research-article

ShieldBox: Secure Middleboxes using Shielded Execution

Authors:

Alfred Krohmer,

Sergei Arnautov,

Pramod Bhatotia,

Christof FetzerAuthors Info & Claims

SOSR '18: Proceedings of the Symposium on SDN Research

Article No.: 2, Pages 1 - 14

https://doi.org/10.1145/3185467.3185469

Published: 28 March 2018 Publication History

Abstract

Middleboxes that process confidential data cannot be securely deployed in untrusted cloud environments. To securely outsource middleboxes to the cloud, state-of-the-art systems advocate network processing over the encrypted traffic. Unfortunately, these systems support only restrictive functionalities, and incur prohibitively high overheads.

This motivated the design of ShieldBox---a secure middlebox framework for deploying high-performance network functions (NFs) over untrusted commodity servers. ShieldBox securely processes encrypted traffic inside a secure container by leveraging shielded execution. More specifically, ShieldBox builds on hardware-assisted memory protection based on Intel SGX to provide strong confidentiality and integrity guarantees. For middlebox developers, ShieldBox exposes a generic interface based on Click to design and implement a wide-range of NFs using its out-of-the-box elements and C++ extensions. For network operators, ShieldBox provides configuration and attestation service for seamless and verifiable deployment of middleboxes. We have implemented ShieldBox supporting important end-to-end features required for secure network processing, and performance optimizations. Our extensive evaluation shows that ShieldBox achieves a near-native throughput and latency to securely process confidential data at line rate.

References

[1]

Docker Hub. https://hub.docker.com/. Last accessed: February, 2018.

[2]

Intel DPDK. http://dpdk.org/. Last accessed: February, 2018.

[3]

Intel Software Guard Extensions Remote Attestation End-to-End Example. https://software.intel.com/en-us/articles/intel-software-guard-extensions-remote-attestation-end-to-end-example. Last accessed: February, 2018.

[4]

Kinetic Disks. https://www.openkinetic.org/. Last accessed: February, 2018.

[5]

New approaches to network fast paths. https://lwn.net/Articles/719850/. Last accessed: February, 2018.

[6]

Snort. https://www.snort.org/. Last accessed: February, 2018.

[7]

perf: Linux profiling with performance counters. https://perf.wiki.kernel.org/index.php/Main_Page. Last accessed: February, 2018.

[8]

Wolf SSL Library. https://www.wolfssl.com/. Last accessed: February, 2018.

[9]

A. Alim, R. G. Clegg, L. Mai, L. Rupprecht, E. Seckler, P. Costa, P. Pietzuch, A. L. Wolf, N. Sultana, J. Crowcroft, A. Madhavapeddy, A. W. Moore, R. Mortier, M. Koleni, L. Oviedo, M. Migliavacca, and D. McAuley. FLICK: Developing and Running Application-Specific Network Services. In Proceedings of the USENIX Annual Technical Conference (USENIXATC), 2016.

Digital Library

[10]

J. W. Anderson, R. Braud, R. Kapoor, G. Porter, and A. Vahdat. xOMB: Extensible Open Middleboxes with Commodity Servers. In Proceedings of the Eighth ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS), 2012.

Digital Library

[11]

B. Anwer, T. Benson, N. Feamster, and D. Levin. Programming Slick Network Functions. In Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research (SOSR), 2015.

Digital Library

[12]

A. Baumann, M. Peinado, and G. Hunt. Shielding Applications from an Untrusted Cloud with Haven. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2014.

Digital Library

[13]

A. Bremler-Barr, Y. Harchol, and D. Hay. OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions. In Proceedings of the 2016 ACM Conference on Special Interest Group on Data Communication (SIGCOMM), 2016.

Digital Library

[14]

S. Checkoway and H. Shacham. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface. In Proceedings of the Eighteenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2013.

Digital Library

[15]

V. Costan and S. Devadas. Intel SGX Explained. Cryptology ePrint Archive, Report 2016/086, 2016.

[16]

M. Coughlin, E. Keller, and E. Wustrow. Trusted Click: Overcoming Security Issues of NFV in the Cloud. In Proceedings of the ACM International Workshop on Security in Software Defined Networks Network Function Virtualization (SDN-NFVSec), 2017.

Digital Library

[17]

P. Garcia Lopez, A. Montresor, D. Epema, A. Datta, T. Higashino, A. Iamnitchi, M. Barcellos, P. Felber, and E. Riviere. Edge-centric computing: Vision and challenges. SIGCOMM CCR, 2015.

