Confidential Computing Using Trusted Execution Environments

Authors

  • Sunil Anasuri Independent Researcher, USA. Author

DOI:

https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I2P111

Keywords:

Confidential Computing, Trusted Execution Environments (TEEs), Intel SGX, ARM TrustZone, AMD SEV, RISC-V Keystone, Data-in-Use Protection, Side-Channel Attacks

Abstract

In the current digital systems that are becoming extremely complex and distributed, it is pertinent to argue that data security at all stages of its existence has become a major concern. Data in use during computations is more prone to unauthorized access and tampering compared with the other two, and most likely in untrusted scenarios like public clouds and edge devices. Confidential computing fills this gap through computing in hardware-based Trusted Execution Environments (TEEs), which provide strictly isolated run-time access, code integrity, and data confidentiality. This paper will give an in-depth introduction to confidential computing with emphasis on TEEs such as Intel SGX, ARM TrustZone, AMD SEV, and RISC-V Keystone. It discusses their models of operation, their protection assurances, and makes comparisons with their performance standards. Technical cases involving cloud computing, privacy-preserving machine learning, secure data analytics, blockchain and other spheres of critical importance, such as finance and healthcare, are surveyed to showcase the immense potential of TEEs. Furthermore, the paper comments on some of the drawbacks at present, such as performance overhead, the threat of side channels, scalability issues, and regulatory challenges. The emerging trends in integration with zero-trust architectures, the TEE design, and hybrid integration of TEEs with cryptographic solutions are reviewed, as well. In this analysis, the paper at hand seeks to clarify the current contributions of TEEs in defining the future of secure and privacy-aware computing within a globally interconnected ecosystem

References

1. Zhu, J., Hou, R., Wang, X., Wang, W., Cao, J., Zhao, B., ... & Meng, D. (2020, May). Enabling rack-scale confidential computing using a heterogeneous trusted execution environment. In 2020 IEEE Symposium on Security and Privacy (SP) (pp. 1450-1465). IEEE.

2. Krahn, Robert; Le Quoc, Do; Dragoti, D.; Gregor, F.; Schiavoni, V.; Souza, C.; Felber, P.; Brito, A.; Fetzer, C. TEEMon: A Continuous Performance Monitoring Framework for TEEs, Middleware ‘20 (2020).

3. Valadares, D. C. G., Will, N. C., Spohn, M. A., de Souza Santos, D. F., Perkusich, A., & Gorgônio, K. C. (2022). Confidential computing in cloud/fog-based Internet of Things scenarios. Internet of Things, 19, 100543.

4. Mulligan, D. P., Petri, G., Spinale, N., Stockwell, G., & Vincent, H. J. (2021, September). Confidential computing—a brave new world. In 2021 International Symposium on Secure and private execution environment design (SEED) (pp. 132-138). IEEE.

5. Weis, S. (2014). Protecting data in use from firmware and physical attacks. Black Hat.

6. Xiao, Y., Jia, Y., Liu, C., Cheng, X., Yu, J., & Lv, W. (2019). Edge computing security: State of the art and challenges. Proceedings of the IEEE, 107(8), 1608-1631.

7. Sturzenegger, David; Sardon, Aetienne; Deml, Stefan; Hardjono, Thomas. Confidential Computing for Privacy Preserving Contact Tracing, arXiv preprint, June 25, 2020.

8. Jauernig, P., Sadeghi, A. R., & Stapf, E. (2020). Trusted execution environments: properties, applications, and challenges. IEEE Security & Privacy, 18(2), 56-60.

9. McGillion, B., Dettenborn, T., Nyman, T., & Asokan, N. (2015, August). Open-TEE--an open virtual trusted execution environment. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 400-407). IEEE.

10. Tamrakar, S. (2017). Applications of Trusted Execution Environments (TEEs).

11. Sunyaev, A. (2020). Cloud computing. In Internet computing (pp. 195-236). Springer, Cham.

12. Liu, D., Yan, Z., Ding, W., & Atiquzzaman, M. (2019). A survey on secure data analytics in edge computing. IEEE Internet of Things Journal, 6(3), 4946-4967.

13. Goel, N., Van Schreven, C., Filos-Ratsikas, A., & Faltings, B. (2019). Infochain: A decentralized, trustless and transparent oracle on blockchain. arXiv preprint arXiv:1908.10258.

14. Xu, R., Baracaldo, N., & Joshi, J. (2021). Privacy-preserving machine learning: Methods, challenges and directions. arXiv preprint arXiv:2108.04417.

