FPGAs are now used in public clouds to accelerate a wide range of applications, including many that operate on sensitive data such as financial and medical records. We present ShEF, a trusted execution environment (TEE) for cloud-based reconfigurable accelerators. ShEF is independent from CPU-based TEEs and allows secure execution under a threat model where the adversary can control all software running on the CPU connected to the FPGA, has physical access to the FPGA, and can compromise the FPGA interface logic of the cloud provider. ShEF provides a secure boot and remote attestation process that relies solely on existing FPGA mechanisms for root of trust. It also includes a Shield component that provides secure access to data while the accelerator is in use. The Shield is highly customizable and extensible, allowing users to craft a bespoke security solution that fits their accelerator's memory access patterns, bandwidth, and security requirements at minimum performance and area overheads. We describe a prototype implementation of ShEF for existing cloud FPGAs and measure the performance benefits of customizable security using five accelerator designs.
翻译:目前,公共云层使用FPGA系统来加速各种应用,包括许多使用财务和医疗记录等敏感数据的应用程序。我们为基于云的可调动加速器提供一个可靠的执行环境SEEF。SEF独立于基于CPU的TEE系统,在威胁模式下可以安全地执行,在这种模式下,对手可以控制与FPGA连接的CPU上运行的所有软件,可以实际进入FPGA系统,并可能损害FPGA系统对云供应商的界面逻辑。SEF系统提供一种安全靴子和远程验证程序,完全依靠现有的FPGA系统的信任根机制。它还包括一个盾牌部件,在使用加速器时提供安全访问数据的机会。盾牌高度可定制和可扩展,使用户能够设计符合其加速器记忆访问模式、带宽度和最低性能和地区顶端安全要求的自定义安全解决方案。我们描述SEFFPGA系统的原型安装情况,并用5个加速器设计测量自定义安全性能的好处。
相关内容
微信扫码咨询专知VIP会员