MeetGo: A Trusted Execution Environment for Remote Applications on FPGA
TLDR
In this paper, the authors present a hardware-centric solution, called MeetGo, to address the intrinsic threats to remote computing, such as insider threats committed by adversarial administrators of remote servers who attempt to steal or corrupt users' private data.Abstract:
Remote computing has emerged as a trendy computing model that enables users to process an immense number of computations efficiently on the remote server where the necessary data and high-performance computing power are provisioned. Unfortunately, despite such an advantage, this computing model suffers from insider threats that are committed by adversarial administrators of remote servers who attempt to steal or corrupt users’ private data. These security threats are somewhat innate to remote computing in that there is no means to control administrators’ unlimited data access. In this paper, we present our novel hardware-centric solution, called MeetGo , to address the intrinsic threats to remote computing. MeetGo is a field-programmable gate array (FPGA)-based trusted execution environment (TEE) that aims to operate independently of the host system architecture. To exhibit the ability and effectiveness of MeetGo as a TEE ensuring secure remote computing, we have built two concrete applications: cryptocurrency wallet and GPGPU. MeetGo provides a trust anchor for these applications that enable their users to trade cryptocurrency or to run a GPGPU program server on a remote server while staying safe from threats by insiders. Our experimental results clearly demonstrate that MeetGo incurs only a negligible performance overhead to the applications.read more
Citations
More filters
Journal ArticleDOI
ECDSA-Based Water Bodies Prediction from Satellite Images with UNet
Anusha Ch,Rupa Ch,Samhitha Gadamsetty,Celestine Iwendi,Thippa Reddy Gadekallu,Imed Ben Dhaou +5 more
TL;DR: This proposed model achieves integrity by embedding a security feature Elliptic Curve Digital Signature Algorithm (ECDSA) which generates a digital signature for the predicted area of water bodies which helps to secure the key and the detected water bodies while transmitting in a channel.
Journal ArticleDOI
SoK: Hardware-supported Trusted Execution Environments
TL;DR: This work analyzes the design of existing TEEs and systematize the mechanisms that Tees implement to achieve their security goals, namely, verifiable launch, run-time isolation, trusted IO and secure storage.
Journal ArticleDOI
FARNN: FPGA-GPU Hybrid Acceleration Platform for Recurrent Neural Networks
TL;DR: In this article, a hybrid architecture, called FARNN, which combines a GPU and an FPGA to accelerate RNN computation for small batch sizes, is proposed, which offloads the GPU-inefficient tasks to the FPGAs.
Proceedings ArticleDOI
ShEF: shielded enclaves for cloud FPGAs
TL;DR: ShEF as mentioned in this paper is a trusted execution environment (TEE) for cloud-based reconfigurable accelerators, which is independent from CPU-based TEEs and allows secure execution under a threat model where the adversary can control all software running on the CPU connected to the FPGA.
Journal ArticleDOI
FARNN: FPGA-GPU Hybrid Acceleration Platform for Recurrent Neural Networks
TL;DR: In this paper , a hybrid architecture, called FARNN, which combines a GPU and an FPGA to accelerate RNN computation for small batch sizes, is proposed, which offloads the GPU-inefficient tasks to the FPGAs.
References
More filters
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Posted Content
Intel SGX Explained.
Victor Costan,Srinivas Devadas +1 more
TL;DR: In this article, the authors present a detailed and structured presentation of the publicly available information on SGX, a series of intelligent guesses about some important but undocumented aspects of SGX.
Proceedings Article
Sanctum: Minimal Hardware Extensions for Strong Software Isolation
TL;DR: Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information from a program's memory access patterns.
Journal ArticleDOI
A Survey and Evaluation of FPGA High-Level Synthesis Tools
Razvan Nane,Vlad-Mihai Sima,Christian Pilato,Jongsok Choi,Blair Fort,Andrew Canis,Yu Ting Chen,Hsuan Hsiao,Stephen J. Brown,Fabrizio Ferrandi,Jason H. Anderson,Koen Bertels +11 more
TL;DR: This work uses a first-published methodology to compare one commercial and three academic tools on a common set of C benchmarks, aiming at performing an in-depth evaluation in terms of performance and the use of resources.
Proceedings Article
Inferring fine-grained control flow inside SGX enclaves with branch shadowing
TL;DR: A new, yet critical, side-channel attack, branch shadowing, that reveals fine-grained control flows (branch granularity) in an enclave and develops two novel exploitation techniques, a last branch record (LBR)-based history-inferring technique and an advanced programmable interrupt controller (APIC)-based technique to control the execution of an enclave in a finegrained manner.