15. Abouelmehdi, K., Beni-Hessane, A., & Khaloufi, H. (2018). Big Healthcare Data: Preserving Security and Privacy. Journal of Big Data, 5(1), 1-18.

16. Patil, H. K., & Seshadri, R. (2014, June). Big data security and privacy issues in healthcare. In 2014, IEEE International Congress on Big Data (pp. 762-765). IEEE.

17. Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4-5), 372-386.

18. Sabt, M., Achemlal, M., & Bouabdallah, A. (2015, August). Trusted execution environment: What it is, and what it is not. In 2015 IEEE Trustcom/BigDataSE/Ispa (Vol. 1, pp. 57-64). IEEE.

19. Hu, J., Chen, W., Zhao, B., & Yang, D. (2017). Buildings with ETFE foils: A review on material properties, architectural performance and structural behavior. Construction and Building Materials, 131, 411-422.

20. Li, W., Xia, Y., Lu, L., Chen, H., & Zang, B. (2019, April). TEEv: Virtualizing trusted execution environments on mobile platforms. In Proceedings of the 15th ACM SIGPLAN/SIGOPS international conference on virtual execution environments (pp. 2-16).

21. Thirunagalingam, A. (2022). Enhancing Data Governance Through Explainable AI: Bridging Transparency and Automation. Available at SSRN 5047713.

22. Pappula, K. K., & Anasuri, S. (2020). A Domain-Specific Language for Automating Feature-Based Part Creation in Parametric CAD. International Journal of Emerging Research in Engineering and Technology, 1(3), 35-44. https://doi.org/10.63282/3050-922X.IJERET-V1I3P105

23. Rahul, N. (2020). Optimizing Claims Reserves and Payments with AI: Predictive Models for Financial Accuracy. International Journal of Emerging Trends in Computer Science and Information Technology, 1(3), 46-55. https://doi.org/10.63282/3050-9246.IJETCSIT-V1I3P106

24. Enjam, G. R. (2020). Ransomware Resilience and Recovery Planning for Insurance Infrastructure. International Journal of AI, BigData, Computational and Management Studies, 1(4), 29-37. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V1I4P104

25. Pappula, K. K., Anasuri, S., & Rusum, G. P. (2021). Building Observability into Full-Stack Systems: Metrics That Matter. International Journal of Emerging Research in Engineering and Technology, 2(4), 48-58. https://doi.org/10.63282/3050-922X.IJERET-V2I4P106

26. Pedda Muntala, P. S. R., & Karri, N. (2021). Leveraging Oracle Fusion ERP’s Embedded AI for Predictive Financial Forecasting. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(3), 74-82. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I3P108

27. Rahul, N. (2021). Strengthening Fraud Prevention with AI in P&C Insurance: Enhancing Cyber Resilience. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 2(1), 43-53. https://doi.org/10.63282/3050-9262.IJAIDSML-V2I1P106

28. Enjam, G. R. (2021). Data Privacy & Encryption Practices in Cloud-Based Guidewire Deployments. International Journal of AI, BigData, Computational and Management Studies, 2(3), 64-73. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V2I3P108

29. Rusum, G. P. (2022). WebAssembly across Platforms: Running Native Apps in the Browser, Cloud, and Edge. International Journal of Emerging Trends in Computer Science and Information Technology, 3(1), 107-115. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I1P112

30. Pappula, K. K. (2022). Architectural Evolution: Transitioning from Monoliths to Service-Oriented Systems. International Journal of Emerging Research in Engineering and Technology, 3(4), 53-62. https://doi.org/10.63282/3050-922X.IJERET-V3I4P107

31. Jangam, S. K. (2022). Self-Healing Autonomous Software Code Development. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 42-52. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P105

32. Pedda Muntala, P. S. R. (2022). Anomaly Detection in Expense Management using Oracle AI Services. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 87-94. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I1P109

33. Rahul, N. (2022). Automating Claims, Policy, and Billing with AI in Guidewire: Streamlining Insurance Operations. International Journal of Emerging Research in Engineering and Technology, 3(4), 75-83. https://doi.org/10.63282/3050-922X.IJERET-V3I4P109

34. Enjam, G. R. (2022). Energy-Efficient Load Balancing in Distributed Insurance Systems Using AI-Optimized Switching Techniques. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(4), 68-76. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I4P108

Downloads

Published

2023-06-30

Issue

Vol. 4 No. 2 (2023)

Section

Articles

How to Cite

1.
Anasuri S. Confidential Computing Using Trusted Execution Environments. IJAIBDCMS [Internet]. 2023 Jun. 30 [cited 2025 Sep. 27];4(2):97-110. Available from: https://ijaibdcms.org/index.php/ijaibdcms/article/view/240