et al.Fog computing and its role in the Internet of things[C] //Proc of the 1st Edition of the MCC Workshop on Mobile Cloud Computing.New York:ACM,2012:13- 16
[7]Deng Xiaoheng,Guan Peiyuan,Wan Zhiwen,et al.Integ-rated trust based resource cooperation in edge computing[J].Journal of Computer Research and Development,2018,55(3):449- 477 (in Chinese)(邓晓衡,关培源,万志文,等.基于综合信任的边缘计算资源协同研究[J].计算机研究与发展,2018,55(3):449- 477)
[8]Anati I,Gueron S,Johnson S,et al.Innovative technology for CPU based attestation and sealing[OL].[2017-05-03].https://software.intel.com/en-us/articles/innovative-technology-for-cpu-based-attestation-and-sealing
[9]Hoekstra M,Lal R,Pappachan P,et al.Using innovative instructions to create trustworthy software solutions[OL].[2017-05-03].https://software.intel.com/en-us/articles/using-innovative-instructions-to-create-trustworthy-software-solutions
[10]Mckeen F,Alexandrovich I,Berenzon A,et al.Innovative instructions and software model for isolated execution[C] //Proc of the 2nd Int Workshop on Hardware and Architectural support for Security and Privacy.New York:ACM,2013:Article No.10
[11]Ruan Xiaoyu.Platform Embedded Security Technology Revealed:Safeguarding the Future of Computing with Intel Embedded Security and Management Engine[M].Berkeley,CA:Apress,2014
[12]Intel.Intel? 64 and IA-32 architectures software developer manuals[OL].[2018-05-18].https://software.intel.com/en-us/articles/intel-sdm
[13]Kaplan D,Powell J,Woller T.AMD memory encryption[OL].[2016-06-19].http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
[14]AMD.AMD secure technology[OL].[2017-06-18].http://www.amd.com/en-us/innovations/software-technologies/security
[15]ARM.Security technology:Building a secure system using TrustZone[OL].[2015-10-07].http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf
[16]Intel.Fog reference design overview[OL].[2017-09-16].https://www.intel.com/content/dam/www/public/us/en/docu ments/design-guides/fog-reference-design-overview-guide.pdf
[17]ARM.Juno ARM development platform[OL].[2016-04-15].https://developer.arm.com/products/system-design/development-boards/juno-development-board
[18]Baumann A,Peinado M,Hunt G.Shielding applications from an untrusted cloud with Haven[C] //Proc of the 11th USENIX Symp on Operating Systems Design and Implement-ation.Berkeley,CA:USENIX Association,2014:267- 283
[19]Arnautov S,Trach B,Gregor F,et al.SCONE:Secure Linux containers with Intel SGX[C] //Proc of the 12th USENIX Symp on Operating Systems Design and Implement-ation.Berkeley,CA:USENIX Association,2016:689- 703
[20]Hunt T,Zhu Zhiting,Xu Yuanzhong,et al.Ryoan:A distributed sandbox for untrusted computation on secret data[C] //Proc of the 12th USENIX Symp on Operating Systems Design and Implementation.Berkeley,CA:USENIX Association,2016:533- 549
[21]Schuster F,Costa M,Fournet C,et al.VC3:Trustworthy data analytics in the cloud using SGX[C] //Proc of the 36th IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2015:38- 54
[22]Karande V,Bauman E,Lin Zhiqiang,et al.SGX-Log:Securing system logs with SGX[C] //Proc of the 12th ACM Asia Conf on Computer and Communications Security.New York:ACM,2017:19- 30
[23]Shih M W,Kumar M,Kim T,et al.S-NFV:Securing NFV states by using SGX[C] //Proc of the 2016 ACM Int Workshop on Security in Software Defined Networks and Network Function Virtualization.New York:ACM,2016:45- 48
