CRC: Fully General Model of Confidential Remote Computing
Kubilay Ahmet Küçük and Andrew Martin
Abstract
Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware developments, allowing a fuller, more general, exploration of the possibilities than has previously been seen in the literature. Drawing on and consolidating the disparate strains of research, technologies and methods employed throughout the adaptation of confidential computing, we present a novel, dedicated Confidential Remote Computing (CRC) model. CRC proposes a compact solution for next-generation applications to be built on strong hardware-based security primitives, control of secure software products' trusted computing base, and a way to make correct use of proofs and evidence reports generated by the attestation mechanisms. The CRC model illustrates the trade-offs between decentralisation, task size and transparency overhead. We conclude the paper with six lessons learned from our approach, and suggest two future research directions.
Keywords
Confidential Computing‚ Digital Trust‚ Enclave‚ SGX‚ Confidential Remote Computing‚ Cloud Security‚ Remote Attestation‚
Note
Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware developments‚ allowing a fuller‚ more general‚ exploration of the possibilities than has previously been seen in the literature. Drawing on and consolidating the disparate strains of research‚ technologies and methods employed throughout the adaptation of confidential computing‚ we present a novel‚ dedicated Confidential Remote Computing (CRC) model. CRC proposes a compact solution for next−generation applications to be built on strong hardware−based security primitives‚ control of secure software products' trusted computing base‚ and a way to make correct use of proofs and evidence reports generated by the attestation mechanisms. The CRC model illustrates the trade−offs between decentralisation‚ task size and transparency overhead. We conclude the paper with six lessons learned from our approach‚ and suggest two future research directions.