Digital Library

[18]

J. Han, S. Kim, J. Ha, and D. Han. SGX-Box: Enabling Visibility on Encrypted Traffic Using a Secure Middlebox Module. In Proceedings of the First Asia-Pacific Workshop on Networking (APNet), 2017.

Digital Library

[19]

S. Han, K. Jang, K. Park, and S. Moon. Packet Shader: A GPU-accelerated Software Router. In Proceedings of the 2010 ACM Conference on Special Interest Group on Data Communication (SIGCOMM), 2010.

Digital Library

[20]

M. A. Jamshed, Y. Moon, D. Kim, D. Han, and K. Park. mOS: A Reusable Networking Stack for Flow Monitoring Middleboxes. In 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2017.

Digital Library

[21]

E. Jeong, S. Wood, M. Jamshed, H. Jeong, S. Ihm, D. Han, and K. Park. mTCP: a Highly Scalable User-level TCP Stack for Multicore Systems. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2014.

Digital Library

[22]

M. Kablan, B. Caldwell, R. Han, H. Jamjoom, and E. Keller. Stateless Network Functions. In Proceedings of the 2015 ACM SIGCOMM Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMiddlebox), 2015.

Digital Library

[23]

G. P. Katsikas, G. Q. Maguire Jr., and D. Kostic. Profiling and Accelerating Commodity NFV Service Chains with SCC. Journal of Systems and Software, 2017.

Digital Library

[24]

S. Kim, J. Han, J. Ha, T. Kim, and D. Han. Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments. In 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2017.

Digital Library

[25]

S. Kim, Y. Shin, J. Ha, T. Kim, and D. Han. A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications. In Proceedings of the 14th ACM Workshop on Hot Topics in Networks (HotNets), 2015.

Digital Library

[26]

E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek. The Click Modular Router. ACM Transactions on Computer Systems (TOCS), 2000.

Digital Library

[27]

R. Krahn, B. Trach, A. Vahldiek-Oberwagner, T. Knauth, P. Bhatotia, and C. Fetzer. Pesos: Policy Enhanced Secure Object Store. In Proceedings of the Twelfth European Conference on Computer Systems (EuroSys), 2018.

Digital Library

[28]

D. Kuvaiskii, O. Oleksenko, S. Arnautov, B. Trach, P. Bhatotia, P. Felber, and C. Fetzer. SGXBounds: Memory Safety for Shielded Execution. In Proceedings of the Twelfth European Conference on Computer Systems (EuroSys), 2017.

Digital Library

[29]

C. Lan, J. Sherry, R. A. Popa, S. Ratnasamy, and Z. Liu. Embark: Securely Outsourcing Middleboxes to the Cloud. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2016.

Digital Library

[30]

R. Laufer, M. Gallo, D. Perino, and A. Nandugudi. CliMB: Enabling Network Function Composition with Click Middleboxes. In Proceedings of the 2016 Workshop on Hot Topics in Middleboxes and Network Function Virtualization (HotMIddlebox), 2016.

[31]

B. Li, K. Tan, L. L. Luo, Y. Peng, R. Luo, N. Xu, Y. Xiong, P. Cheng, and E. Chen. ClickNP: Highly Flexible and High Performance Network Processing with Reconfigurable Hardware. In Proceedings of the 2016 ACM Conference on Special Interest Group on Data Communication (SIGCOMM), 2016.

Digital Library

[32]

L. Mai, L. Rupprecht, A. Alim, P. Costa, M. Migliavacca, P. Pietzuch, and A. L. Wolf. NetAgg: Using Middleboxes for Application-specific On-path Aggregation in Data Centres. In Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies (CoNEXT), 2014.

Digital Library

[33]

J. Martins, M. Ahmed, C. Raiciu, V. Olteanu, M. Honda, R. Bifulco, and F. Huici. ClickOS and the Art of Network Function Virtualization. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2014.

Digital Library

[34]

D. Naylor, R. Li, C. Gkantsidis, T. Karagiannis, and P. Steenkiste. And then there were more: Secure communication for more than two parties. In Proceedings of the 13th International Conference on Emerging Networking EXperiments and Technologies (CoNEXT), 2017.

Digital Library

[35]

O. Oleksenko, D. Kuvaiskii, P. Bhatotia, P. Felber, and C. Fetzer. Intel MPX explained: An empirical study of intel MPX and software-based bounds checking approaches. CoRR, abs/1702.00719, 2017.

[36]

V. A. Olteanu and C. Raiciu. Efficiently Migrating Stateful Middleboxes. In Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM), 2012.

