SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Roberto Guanciale; Nicolae Paladi; Arash Vahidi

doi:10.1109/SEED55351.2022.00017

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Roberto Guanciale, Nicolae Paladi, Arash Vahidi

Nätverk och säkerhet

Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

126 Nedladdningar (Pure)

Sammanfattning

Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX.

Originalspråk	engelska
Titel på värdpublikation	Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22)
Förlag	IEEE - Institute of Electrical and Electronics Engineers Inc.
Sidor	109-120
ISBN (elektroniskt)	978-1-6654-8526-5
ISBN (tryckt)	978-1-6654-8527-2
DOI	https://doi.org/10.1109/SEED55351.2022.00017
Status	Published - 2022 nov. 4
Evenemang	2022 IEEE International Symposium on Secure and Private Execution Environment Design - Virtual Varaktighet: 2022 sep. 26 → 2022 sep. 27 https://seed22.engr.uconn.edu/

Konferens

Konferens	2022 IEEE International Symposium on Secure and Private Execution Environment Design
Förkortad titel	SEED 22
Period	2022/09/26 → 2022/09/27
Internetadress	https://seed22.engr.uconn.edu/

Ämnesklassifikation (UKÄ)

Datorsystem

Tillgång till dokument

10.1109/SEED55351.2022.00017

SoK-confidential-quartet

1 Aktiva

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden
Hell, M., Magnusson, B., Gehrmann, C., Paladi, N., Karlsson, L., Sönnerup, J., Johnsson, B. A., Hedin, G., Nordahl, M., Pagnin, E., Kundu, R. & Åkesson, A.
Stiftelsen för Strategisk Forskning, SSF
2018/03/01 → 2023/02/28
Projekt: Forskning

Citera det här

Guanciale, R., Paladi, N., & Vahidi, A. (2022). SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing. I Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22) (s. 109-120). IEEE - Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SEED55351.2022.00017

@inproceedings{9c2c919bea574e06948055f137327c24,

title = "SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing",

abstract = "Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX.",

keywords = "Confidential Computing",

author = "Roberto Guanciale and Nicolae Paladi and Arash Vahidi",

year = "2022",

month = nov,

day = "4",

doi = "10.1109/SEED55351.2022.00017",

language = "English",

isbn = "978-1-6654-8527-2",

pages = "109--120",

booktitle = "Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22)",

publisher = "IEEE - Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2022 IEEE International Symposium on Secure and Private Execution Environment Design, SEED 22 ; Conference date: 26-09-2022 Through 27-09-2022",

url = "https://seed22.engr.uconn.edu/",

}

Guanciale, R, Paladi, N & Vahidi, A 2022, SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing. i Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22). IEEE - Institute of Electrical and Electronics Engineers Inc., s. 109-120, 2022 IEEE International Symposium on Secure and Private Execution Environment Design, 2022/09/26. https://doi.org/10.1109/SEED55351.2022.00017

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing. / Guanciale, Roberto; Paladi, Nicolae; Vahidi, Arash.

Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22). IEEE - Institute of Electrical and Electronics Engineers Inc., 2022. s. 109-120.

Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

TY - GEN

T1 - SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

AU - Guanciale, Roberto

AU - Paladi, Nicolae

AU - Vahidi, Arash

PY - 2022/11/4

Y1 - 2022/11/4

N2 - Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX.

AB - Confidential computing allows processing sensitive workloads in securely isolated spaces. Following earlier adop- tion of process-based approaches to isolation, vendors are now enabling hardware and firmware support for virtualization-based confidential computing on several server platforms. Due to variations in the technology stack, threat model, implemen-tation and functionality, the available solutions offer somewhat different capabilities, trade-offs and security guarantees. In this paper we review, compare and contextualize four virtualization-based confidential computing technologies for enterprise server platforms - AMD SEV, ARM CCA, IBM PEF and Intel TDX.

KW - Confidential Computing

U2 - 10.1109/SEED55351.2022.00017

DO - 10.1109/SEED55351.2022.00017

M3 - Paper in conference proceeding

SN - 978-1-6654-8527-2

SP - 109

EP - 120

BT - Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22)

PB - IEEE - Institute of Electrical and Electronics Engineers Inc.

T2 - 2022 IEEE International Symposium on Secure and Private Execution Environment Design

Y2 - 26 September 2022 through 27 September 2022

ER -

Guanciale R, Paladi N, Vahidi A. SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing. I Proceedings of the 2022 IEEE International Symposium on Secure and Private Execution Environment Design (SEED'22). IEEE - Institute of Electrical and Electronics Engineers Inc. 2022. s. 109-120 https://doi.org/10.1109/SEED55351.2022.00017

SoK: Confidential Quartet - Comparison of Platforms for Virtualization-Based Confidential Computing

Sammanfattning

Konferens

Ämnesklassifikation (UKÄ)

Tillgång till dokument

Fingeravtryck

Projekt

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden

Citera det här