[Interpretation of Confidential Computing Standards] GB/T Confidential Computing General Framework (Part 1)

News 2023-07-26 07:51:48 views: null

The National Standards Program "General Framework for Information Security Technology Confidential Computing" is under the jurisdiction of TC260 (National Information Security Standardization Technical Committee), and the competent department is the National Standardization Management Committee.

The main drafting units are Huawei Technologies Co., Ltd., China Electronics Standardization Research Institute, China Mobile Communications Group Co., Ltd., Ant Technology Group Co., Ltd., Beijing Impulse Online Technology Co., Ltd., Beijing Baidu Webex Technology Co., Ltd., and Beijing Digital Certification Co., Ltd. , Shenzhen Zhixing Technology Co., Ltd., Beijing Shudo Technology Co., Ltd., Shanghai Fushu Technology Co., Ltd., Beijing Baquan Information Technology Co., Ltd., Institute of Software, Chinese Academy of Sciences, and Institute of Information Engineering, Chinese Academy of Sciences.

The standard is currently in the draft stage for comments (2023.7)

Remarks: The content between the double horizontal lines is interpreted by bloggers~

I. Overview

1.1 Confidential Computing

A computing model that combines firmware and software to build an encrypted, isolated , and verifiable computing environment on the basis of trusted hardware to ensure the confidentiality and integrity of data , code integrity, and confidentiality of computing processes in the environment.

The operation process refers to the program running process, in which process program segment, data segment, process control block and all data involved in process communication will be generated.

The concepts of trusted hardware, encryption, isolation, verifiability, and confidentiality integrity are all in the category of trusted computing. Confidential computing puts more emphasis on the confidentiality of operations, and further protects data in use and data processing methods.

Therefore, we can understand it like this: Trusted computing is to ensure the predictability of computing, and confidential computing is to strengthen the confidentiality of the computing process on the basis of trusted computing.

When we look at the description of confidential computing technology, we will first mention that the goal of confidential computing is to protect data in use. Traditional technologies have been able to protect data at rest (storage) and data in transmission, but this standard does not include Emphasize this.

1.2 Role

In a typical confidential computing interaction, the main actors involved include

  • computing program provider;
  • Confidential Computing Service Providers;
  • Confidential Computing Platform Providers;
  • data provider;
  • Result demand side.

As shown in FIG. 1 , the above roles are not limited to different entities, that is, the same entity may assume multiple roles.

 The main roles involved are described as follows:

a) Calculation program provider: responsible for providing the calculation program that needs to be run in the confidential computing environment, and the calculation program should be consistent with the calculation requirement description of the result demander.

b) Confidential computing service provider: the software module responsible for providing confidential computing services to the result demander. The service provider also provides service management functions, such as supporting the entry and release of computing programs.

c) Confidential computing platform provider: responsible for providing the trusted software and hardware that the confidential computing environment relies on and the interfaces used by the service provider, including the root of trust integrated in the confidential computing platform, trusted execution environment, etc., to establish and realize a complete A metric storage reporting mechanism that extends the chain of trust to computational programs.

d) Data provider: responsible for providing the calculation data used in the calculation tasks, and the calculation data should ensure confidentiality and integrity during the calculation process.

e) Result demander: Responsible for providing specific descriptions of computing requirements to confidential computing services or directly using confidential computing platforms to execute computing requirements, including programs to be run, data to be calculated when programs are running, etc., and obtaining corresponding confidential computing results.

Interpretation: Since it is a national standard, it is necessary to abstract, unify, and classify the business and business parties. The five relevant parties here come here for this purpose. Computing program providers are applications that process data, such as gene processing programs; computing service providers mainly provide basic confidential computing service modules for upper-level confidential applications, such as password modules, certification modules, etc.; confidential computing platforms provide lower-level trusted hardware , system software, trusted execution environment, and management services; the data provider and the result demander are easier to understand.