Digital Library

[37]

M. Orenbach, P. Lifshits, M. Minkin, and M. Silberstein. Eleos: ExitLess OS Services for SGX Enclaves. In Proceedings of the Twelfth European Conference on Computer Systems (EuroSys), 2017.

Digital Library

[38]

S. Palkar, C. Lan, S. Han, K. Jang, A. Panda, S. Ratnasamy, L. Rizzo, and S. Shenker. E2: A Framework for NFV Applications. In Proceedings of the 25th Symposium on Operating Systems Principles (SOSP), 2015.

Digital Library

[39]

R. Pires, M. Pasin, P. Felber, and C. Fetzer. Secure Content-Based Routing Using Intel Software Guard Extensions. In Arxiv, 2017.

[40]

R. Poddar, C. Lan, R. A. Popa, and S. Ratnasamy. SafeBricks: Shielding Network Functions in the Cloud. In 15th USENIX Symposium on Networked Systems Design and Implementation (NSDI'18), Renton, WA, 2018.

[41]

L. Rizzo. netmap: A Novel Framework for Fast Packet I/O. In 2012 USENIX Annual Technical Conference (USENIX ATC), 2012.

Digital Library

[42]

S. Arnautov et al. SCONE: Secure linux containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2016.

Digital Library

[43]

N. Santos, K. P. Gummadi, and R. Rodrigues. Towards Trusted Cloud Computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (HotCloud), 2009.

Digital Library

[44]

N. Santos, R. Rodrigues, K. P. Gummadi, and S. Saroiu. Policy-sealed Data: A New Abstraction for Building Trusted Cloud Services. In Proceedings of the 21st USENIX Conference on Security Symposium (USENIX Security), 2012.

Digital Library

[45]

F. Schuster, M. Costa, C. Fournet, C. Gkantsidis, M. Peinado, G. Mainar-Ruiz, and M. Russinovich. VC3: Trustworthy Data Analytics in the Cloud Using SGX. In Proceedings of the 2015 IEEE Symposium on Security and Privacy (Oakland), 2015.

Digital Library

[46]

M. Schwarz, S. Weiser, D. Gruss, C. Maurice, and S. Mangard. Malware Guard Extension: Using SGX to Conceal Cache Attacks. In Arxiv, 2017.

[47]

V. Sekar, N. Egi, S. Ratnasamy, M. K. Reiter, and G. Shi. Design and Implementation of a Consolidated Middlebox Architecture. In In the 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2012.

Digital Library

[48]

J. Seo, B. Lee, S. Kim, M.-W. Shih, I. Shin, D. Han, and T. Kim. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2017.

[49]

J. Sherry, P. X. Gao, S. Basu, A. Panda, A. Krishnamurthy, C. Maciocco, M. Manesh, J. a. Martins, S. Ratnasamy, L. Rizzo, and S. Shenker. Rollback-Recovery for Middleboxes. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication (SIGCOMM), 2015.

Digital Library

[50]

J. Sherry, S. Hasan, C. Scott, A. Krishnamurthy, S. Ratnasamy, and V. Sekar. Making Middleboxes Someone else's Problem: Network Processing As a Cloud Service. In Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM), 2012.

Digital Library

[51]

J. Sherry, C. Lan, R. A. Popa, and S. Ratnasamy. BlindBox:Deep Packet Inspection over Encrypted Traffic. In Proceedings of the 2015 ACM Conferenceon Special Interest Group on Data Communication (SIGCOMM), 2015.

Digital Library

[52]

S. Shinde, D. L. Tien, S. Tople, and P. Saxena. Panoply: Low-TCB Linux Applications With SGX Enclaves. In Proceedings of the Network and Distributed System Security Symposium (NDSS), 2017.

[53]

L. Soares and M. Stumm. FlexSC: Flexible System Call Scheduling with Exception-Less System Calls. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation (OSDI), 2010.

Digital Library

[54]

B. Trach, A. Krohmer, S. Arnautov, F. Gregor, P. Bhatotia, and C. Fetzer. Slick: Secure middleboxes using shielded execution. CoRR, abs/1709.04226, 2017.

[55]

C.-C. Tsai, D. Porter, and M. Vij. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In Proceedings of the USENIX Annual Technical Conference (USENIX ATC), 2017.

Digital Library

[56]

W. Wu, K. He, and A. Akella. PerfSight: Performance Diagnosis for Software Dataplanes. In Proceedings of the 2015 Internet Measurement Conference (IMC), 2015.

Digital Library

[57]

Y. Xu, W. Cui, and M. Peinado. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In Proceedings of the 2015 IEEE Symposium on Security and Privacy (Oakland), 2015.

