Cited By
View all- Bastidas Fuertes APérez MMeza Hormaza J(2023)Transpilers: A Systematic Mapping Review of Their Usage in Research and IndustryApplied Sciences10.3390/app1306366713:6(3667)Online publication date: 13-Mar-2023
SecSharp: Towards Efficient Trusted Execution in Managed Languages (Work in Progress)
Pages 119 - 127
Abstract
Trusted execution environments (TEEs) gained significant traction in recent years. They have become the foundation of Confidential Computing in cloud services, where certain security properties can be guaranteed on untrusted servers. Despite this adoption, writing code to target TEEs remains challenging. The SDKs for popular TEE implementations, like Intel SGX, are aimed at low-level languages like C/C++. Previous research has introduced support for developing and running programs written in managed programming languages in a TEE environment. However, in these works, the language runtime is embedded into the TEE, increasing the Trusted Computing Base (TCB) and thus inherently reducing trust into the TEE itself. To solve this problem, we propose a new approach to integrate the development of TEE code in managed languages, without the need to embed the full language runtime inside the TEE. It allows developers to write the TEE logic as part of their program in a managed programming language. Using the existing compiler infrastructure, the TEE logic is extracted and passed to a source-to-source compiler that transforms it into a low-level unmanaged equivalent. The resulting low-level code is then compiled by the compiler toolchain targeting the TEE platform. This paper reports on the design and the first results of our work-in-progress implementation of SecSharp, a tool to enable TEE development in C#.
References
[1]
N Asokan, Jan-Erik Ekberg, Kari Kostiainen, Anand Rajan, Carlos Rozas, Ahmad-Reza Sadeghi, Steffen Schulz, and Christian Wachsmann. 2014. Mobile trusted computing. Proc. IEEE 102, 8 (2014), 1189–1206. https://doi.org/10.1109/JPROC.2014.2332007
[2]
João Bispo and João M.P. Cardoso. 2020. Clava: C/C++ source-to-source compilation using LARA. SoftwareX 12(2020), 100565. https://doi.org/10.1016/j.softx.2020.100565
[3]
João M.P. Cardoso, Tiago Carvalho, José G.F. Coutinho, Wayne Luk, Ricardo Nobre, Pedro Diniz, and Zlatko Petrov. 2012. LARA: An Aspect-Oriented Programming Language for Embedded Systems. In Proceedings of the 11th Annual International Conference on Aspect-Oriented Software Development(AOSD ’12). Association for Computing Machinery, New York, NY, USA, 179–190. https://doi.org/10.1145/2162049.2162071
[4]
Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive, Paper 2016/086. (2016). https://eprint.iacr.org/2016/086 https://eprint.iacr.org/2016/086.
[5]
Iain D. Craig. 2006. Virtual Machines (1st ed. 2006. ed.). Springer London : Imprint: Springer, London.
[6]
Fortanix. 2019. The Fortanix Rust Enclave Development Platform. https://edp.fortanix.com
[7]
Intel. 2020. Intel® Software Guard Extensions Developer Guide. https://download.01.org/intel-sgx/sgx-linux/2.8/docs/Intel_SGX_Developer_Guide.pdf
[8]
ISO/IEC 14882:2020(E) 2020. Programming languages — C++. Standard. International Organization for Standardization, Geneva, CH.
[9]
Jianyu Jiang, Xusheng Chen, TszOn Li, Cheng Wang, Tianxiang Shen, Shixiong Zhao, Heming Cui, Cho-Li Wang, and Fengwei Zhang. 2020. Uranus: Simple, Efficient SGX Programming and Its Applications. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security(ASIA CCS ’20). Association for Computing Machinery, New York, NY, USA, 826–840. https://doi.org/10.1145/3320269.3384763
[10]
Microsoft. 2021. The.NET Compiler Platform SDK (Roslyn APIs). https://docs.microsoft.com/en-us/dotnet/csharp/roslyn-sdk/ publisher: Microsoft.