This layered abstraction corresponds roughly to a common computing architecture.

1.3 Trust conditions

Each role can establish a trust relationship through the following operations when participating in the computing tasks of confidential computing :

  1. The program provider verifies the integrity and authenticity of the computing environment for confidential computing services, and ensures that the entered computing programs are run in a trusted execution environment (the computing program party [requires] a trusted computing environment to ensure its own integrity)

  2. The data provider verifies the integrity and authenticity of the computing environment and needs to verify the integrity of the program code to ensure that the program code matches the description of the computing requirements. The data provider can input the data into the confidential computing service in the form of ciphertext to ensure that only the corresponding computing program can be read in the trusted execution environment (the data provider [requires] the trusted execution environment, correct computing program and confidential computing Serve)

  3. The result demander verifies the integrity, authenticity and program code integrity of the computing environment to ensure that the calculation execution program is consistent with the calculation requirement description (the result demander does not need to guarantee the input data)

Each participant needs to put its own assets into the associated environment, or obtain results from the specified environment. In order to ensure its own interests, the process needs to verify the relevant environment; only through verification and approval, can the Only by participating in confidential computing can we have confidence in the security of our assets.

2. Framework composition

2.1 Framework description

The general framework of confidential computing defined in this document is shown in Figure 2. It is mainly divided into five layers: hardware layer, system software layer, service layer, application layer and management layer.

  • The hardware layer is based on hardware isolation to prevent protected resources from being accessed by open systems, and provides hardware-based security functions to provide a trusted hardware foundation for confidential computing .

  • The system software layer provides a software-based isolation mechanism , necessary hardware resources and basic services for confidential computing .

  • The service layer provides a unified programming interface and a confidential computing service interface for upper-layer applications to shield the differences in the underlying hardware architecture and software development interfaces. The services provided include secure isolation, secure boot, remote attestation, secure channel, key derivation, secure storage, cryptographic operations, and data encapsulation.

  • The application layer is an application program directly oriented to the result demander, and the result demander performs calculation operations through the application program.

  • The management layer provides the necessary management modules for conducting confidential computing activities through cross-layer interaction . The management module includes key management, log management, resource management, and whitelist management.

Confidential computing platforms can correspond to traditional server platforms, such as the Kunpeng computing platform;

Confidential computing service providers correspond to traditional system service providers, such as AI services;

Confidential computing programs correspond to traditional applications, AI-based data mining;

Data providers and result demanders are more diverse than traditional ones.

2.2 Hardware layer

2.2.1 Core components

The core components of the confidential computing framework hardware layer mainly include:

  • Trusted execution control unit: Define security-enhanced instruction control logic on the CPU to achieve the goal of isolated execution of instructions. It is often strengthened in cache controllers, DMA controllers, and interrupt controllers, and there are also independent control units;

  • Isolated memory space: The memory space isolated by the CPU trusted execution control unit is independent of the general memory space;

  • Trusted firmware: Provides functions such as identifying hardware device initialization information, supporting system software integrity verification, upgrading and maintenance, and configuring confidential computing environment resources;

  • Hardware cryptographic engine: The hardware cryptographic engine provides key derivation capabilities for confidential computing applications using the device's unique key and a true random number generator;

  • Device unique key: a unique identifier solidified in the hardware, which is written in the device manufacturing stage. Due to its uniqueness, the device unique key is used as the root key to derive the encryption key used in the confidential computing environment;

  • Random number generator: In the process of key generation and cryptographic operation, a true random number is generated, which can resist replay attacks;

  • Root of trust: used to support the establishment of a bottom-up trust chain in a confidential computing environment, and provide security functions such as secure storage, integrity measurement, and identity authentication.

Confidential computing requires the implementation of the above components at the hardware layer.