Digital Library

Cited By

Hou XLiu JTu TZhang RRen K(2024)PrivRE: Regular Expression Matching for Encrypted Packet Inspection2024 IEEE 44th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS60910.2024.00123(1306-1317)Online publication date: 23-Jul-2024
https://doi.org/10.1109/ICDCS60910.2024.00123
Maitra SAtalay TStavrou AWang H(2024)Towards Shielding 5G Control Plane Functions2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00039(302-315)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00039
Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Show More Cited By

Index Terms

ShieldBox: Secure Middleboxes using Shielded Execution
1. Networks
  1. Network components
    1. Middle boxes / network appliances

Recommendations

SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...
SRVM: Hypervisor Support for Live Migration with Passthrough SR-IOV Network Devices
VEE '16: Proceedings of the12th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments

Single-Root I/O Virtualization (SR-IOV) is a specification that allows a single PCI Express (PCIe) device (ysical function or PF) to be used as multiple PCIe devices (virtual functions or VF). In a virtualization system, each VF can be directly assigned ...
Traffic-sensitive live migration of virtual machines
CCGRID '15: Proceedings of the 15th IEEE/ACM International Symposium on Cluster, Cloud, and Grid Computing

In this paper we address the problem of network contention between the migration traffic and the Virtual Machine (VM) application traffic for the live migration of co-located Virtual Machines. When VMs are migrated with pre-copy, they run at the source ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SOSR '18: Proceedings of the Symposium on SDN Research

March 2018

195 pages

ISBN:9781450356640

DOI:10.1145/3185467

Copyright © 2018 ACM.

Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication
ONS: Open Networking Summit

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 March 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

H2020 European Research Council

Conference

SOSR '18

Sponsor:

SIGCOMM
ONS

SOSR '18: Symposium on SDN Research

March 28 - 29, 2018

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 7 of 43 submissions, 16%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

66
Total Citations
View Citations
772
Total Downloads

Downloads (Last 12 months)59
Downloads (Last 6 weeks)8

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hou XLiu JTu TZhang RRen K(2024)PrivRE: Regular Expression Matching for Encrypted Packet Inspection2024 IEEE 44th International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS60910.2024.00123(1306-1317)Online publication date: 23-Jul-2024
https://doi.org/10.1109/ICDCS60910.2024.00123
Maitra SAtalay TStavrou AWang H(2024)Towards Shielding 5G Control Plane Functions2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00039(302-315)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00039
Han XXu GZhang MYang ZYu ZHuang WMeng C(2024)DE-GNNComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2024.110372245:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.comnet.2024.110372
Ahn TKwak JKim S(2024)mdTLS: How to Make Middlebox-Aware TLS More Efficient?Information Security and Cryptology – ICISC 202310.1007/978-981-97-1238-0_3(39-59)Online publication date: 8-Mar-2024
https://doi.org/10.1007/978-981-97-1238-0_3
Stavrakakis DGiantsidi DBailleu MSändig PIssa SBhatotia P(2023)Anchor: A Library for Building Secure Persistent Memory SystemsProceedings of the ACM on Management of Data10.1145/36267181:4(1-31)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1145/3626718
Kim SYou MKim BShin S(2023)CryonicsProceedings of the 2023 ACM Symposium on Cloud Computing10.1145/3620678.3624789(528-543)Online publication date: 30-Oct-2023
https://dl.acm.org/doi/10.1145/3620678.3624789
Park JKang B(2023)EnclaveVPN: Toward Optimized Utilization of Enclave Page Cache and Practical Performance of Data Plane for Security-Enhanced Cloud VPNProceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3607199.3607210(397-411)Online publication date: 16-Oct-2023
https://dl.acm.org/doi/10.1145/3607199.3607210
Lefeuvre HChisnall DKogias MOlivier PBaumann ACrooks NSchwarzkopf M(2023)Towards (Really) Safe and Fast Confidential I/OProceedings of the 19th Workshop on Hot Topics in Operating Systems10.1145/3593856.3595913(214-222)Online publication date: 22-Jun-2023
https://dl.acm.org/doi/10.1145/3593856.3595913
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Feng WLiu CCheng BChen JWan Z(2023)An End-Host-Importance-Aware Secure Service-Enabled Hybrid SDN DeploymentIEEE Transactions on Network and Service Management10.1109/TNSM.2022.320869520:2(2056-2070)Online publication date: Jun-2023
https://doi.org/10.1109/TNSM.2022.3208695
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents