Ph.D Thesis

Ph.D StudentOrenbach Meni
SubjectOperating Systems Abstractions for Trusted Execution
DepartmentDepartment of Electrical and Computer Engineering
Supervisor ASSOCIATE PROF. Mark Silberstein


Trusted execution environments such as secure enclaves are now available in several popular CPUs, and supported in public clouds. Enclaves can be used to efficiently shield applications against privileged adversaries, and secure sensitive data processed by them through strong isolation backed by the hardware. Yet, enclaves are not a silver bullet: they are vulnerable to unique side-channel attacks, they exhibit poor performance when system calls are invoked and when page faults occur, they lack a secure variant of software abstractions such as page fault handlers, and finally, the hardware does not protect against Iago attacks.

In this thesis, we tackle the aforementioned shortcomings of existing enclaves with system abstractions, practical hardware modifications, and tools to support them. We propose Autarky, a hardware/software co-design that mitigates the page fault side-channel attack on enclaves. We present Eleos, an in-enclave runtime system for exitless system calls and page faults that significantly improves enclaves performance. We propose CoSMIX, a compiler, and runtime system that enables creating secure page fault handlers in enclaves.  Finally, we present GateKeeper, a framework for securing the semantics of system calls served by an untrusted operating system.

We implement prototypes for all our proposals and evaluate them using widely used applications on top of enclave-supported hardware. The results show that our approaches improve the performance, usability, and security of enclaves, and facilitates their use for securing more programs compared to current enclave architectures.