[24]Seo J,Lee B,Kim S.SGX-Shield:Enabling address space layout randomization for SGX programs[C] //Proc of the 24th Annual Network and Distributed System Security Symp.Reston,VA;Internet Society,2017
[25]Shih M W,Lee,S,Kim T,et al.T-SGX:Eradicating controlled-channel attacks against enclave programs[C] //Proc of the 24th Annual Network and Distributed System Security Symp.Reston,VA:Internet Society,2017
[26]Schwarz M,Weiser S,Gruss D,et al.Malware guard extension:Using SGX to conceal cache attacks[C] //Proc of the 14th Conf on Detection of Intrusions and Malware and Vulnerability Assessment.Berlin:Springer,2017:3- 24
[27]Brasser F,Muller U,Dmitrienko A,et al.Software grand exposure:SGX cache attacks are practical[C] //Proc of the 11th USENIX Workshop on Offensive Technologies.Berkeley,CA:USENIX Association,2017
[28]Weichbrodt N,Kurmus A,Pietzuch P,et al.AsyncShock:Exploiting synchronisation bugs in intel SGX enclaves[C] //Proc of the 21st European Symp on Research in Computer Security.Berlin:Springer,2016:440- 457
[29]Rutkowska J,Wojtczuk R.Preventing and detecting Xen hypervisor subversions[OL].[2015-10-24].https://invisiblethingslab.com/resources/bh08/part2-full.pdf
[30]Zhang Fengwei,Jiang Wang,Sun Kun,et al.Hypercheck:A hardware-assistedintegrity monitor[J].IEEE Transactions on Dependable and Secure Computing.2014,11(4):332- 344
[31]Azab A M,Ning Peng,Wang Zhi,et al.Hypersentry:Enabling stealthy in-context measurement of hypervisor integrity[C] //Proc of the 17th ACM Conf on Computer and Communications Security.New York:ACM,2010:38- 49
[32]Karavanic K.TWC:Small:System infrastructure for SMM-based runtime integrity measurement[OL].[2016-07-25].https://nsf.gov/awardsearch/showAward?AWD_ID=1528185
[33]Azab A M,Ning Peng,Zhang Xiaolan.Sice:A hardware-level strongly isolated computing environment for x86 multi-core platforms[C] //Proc of the 18th ACM Conf on Computer and Communications Security.New York:ACM,2011:375- 388
[34]Zhang Fengwei,Leach K,Sun Kun,et al.Spectre:A depen-dable introspection framework via system management mode[C] //Proc of the 43rd IEEE/IFIP Int Conf on Dependable Systems and Networks.Piscataway,NJ:IEEE,2013:1- 12
[35]Reina A,Fattori A,Pagani F,et al.When hardware meets software:A bulletproof solution to forensic memory acquisition[C] //Proc of the 28th Annual Computer Security Applications Conf.New York:ACM,2012:79- 99
[36]Jiang Wang,Zhang Fengwei,Sun Kun,et al.Firmware-assisted memory acquisition and analysis tools for digital forensics[C] //Proc of the 6th IEEE Int Workshop on Systematic Approaches to Digital Forensic Engineering.Piscataway,NJ:IEEE,2011
[37]Zhang Fengwei.IOCheck:A framework to enhance the security of I/O devices at runtime[C] //Proc of the 43rd Annual IEEE/IFIP Conf on Dependable Systems and Networks Workshop.Piscataway,NJ:IEEE,2013
[38]Jin S,Seol J,Huh J,et al.Hardware-assisted secure resource accounting under a vulnerable hypervisor[J].ACM SIGPLAN Notices,2015,50(7):201- 213
[39]Zhang Fengwei,Leach K,Stavrou A,et al.Using hardware features for increased debugging transparency[C] //Proc of the 36th IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2015:55- 69