The trusted execution control unit mainly includes two types: one is a security-enhanced traditional component similar to the Arm Trustzone technology, which implements a secure execution link by isolating the cache and GIC of the execution unit; the other An independent control unit represented by Intel SGX and Arm Crypto-Island technology;

Memory isolation can be understood as Arm TZASC, Intel's memory encryption technology SME, etc., which can isolate a secure memory space in the memory. In Arm, it is also necessary to cooperate with the peripheral security controller TZPC to achieve secure access to peripherals;

Trusted firmware can be considered as BIOS, UEFI and other firmware;

From the description, the hardware cryptographic engine is a component for key derivation based on the unique key of the device, and there is no cryptographic algorithm acceleration engine that we usually understand;

The device unique key is injected during the device manufacturing stage. At present, the unique key on mobile phones, cars and other terminal devices is injected by the OEM during the device manufacturing process. It can be considered that the OEM is the endorser of the key. But in the confidential computing framework, the injection of the key should be endorsed by a trusted third party. In Arm's confidential computing architecture CCA, it is jointly implemented by HES (hardware-enhanced security module) and the trusted party;

Here, the root of trust is mainly a concept in trusted computing, including the trusted measurement root, trusted storage root, and trusted reporting root.

2.2.2 Basic functions

The basic functions of the confidential computing framework hardware layer include but are not limited to:

  • Provide a memory isolation mechanism, the general computing environment cannot access the memory data of the confidential computing environment;

  • Provide a secure boot mechanism based on a physical root of trust, and perform integrity verification on key firmware and key system software in a confidential computing environment, and only after the verification can be loaded and run;

  • Provide a hardware-based key derivation mechanism to protect the confidentiality of the derived key;

  • Provide communication instruction scheduling mechanism for general computing environment and confidential computing environment ;

  • The size of the memory space allocated to the confidential computing environment can be flexibly set .

3. System software layer

3.1 Core components

The core components of the confidential computing framework system software layer mainly include:

  • Confidential computing operating system: an operating system based on the trusted execution control unit of the underlying CPU and instruction set packaging and tailoring, which mainly provides  functions such as computing resource scheduling based on TEE resources, isolated memory space management, and communication mechanisms with ordinary computing environments (this component available as an optional component )

  • Confidential computing virtualization software: Virtualization software deployed in confidential computing environments provides support for the deployment of confidential VMs or containers . (This component is available as an optional component) 

The confidential computing operating system can be understood as the TEE OS running in Secure EL1 in Trustzone. The current open source implementation is OP-TEE ;

Confidential computing virtualization software can be understood as virtualization software running in Secure EL2 under the Trustzone architecture. The current open source implementation is Halfnium ;

These two components are optional, that is, trusted applications and services can run on the bare metal environment of the confidential computing environment.

3.2 Basic functions

The basic functions of the confidential computing framework system software layer include but are not limited to:

  • Guarantee the isolation of system software, and ordinary computing environments cannot access confidential computing operating systems without unauthorized access;
  • Provide multi-thread and multi-process computing capabilities;
  • Verify the integrity and authenticity of confidential computing applications , and run them only after passing the verification;
  • Use cryptographic algorithms that meet the relevant requirements of the national cryptographic management department ;
  • Ability to adapt to mainstream programming languages.

For isolation, TEE can satisfy;

Multi-thread and multi-process should actually need to supplement multi-core capabilities. Only when multi-core is used, the performance advantages of multi-thread and multi-process can be reflected;

For the adaptation of Python and JAVA, it is technically credible, but there is usually no support for the problem of large attack surface or large trusted computer; in confidential computing, the ease of use of computing program development is a backup It has attracted attention, so it also needs to support high-level programming languages ​​such as Python and JAVA, and the support is no problem.