[11]
Jämes Ménétrey, Marcelo Pasin, Pascal Felber, and Valerio Schiavoni. 2021. Twine: An Embedded Trusted Runtime for WebAssembly. In 2021 IEEE 37th International Conference on Data Engineering (ICDE). 205–216. https://doi.org/10.1109/ICDE51399.2021.00025
[12]
Gabriel Noaje, Christophe Jaillet, and Michaël Krajecki. 2011. Source-to-Source Code Translator: OpenMP C to CUDA. In 2011 IEEE International Conference on High Performance Computing and Communications. 512–519. https://doi.org/10.1109/HPCC.2011.73
[13]
Aditya Oak, Amir M. Ahmadian, Musard Balliu, and Guido Salvaneschi. 2021. Enclave-Based Secure Programming with JE. In 2021 IEEE Secure Development Conference (SecDev). 71–78. https://doi.org/10.1109/SecDev51306.2021.00026
[14]
Mohamed Sabt, Mohammed Achemlal, and Abdelmadjid Bouabdallah. 2015. Trusted Execution Environment: What It is, and What It is Not. In 2015 IEEE Trustcom/BigDataSE/ISPA, Vol. 1. 57–64. https://doi.org/10.1109/Trustcom.2015.357
[15]
Nuno Santos, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2011. Trusted Language Runtime (TLR): Enabling Trusted Applications on Smartphones. In Proceedings of the 12th Workshop on Mobile Computing Systems and Applications(HotMobile ’11). Association for Computing Machinery, New York, NY, USA, 21–26. https://doi.org/10.1145/2184489.2184495
[16]
Nuno Santos, Himanshu Raj, Stefan Saroiu, and Alec Wolman. 2014. Using ARM Trustzone to Build a Trusted Language Runtime for Mobile Applications. In Proceedings of the 19th International Conference on Architectural Support for Programming Languages and Operating Systems(ASPLOS ’14). Association for Computing Machinery, New York, NY, USA, 67–80. https://doi.org/10.1145/2541940.2541949
[17]
Edgeless Systems. 2021. EGo Documentations. https://docs.edgeless.systems/ego
[18]
Huibo Wang, Pei Wang, Yu Ding, Mingshen Sun, Yiming Jing, Ran Duan, Long Li, Yulong Zhang, Tao Wei, and Zhiqiang Lin. 2019. Towards Memory Safe Enclave Programming with Rust-SGX. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security(CCS ’19). Association for Computing Machinery, New York, NY, USA, 2333–2350. https://doi.org/10.1145/3319535.3354241
Index Terms
- SecSharp: Towards Efficient Trusted Execution in Managed Languages (Work in Progress)
Recommendations
Bringing low-level languages to the JVM: efficient execution of LLVM IR on Truffle
VMIL 2016: Proceedings of the 8th International Workshop on Virtual Machines and Intermediate LanguagesAlthough the Java platform has been used as a multi-language platform, most of the low-level languages (such as C, Fortran, and C++) cannot be executed efficiently on the JVM. We propose Sulong, a system that can execute LLVM-based languages on the ...
Towards a jitting VM for prolog execution
PPDP '10: Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programmingMost Prolog implementations are implemented in low-level languages such as C and are based on a variation of the WAM instruction set, which enhances their performance but makes them hard to write. In addition, many of the more dynamic features of Prolog ...
The direct execution of intermediate languages on an Eclipse computer
The use of intermediate languages as a convenient means of developing portable high-level language compilers, appears to be growing. With this approach, the compiler for language A (which may be written in language A) compiles the source code into an ...
Comments
Information & Contributors
Information
Published In
September 2022
161 pages
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 November 2022
Check for updates
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
MPLR '22
MPLR '22: 19th International Conference on Managed Programming Languages and Runtimes
September 14 - 15, 2022
Brussels, Belgium
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 61Total Downloads
- Downloads (Last 12 months)28
- Downloads (Last 6 weeks)1
Reflects downloads up to 15 Oct 2024
Other Metrics
Citations
Cited By
View all- Bastidas Fuertes APérez MMeza Hormaza J(2023)Transpilers: A Systematic Mapping Review of Their Usage in Research and IndustryApplied Sciences10.3390/app1306366713:6(3667)Online publication date: 13-Mar-2023
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format