[40]Zhang Fengwei,Leach K,Wang Haining,et al.TrustLogin:Securing password-login on commodity operating systems[C] //Proc of the 10th ACM Symp on Information,Computer and Communications Security.New York:ACM,2015:333- 344
[41]Leach K,Spensky C,Weimer W,et al.Towards transparent introspection[C] //Proc of the IEEE 23rd Int Conf on Software Analysis,Evolution,and Reengineering.Piscataway,NJ:IEEE,2016:248- 259
[42]Sun He,Sun Kun,Wang Yuewu,et al.TrustDump:Reliable memory acquisition on smartphones[C] //Proc of the 19th European Symp on Research in Computer Security.Berlin:Springer,2014:202- 218
[43]Azab A M,Ning Peng,Shah J,et al.Hypervision across worlds:Real-time kernel protection from the arm trustzone secure world[C] //Proc of the 21st ACM Conf on Computer and Communications Security.New York:ACM,2014:90- 102
[44]Ge Xinyang,Vijayakumar H,Jaeger T.Sprobes:Enforcing kernel code integrity on the trustzone architecture[C] //Proc of the 3rd IEEE Mobile Security Technologies Workshop.Piscataway,NJ:IEEE,2014
[45]Jang JS,Kong S,Kim M,et al.SeCReT:Secure channel between rich execution environment and trusted execution environment[C] //Proc of the 22nd Annual Network and Distributed System Security Symp.Reston,VA:Internet Society,2015
[46]Sun He,Sun Kun,Wang Yuewu,et al.TrustICE:Hardware-assisted isolated computing environments on mobile devices[C] //Proc of the 45 Annual IEEE/IFIP Int Conf on Dependable Systems and Networks.Piscataway,NJ:IEEE,2015:367- 378
[47]Sun He,Sun Kun,Wang Yuewu,et al.TrustOTP:Transforming smartphones into secure one-time password tokens[C] //Proc of the 22nd ACM Conf on Computer and Communications Security.New York:ACM,2015:976- 988
[48]Li Wenhao,Li Haibo,Chen Haibo,et al.AdAttester:Secure online mobile advertisement attestation using trustzone[C] //Proc of the 13th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2015:75- 88
[49]Brasser F,Kim D,Liebchen C,et all.Regulating arm TrustZone devices in restricted spaces[C] //Proc of the 14th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2016:413- 425
[50]Raj H,Saroiu S,Wolman A,et al.fTPM:A software-only implementation of a TPM chip[C] //Proc of the 25th USENIX Security Symp.Berkeley,CA:USENIX Association,2016:841- 856
[51]Jang J,Choi C,Lee J,et al.PrivateZone:Providing a private execution environment using ARM TrustZone[J].IEEE Transactions on Dependable and Secure Computing,2016,15(5):797- 810
[52]Abera T,Asokan N,Davi L,et al.C-FLAT:Control-flow attestation for embedded systems software[C] //Proc of the 23rd ACM Conf on Computer and Communications Security.New York:ACM,2016:743- 754
[53]Guan Le,Liu Peng,Xing Xinyu,et al.TrustShadow:Secure execution of unmodified applications with ARM TrustZone[C] //Proc of the 15th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2017:488- 501
[54]Tereshkin A,Wojtczuk R.Introducing ring-3 rootkits[C/OL] //Proc of 2009 Black Hat USA.[2016-02-14].https://invisiblethingslab.com/resources/bh09usa/Ring%20-3%20 Rootkits.pdf
[55]Patrick S,Iurii B.Understanding DMA Malware[C] //Proc of the 9th Conf on Detection of Intrusions and Malware & Vulnerability Assessment.Berlin:Springer,2012:21- 41
[56]Intel.Intel-SA-00075[OL].[2018-03-21].https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00075.html
[57]Carlos Perez.Tenable Blog:Rediscovering the Intel AMT Vulnerability[OL].[2018-04-15].https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