4. Service layer

4.1 Core components

The core components of the confidential computing framework service layer mainly include:

  • Confidential computing unified service interface: By providing a unified programming interface, it provides a unified confidential computing security service decoupled from the specific hardware architecture for applications, reducing the development and deployment costs of different architectures;
  • Isolation Computing: Distinguishing common computing environment and confidential computing environment, providing a unified confidential computing application calling mode, supporting the input of computing parameters, tracking of computing status, and obtaining of computing results. This service is a prerequisite for the operation of confidential computing services, including Created a confidential computing environment and deployed confidential computing applications;
  • Secure Boot: Guarantees the integrity and authenticity of confidential computing environments;
  • Remote Attestation: Integrity verification of confidential computing environments and confidential computing applications;
  • Secure channel: ensure the safe transmission of local data to the confidential computing environment;
  • Key derivation: ensuring the security of keys generated in confidential computing environments;
  • Storage protection: provide users with encrypted storage services for sensitive data, which can only be accessed or modified by entities authorized by confidential computing services;
  • Cryptographic operations: performing cryptographic operations in a confidential computing environment;
  • Data encapsulation: Provide sensitive data encapsulation/decapsulation services for data demanders.
  • Note: Confidential computing service providers can choose to deploy the above security services according to their needs.

The same service interface of confidential computing can be compared to the GP TEE Internal API defined by Global Platform for TEE ;

Other security services are defined in GP TEE and TCG Trusted Computing.

4.2 Basic functions

The basic functions of the confidential computing framework service layer include but are not limited to:

  • Provide application integration development interface and code generation tools to improve the ease of development of confidential computing applications ;
  • Provide the necessary security mechanism for confidential computing for the service provider or the result demander ;
  • Compatible with different TEE hardware architectures ;
  • It is compatible with multiple cryptographic algorithms and ensures the availability of cryptographic algorithms.

Confidential computing is business-oriented, so ease of use is very important. Compared with the TEE software development kit SDK, the confidential computing SDK needs to be easier to use, and even needs to provide code generation tools;

The necessary security mechanisms are only those security services above;

One of the biggest feature requirements of the service layer is the need to shield the TEE hardware architecture, such as Trustzone, SGX, etc. This is still somewhat difficult, but some projects are trying, such as Occulm .

5. Application layer

5.1 Core components

The core components of the confidential computing framework application layer mainly include:

Confidential computing applications: For applications running on top of the confidential computing operating system, the processing logic involving sensitive data needs to be completed in the confidential computing application.

This is the program related to confidential business. There are key management application Keymaster, screen guard application Gatekeeper, face recognition program, digital copyright protection widewine, etc. on the TEE of the mobile phone. In the field of confidential computing, it may be gene processing program, government data processing program, etc. 

5.2 Basic functions

The basic functions of the confidential computing framework application layer include but are not limited to:

  • Unauthorized applications cannot view code and data running in confidential computing environments;
  • Unauthorized applications cannot add, delete or change code and data running inside the confidential computing environment;
  • Guarantees isolation between different confidential computing applications .

The main thing to pay attention to here is the isolation between different confidential applications. There may be multiple confidential computing applications in the confidential computing environment, so it is necessary to ensure the complementary influence between them (no peeping, no tampering, etc.), this Technology realizes isolation through process isolation and persistent data binding in TEE. 

6. Management

6.1 Core components

The core components of the confidential computing framework management layer mainly include:

  • Key management : manage the keys involved in performing confidential computing operations, including key generation, protection, transmission, destruction, etc.;
  • Log management : record the execution of confidential computing operations, provide the log backtracking function, and ensure the integrity of the log;
  • Whitelist management : provide a trusted list of firmware versions, drivers, and device identities involved in confidential computing;
  • Resource management : Manage CPU computing resources, memory resources, etc. required to perform confidential computing operations.

