Trusted Inter-Process Communication Using Hardware Enclaves

机译：使用硬件环形的可信地区间通信

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Inter-Process Communication (IPC) enables applications to share information in a local or distributed environment, allowing them to communicate with each other in a coordinated manner. In modern systems this mechanism is extremely important, as even local applications can run parallel tasks in multiple processes in the machine, needing to exchange information to coordinate their execution, and optimizing the exchange of data in a more efficient way. The security in IPC relies on the integrity and confidentiality of the messages exchanged in such an environment, as messages exchanged between different processes can be targeted by attacks that seek to obtain sensitive data or to manipulate the application behavior. A Trusted Execution Environment (TEE) can be used to enable an isolated execution of the IPC mechanism to mitigate such attacks. In this paper we propose the adoption of the Intel Software Guard Extensions (SGX) architecture to provide data confidentiality and integrity in message exchange between processes, by using hardware instructions and primitives to encrypt and authenticate the messages. Our approach highlights a threat model and compares the solution proposed with two other scenarios, showing a feasible solution for security and an approach that can be applied to standard IPC mechanisms with small processing overhead.

机译：进程间通信（IPC）使应用程序能够在本地或分布式环境中共享信息，允许它们以协调的方式互相通信。在现代系统中，这种机制非常重要，因为即使本地应用程序也可以在机器中的多个进程中运行并行任务，需要交换信息以协调其执行，并以更有效的方式优化数据交换。 IPC中的安全性依赖于在这种环境中交换的消息的完整性和机密性，因为在不同进程之间交换的消息可以通过寻求获得敏感数据或操纵应用程序行为的攻击来定位。可信执行环境（TEE）可用于启用IPC机制的隔离执行以减轻此类攻击。在本文中，我们提出了采用英特尔软件保护扩展（SGX）架构，通过使用硬件指令和原语来加密和验证消息，在流程之间的消息交换中提供数据机密性和完整性。我们的方法突出了威胁模型，并将解决方案与另外两个场景进行比较，显示了用于安全性的可行解决方案，以及可以应用于具有小处理开销的标准IPC机制的方法。

著录项

来源
《IEEE International Systems Conference》|2021年|1-7|共7页
会议地点
作者
Newton C. Will; Tiago Heinrich; Amanda B. Viescinski; Carlos A. Maziero;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Performance evaluation; Data privacy; Unicast; Computer architecture; Communication channels; Software; Hardware;

机译：绩效评估;数据隐私;单播;计算机架构;通信渠道;软件;硬件;

相似文献

外文文献
中文文献
专利

1. Energy-Delay investigation of Remote Inter-Process communication technologies [J] . Stefanos Georgiou, Diomidis Spinellis The Journal of Systems and Software . 2020,第Apra期

机译：远程进程间通信技术的能量延迟研究
2. Configuration of inter-process communication with probabilistic model checking [J] . Herrmann Linda, Kuettler Martin, Stumpf Tobias, International Journal on Software Tools for Technology Transfer . 2019,第6期

机译：带有概率模型检查的进程间通信的组态
3. Reducing inter-process communication overhead in parallel sparse matrix-matrix multiplication [J] . Ahmed Md Salman, Houser Jennifer, Hoque Mohammad Asadul, International journal of grid and high performance computing . 2017,第3期

机译：减少并行稀疏矩阵-矩阵乘法的进程间通信开销
4. Hardware implementation of rendezvous inter-process communication with round robing scheduling: prototype two processes [C] . Suryaprasad Jayadevappa, Ravi Shankar, Sam Hsu International Conference on Knowledge-Based Intelligent Information Engineering Systems and Allied Technologies . 2001

机译：与循环调度的Rendezvous间流程通信的硬件实现：原型两个过程
5. A high-speed inter-process communication architecture for FPGA-based hardware acceleration of molecular dynamics. [D] . Comis, Christopher John. 2005

机译：高速进程间通信体系结构，用于基于FPGA的分子动力学硬件加速。
6. eTPM: A Trusted Cloud Platform Enclave TPM Scheme Based on Intel SGX Technology [O] . Haonan Sun, Rongyu He, Yong Zhang, 2018

机译：eTPM：基于英特尔SGX技术的可信云平台飞地TPM方案
7. Confining Windows Inter-Process Communications for OS-Level Virtual Machine [O] . Shan, Zhiyong, Yu, Yang, Chiueh, Tzi-cker 2016

机译：为Os级虚拟机限制Windows进程间通信机

Trusted Inter-Process Communication Using Hardware Enclaves

摘要

著录项

相似文献

相关主题

期刊订阅