[58]Kaplan D.AMD x86 memory encryption technologies[OL].[2016-10-18].https://www.usenix.org/conference/usenix security16/technical-sessions/presentation/kaplan
[59]Kaplan D,Woller T,Powell J.AMD memory encryption tutorial[OL].[2016-07-28].https://sites.google.com/site/metisca2016/
[60]Costan V,Devadas S.Intel SGX explained[OL].[2017-12-15].https://eprint.iacr.org/2016/086.pdf
[61]Rutkowska J.Intel x86 considered harmful[OL].[2015-10-29].https://media.8ch.net/cyber/src/1457971916926-2.pdf
[62]Brash D.The ARM architecture version 6[OL].[2016-05-30].http://lars.nocrew.org/computers/processors/ARM/ARMv6.pdf
[63]Intel.Intel? active management technology[OL].[2018-03-15].https://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html
[64]Marek R.AMD x86 SMU firmware analysis-Do you care about Matroshka processors[OL].[2017-05-26].https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2503/original/ccc-final.pdf
[65]AMD.BIOS and kernel developer's guide (BKDG) for AMD family 15h models 00h-0Fh pocessors[OL].[2017-10-24].http://support.amd.com/TechDocs/52740_16h_Models_30h-3Fh_BKDG.pdf
[66]Intel.Intel? Software Guard Extensions (Intel? SGX) SDK[OL].[2017-12-04].https://software.intel.com/en-us/sgx-sdk/download
[67]Rivest R.The MD5 message-digest algorithm[OL].[2018-03-21].https://www.ietf.org/rfc/rfc1321.txt
[68]Primate Labs.GeekBench 4[OL].[2018-04-12].https://www.primatelabs.com/
[69]ARM.Trusted Firmware[OL].[2017-10-23].https://github.com/ARM-software/arm-trusted-firmware
[70]Linaro.Linaro Releases[OL].[2016-12-24].http://releases.linaro.org/android/reference-lcr/juno/15.09/
[71]Wojtczuk R,Rutkowska J.Attacking SMM memory via Intel CPU cache poisoning [OL].[2015-08-16].http://composter.com.ua/documents/Attacking-SMM-Memory-via-Intel-CPU-Cache-Poisoning.pdf
[72]Duflot L,Levillain O,Morin B,et al.Getting into the SMRAM:SMM reloaded[C/OL] //Proc of the 19th Annual CanSecWest Conf.[2017-05-21].https://cansecwest.com/csw09/csw09-duflot.pdf
[73]Wojtczuk R,Kallenberg C.Attacking UEFI boot script[C/OL] //Prof of the 31st Chaos Communication Congress.[2017-05-22].https://papers.put.as/papers/firmware/2014/venamis_whitepaper.pdf
[74]Butterworth J,Kallenberg C,Kovah X,et al.Bios chronomancy:Fixing the core root of trust for measurement[C] //Proc of the 8th ACM Conf on Computer and Communications Security.New York:ACM,2013:25- 36
[75]Shen Di.Attacking your trusted core:Exploiting trustzone on Android[C] //Proc of 2015 Black Hat USA.[2016-04-09].https://www.blackhat.com/docs/us-15/materials/us-15-Shen-Attacking-Your-Trusted-Core-Exploiting-Trustzone-On-Android.pdf
[76]Rosenberg D.Reflections on trusting trustzone[OL].[2016-03-01].https://www.blackhat.com/docs/us-14/materials/us-14-Rosenberg-Reflections-on-Trusting-TrustZone.pdf
[77]Lipp M,Gruss D,Spreitzer R,et al.ARMageddon:Cache attacks on mobile devices[C] //Proc of the 25th USENIX Security Symp.Berkeley,CA:USENIX Association,2016:549- 564
[2]Dinh H T,Lee C,Niyato D,et al.A survey of mobile cloud computing:Architecture,applications,and approaches[J].Wireless Communication and Mobile Computing,2013,13(18):1587- 1611
[3]Gubbi J,Buyya R,Marusic S,et al.Internet of things (IoT):A vision,architectural elements,and future directions[J].Future Generation Computer Systems,2013,29(7):1645- 1660