Cross-layer management is composed of management components independent of the four layers described above. Key management is usually a troublesome thing and can be implemented as a management module; log management is only used for auditing and backtracking purposes; the white list is used to control the system's trusted Software, firmware, component versions, similar to platform credentials for trusted computing;

6.2 Basic functions

The basic functions of the confidential computing framework management layer include but are not limited to:

  • The confidentiality, non-tamperability and non-repudiation of the key are guaranteed through the underlying hardware ;
  • Keys used to perform confidential computing tasks are generated within the confidential computing environment ;
  • Ensure that keys such as encryption keys and signature keys in confidential computing environments have a clear and single purpose ;
  • Log records of hardware resource status, system running status, interface adaptation status, confidential computing task status, network status, etc .;
  • Log and store API calls, confidential computing task operations, etc .;
  • Ensuring that only trusted-listed entities have access to confidential computing environments;
  • Ensure that confidential computing applications only access the corresponding resources according to the assigned permissions, and cannot access beyond the authority.

7. Security service

7.1 Isolated Computing

7.1.1 Isolation Computing Between General Computing Applications and Confidential Computing Applications

The isolation computing process between general computing applications and confidential computing applications is shown in Figure 4

 The isolation computing process between general computing applications and confidential computing applications is as follows:

  • The general computing application creates a confidential computing environment in advance before initiating a security isolation request ; Note: According to the requirements of specific computing scenarios, the confidential computing environment can also be created synchronously when the general computing application initiates a request to create a confidential computing application.
  • Common computing applications call the confidential computing application creation interface provided by the confidential computing unified service platform to apply for the creation of confidential computing applications, and the confidential computing unified service platform processes the requests of general computing applications and creates confidential computing applications according to the hardware layer architecture , and deploy and run confidential computing applications in a confidential computing environment;
  • Common computing applications initiate computing requests to confidential computing applications;
  • Confidential computing applications complete computing tasks, and transmit confidential data to general computing applications or return computing results;
  • After all computing tasks are completed, the general computing application sends a request to destroy the confidential computing application, the confidential computing environment destroys the confidential computing application, and the session ends. 

​7.1.2 Segregated Computing Between Confidential Computing Applications and Confidential Computing Applications

Figure 5 shows the isolated computation between confidential computing applications and confidential computing applications.

 The flow of isolated computing between confidential computing applications and confidential computing applications is as follows:

  • Between confidential computing application A and confidential computing application B, a secure session is first established ;
  • Confidential computing application A initiates a computing request to confidential computing application B;
  • Confidential computing application B completes the calculation task and returns the calculation result to confidential computing application A;
  • After completing all computing tasks, confidential computing application A sends a request to close the session , and the session ends. 

The Client API specified by GP TEE meets the above requirements 

7.2 Secure Boot

Secure boot is a security mechanism to ensure the integrity and authenticity of a confidential computing environment . After the computing system is started and before the confidential computing environment is established, it is necessary to start from the physical root of trust, establish a bottom-up trust chain, and verify the key components in the confidential computing environment layer by layer. Figure 6 shows a typical secure boot process.

​The secure boot process is as follows:

  • The confidential computing root of trust verifies the digital signature of the confidential computing key firmware or software after startup , and loads the key firmware or software after ensuring that it has not been tampered with;
  • The key firmware and software verify the digital signature of the confidential computing application to ensure that the confidential computing environment can run normally after it has not been tampered with;
  • In a confidential computing environment, secure boot can also be extended to the integrity verification of each application. Each time a confidential computing application is loaded, the confidential computing key firmware or software needs to verify the confidential computing application to ensure that the confidential computing application After not being tampered with, load trusted confidential computing applications. 

The verification and loading of confidential computing applications are necessary in the TEE, which is usually customized by the manufacturer; while the verification and loading of key firmware or software are related to specific platforms.

Pygmalion effect psychology points out that praise and approval can produce miracles, the more specific, the better the effect~
"Favorites eating ashes" is a very smart way to learn "tools" and practice "skills", helping us avoid daily inefficient diligence~

Next【Confidential Computing Standards】GB/T General Framework for Confidential Computing (Medium)

Guess you like

Origin blog.csdn.net/BillyThe/article/details/129435678
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com