[4]Etzion O,Fournier F,Arcushin S,et al.Tutorial on the Internet of everything[C] //Proc of the 8th ACM Int Conf on Distributed Event-Based Systems.New York:ACM,2014:236- 237
[5]Shi Weisong,Cao Jie,Zhang Quan,et al.Edge computing:Vision and challenges[J].IEEE Internet of Things Journal,2016,3(5):637- 646
[6]Bonomi F,Milito R,Zhu Jiang,et al.Fog computing and its role in the Internet of things[C] //Proc of the 1st Edition of the MCC Workshop on Mobile Cloud Computing.New York:ACM,2012:13- 16
[7]Deng Xiaoheng,Guan Peiyuan,Wan Zhiwen,et al.Integ-rated trust based resource cooperation in edge computing[J].Journal of Computer Research and Development,2018,55(3):449- 477 (in Chinese)(邓晓衡,关培源,万志文,等.基于综合信任的边缘计算资源协同研究[J].计算机研究与发展,2018,55(3):449- 477)
[8]Anati I,Gueron S,Johnson S,et al.Innovative technology for CPU based attestation and sealing[OL].[2017-05-03].https://software.intel.com/en-us/articles/innovative-technology-for-cpu-based-attestation-and-sealing
[9]Hoekstra M,Lal R,Pappachan P,et al.Using innovative instructions to create trustworthy software solutions[OL].[2017-05-03].https://software.intel.com/en-us/articles/using-innovative-instructions-to-create-trustworthy-software-solutions
[10]Mckeen F,Alexandrovich I,Berenzon A,et al.Innovative instructions and software model for isolated execution[C] //Proc of the 2nd Int Workshop on Hardware and Architectural support for Security and Privacy.New York:ACM,2013:Article No.10
[11]Ruan Xiaoyu.Platform Embedded Security Technology Revealed:Safeguarding the Future of Computing with Intel Embedded Security and Management Engine[M].Berkeley,CA:Apress,2014
[12]Intel.Intel? 64 and IA-32 architectures software developer manuals[OL].[2018-05-18].https://software.intel.com/en-us/articles/intel-sdm
[13]Kaplan D,Powell J,Woller T.AMD memory encryption[OL].[2016-06-19].http://amd-dev.wpengine.netdna-cdn.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf
[14]AMD.AMD secure technology[OL].[2017-06-18].http://www.amd.com/en-us/innovations/software-technologies/security
[15]ARM.Security technology:Building a secure system using TrustZone[OL].[2015-10-07].http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf
[16]Intel.Fog reference design overview[OL].[2017-09-16].https://www.intel.com/content/dam/www/public/us/en/docu ments/design-guides/fog-reference-design-overview-guide.pdf
[17]ARM.Juno ARM development platform[OL].[2016-04-15].https://developer.arm.com/products/system-design/development-boards/juno-development-board
[18]Baumann A,Peinado M,Hunt G.Shielding applications from an untrusted cloud with Haven[C] //Proc of the 11th USENIX Symp on Operating Systems Design and Implement-ation.Berkeley,CA:USENIX Association,2014:267- 283
[19]Arnautov S,Trach B,Gregor F,et al.SCONE:Secure Linux containers with Intel SGX[C] //Proc of the 12th USENIX Symp on Operating Systems Design and Implement-ation.Berkeley,CA:USENIX Association,2016:689- 703
[20]Hunt T,Zhu Zhiting,Xu Yuanzhong,et al.Ryoan:A distributed sandbox for untrusted computation on secret data[C] //Proc of the 12th USENIX Symp on Operating Systems Design and Implementation.Berkeley,CA:USENIX Association,2016:533- 549
[21]Schuster F,Costa M,Fournet C,et al.VC3:Trustworthy data analytics in the cloud using SGX[C] //Proc of the 36th IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2015:38- 54
[22]Karande V,Bauman E,Lin Zhiqiang,et al.SGX-Log:Securing system logs with SGX[C] //Proc of the 12th ACM Asia Conf on Computer and Communications Security.New York:ACM,2017:19- 30
[23]Shih M W,Kumar M,Kim T,et al.S-NFV:Securing NFV states by using SGX[C] //Proc of the 2016 ACM Int Workshop on Security in Software Defined Networks and Network Function Virtualization.New York:ACM,2016:45- 48
[24]Seo J,Lee B,Kim S.SGX-Shield:Enabling address space layout randomization for SGX programs[C] //Proc of the 24th Annual Network and Distributed System Security Symp.Reston,VA;Internet Society,2017
[25]Shih M W,Lee,S,Kim T,et al.T-SGX:Eradicating controlled-channel attacks against enclave programs[C] //Proc of the 24th Annual Network and Distributed System Security Symp.Reston,VA:Internet Society,2017
[26]Schwarz M,Weiser S,Gruss D,et al.Malware guard extension:Using SGX to conceal cache attacks[C] //Proc of the 14th Conf on Detection of Intrusions and Malware and Vulnerability Assessment.Berlin:Springer,2017:3- 24
[27]Brasser F,Muller U,Dmitrienko A,et al.Software grand exposure:SGX cache attacks are practical[C] //Proc of the 11th USENIX Workshop on Offensive Technologies.Berkeley,CA:USENIX Association,2017
[28]Weichbrodt N,Kurmus A,Pietzuch P,et al.AsyncShock:Exploiting synchronisation bugs in intel SGX enclaves[C] //Proc of the 21st European Symp on Research in Computer Security.Berlin:Springer,2016:440- 457
[29]Rutkowska J,Wojtczuk R.Preventing and detecting Xen hypervisor subversions[OL].[2015-10-24].https://invisiblethingslab.com/resources/bh08/part2-full.pdf
[30]Zhang Fengwei,Jiang Wang,Sun Kun,et al.Hypercheck:A hardware-assistedintegrity monitor[J].IEEE Transactions on Dependable and Secure Computing.2014,11(4):332- 344
[31]Azab A M,Ning Peng,Wang Zhi,et al.Hypersentry:Enabling stealthy in-context measurement of hypervisor integrity[C] //Proc of the 17th ACM Conf on Computer and Communications Security.New York:ACM,2010:38- 49
[32]Karavanic K.TWC:Small:System infrastructure for SMM-based runtime integrity measurement[OL].[2016-07-25].https://nsf.gov/awardsearch/showAward?AWD_ID=1528185
[33]Azab A M,Ning Peng,Zhang Xiaolan.Sice:A hardware-level strongly isolated computing environment for x86 multi-core platforms[C] //Proc of the 18th ACM Conf on Computer and Communications Security.New York:ACM,2011:375- 388
[34]Zhang Fengwei,Leach K,Sun Kun,et al.Spectre:A depen-dable introspection framework via system management mode[C] //Proc of the 43rd IEEE/IFIP Int Conf on Dependable Systems and Networks.Piscataway,NJ:IEEE,2013:1- 12
[35]Reina A,Fattori A,Pagani F,et al.When hardware meets software:A bulletproof solution to forensic memory acquisition[C] //Proc of the 28th Annual Computer Security Applications Conf.New York:ACM,2012:79- 99
[36]Jiang Wang,Zhang Fengwei,Sun Kun,et al.Firmware-assisted memory acquisition and analysis tools for digital forensics[C] //Proc of the 6th IEEE Int Workshop on Systematic Approaches to Digital Forensic Engineering.Piscataway,NJ:IEEE,2011
[37]Zhang Fengwei.IOCheck:A framework to enhance the security of I/O devices at runtime[C] //Proc of the 43rd Annual IEEE/IFIP Conf on Dependable Systems and Networks Workshop.Piscataway,NJ:IEEE,2013
[38]Jin S,Seol J,Huh J,et al.Hardware-assisted secure resource accounting under a vulnerable hypervisor[J].ACM SIGPLAN Notices,2015,50(7):201- 213
[39]Zhang Fengwei,Leach K,Stavrou A,et al.Using hardware features for increased debugging transparency[C] //Proc of the 36th IEEE Symp on Security and Privacy.Piscataway,NJ:IEEE,2015:55- 69
[40]Zhang Fengwei,Leach K,Wang Haining,et al.TrustLogin:Securing password-login on commodity operating systems[C] //Proc of the 10th ACM Symp on Information,Computer and Communications Security.New York:ACM,2015:333- 344
[41]Leach K,Spensky C,Weimer W,et al.Towards transparent introspection[C] //Proc of the IEEE 23rd Int Conf on Software Analysis,Evolution,and Reengineering.Piscataway,NJ:IEEE,2016:248- 259
[42]Sun He,Sun Kun,Wang Yuewu,et al.TrustDump:Reliable memory acquisition on smartphones[C] //Proc of the 19th European Symp on Research in Computer Security.Berlin:Springer,2014:202- 218
[43]Azab A M,Ning Peng,Shah J,et al.Hypervision across worlds:Real-time kernel protection from the arm trustzone secure world[C] //Proc of the 21st ACM Conf on Computer and Communications Security.New York:ACM,2014:90- 102
[44]Ge Xinyang,Vijayakumar H,Jaeger T.Sprobes:Enforcing kernel code integrity on the trustzone architecture[C] //Proc of the 3rd IEEE Mobile Security Technologies Workshop.Piscataway,NJ:IEEE,2014
[45]Jang JS,Kong S,Kim M,et al.SeCReT:Secure channel between rich execution environment and trusted execution environment[C] //Proc of the 22nd Annual Network and Distributed System Security Symp.Reston,VA:Internet Society,2015
[46]Sun He,Sun Kun,Wang Yuewu,et al.TrustICE:Hardware-assisted isolated computing environments on mobile devices[C] //Proc of the 45 Annual IEEE/IFIP Int Conf on Dependable Systems and Networks.Piscataway,NJ:IEEE,2015:367- 378
[47]Sun He,Sun Kun,Wang Yuewu,et al.TrustOTP:Transforming smartphones into secure one-time password tokens[C] //Proc of the 22nd ACM Conf on Computer and Communications Security.New York:ACM,2015:976- 988
[48]Li Wenhao,Li Haibo,Chen Haibo,et al.AdAttester:Secure online mobile advertisement attestation using trustzone[C] //Proc of the 13th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2015:75- 88
[49]Brasser F,Kim D,Liebchen C,et all.Regulating arm TrustZone devices in restricted spaces[C] //Proc of the 14th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2016:413- 425
[50]Raj H,Saroiu S,Wolman A,et al.fTPM:A software-only implementation of a TPM chip[C] //Proc of the 25th USENIX Security Symp.Berkeley,CA:USENIX Association,2016:841- 856
[51]Jang J,Choi C,Lee J,et al.PrivateZone:Providing a private execution environment using ARM TrustZone[J].IEEE Transactions on Dependable and Secure Computing,2016,15(5):797- 810
[52]Abera T,Asokan N,Davi L,et al.C-FLAT:Control-flow attestation for embedded systems software[C] //Proc of the 23rd ACM Conf on Computer and Communications Security.New York:ACM,2016:743- 754
[53]Guan Le,Liu Peng,Xing Xinyu,et al.TrustShadow:Secure execution of unmodified applications with ARM TrustZone[C] //Proc of the 15th Annual Int Conf on Mobile Systems,Applications,and Services.New York:ACM,2017:488- 501
[54]Tereshkin A,Wojtczuk R.Introducing ring-3 rootkits[C/OL] //Proc of 2009 Black Hat USA.[2016-02-14].https://invisiblethingslab.com/resources/bh09usa/Ring%20-3%20 Rootkits.pdf
[55]Patrick S,Iurii B.Understanding DMA Malware[C] //Proc of the 9th Conf on Detection of Intrusions and Malware & Vulnerability Assessment.Berlin:Springer,2012:21- 41
[56]Intel.Intel-SA-00075[OL].[2018-03-21].https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00075.html
[57]Carlos Perez.Tenable Blog:Rediscovering the Intel AMT Vulnerability[OL].[2018-04-15].https://www.tenable.com/blog/rediscovering-the-intel-amt-vulnerability
[58]Kaplan D.AMD x86 memory encryption technologies[OL].[2016-10-18].https://www.usenix.org/conference/usenix security16/technical-sessions/presentation/kaplan
[59]Kaplan D,Woller T,Powell J.AMD memory encryption tutorial[OL].[2016-07-28].https://sites.google.com/site/metisca2016/
[60]Costan V,Devadas S.Intel SGX explained[OL].[2017-12-15].https://eprint.iacr.org/2016/086.pdf
[61]Rutkowska J.Intel x86 considered harmful[OL].[2015-10-29].https://media.8ch.net/cyber/src/1457971916926-2.pdf
[62]Brash D.The ARM architecture version 6[OL].[2016-05-30].http://lars.nocrew.org/computers/processors/ARM/ARMv6.pdf
[63]Intel.Intel? active management technology[OL].[2018-03-15].https://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html
[64]Marek R.AMD x86 SMU firmware analysis-Do you care about Matroshka processors[OL].[2017-05-26].https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2503/original/ccc-final.pdf
[65]AMD.BIOS and kernel developer's guide (BKDG) for AMD family 15h models 00h-0Fh pocessors[OL].[2017-10-24].http://support.amd.com/TechDocs/52740_16h_Models_30h-3Fh_BKDG.pdf
[66]Intel.Intel? Software Guard Extensions (Intel? SGX) SDK[OL].[2017-12-04].https://software.intel.com/en-us/sgx-sdk/download
[67]Rivest R.The MD5 message-digest algorithm[OL].[2018-03-21].https://www.ietf.org/rfc/rfc1321.txt
[68]Primate Labs.GeekBench 4[OL].[2018-04-12].https://www.primatelabs.com/
[69]ARM.Trusted Firmware[OL].[2017-10-23].https://github.com/ARM-software/arm-trusted-firmware
[70]Linaro.Linaro Releases[OL].[2016-12-24].http://releases.linaro.org/android/reference-lcr/juno/15.09/
[71]Wojtczuk R,Rutkowska J.Attacking SMM memory via Intel CPU cache poisoning [OL].[2015-08-16].http://composter.com.ua/documents/Attacking-SMM-Memory-via-Intel-CPU-Cache-Poisoning.pdf
[72]Duflot L,Levillain O,Morin B,et al.Getting into the SMRAM:SMM reloaded[C/OL] //Proc of the 19th Annual CanSecWest Conf.[2017-05-21].https://cansecwest.com/csw09/csw09-duflot.pdf
[73]Wojtczuk R,Kallenberg C.Attacking UEFI boot script[C/OL] //Prof of the 31st Chaos Communication Congress.[2017-05-22].https://papers.put.as/papers/firmware/2014/venamis_whitepaper.pdf
[74]Butterworth J,Kallenberg C,Kovah X,et al.Bios chronomancy:Fixing the core root of trust for measurement[C] //Proc of the 8th ACM Conf on Computer and Communications Security.New York:ACM,2013:25- 36
[75]Shen Di.Attacking your trusted core:Exploiting trustzone on Android[C] //Proc of 2015 Black Hat USA.[2016-04-09].https://www.blackhat.com/docs/us-15/materials/us-15-Shen-Attacking-Your-Trusted-Core-Exploiting-Trustzone-On-Android.pdf
[76]Rosenberg D.Reflections on trusting trustzone[OL].[2016-03-01].https://www.blackhat.com/docs/us-14/materials/us-14-Rosenberg-Reflections-on-Trusting-TrustZone.pdf
[77]Lipp M,Gruss D,Spreitzer R,et al.ARMageddon:Cache attacks on mobile devices[C] //Proc of the 25th USENIX Security Symp.Berkeley,CA:USENIX Association,2016:549- 564