Dates
Conferences
Tags
Sort by:
Most recent
Conference: Linux Security Summit Europe 2022
Authors: Jun Nakajima
2022-09-16
tldr - powered by Generative AI
The presentation discusses the inclusion of IO devices into Trusted Execution Environments (TEE) and the software changes required to support it.
- Current IO virtualization technologies for TEEs have limitations and incur significant performance overhead
- Direct access to hardware IO devices in VMs requires hardware support such as MMIO and DMA remapping capability
- Devices and VMs need to be trusted for protection and isolation
- Intel TDX architecture supports direct assignment and establishment of trust between TDI and TDS
- Software changes are required for Intel TDX in support of TEIO
- High-level software flows and new functionality enable Intel TDX support in TEEs
Conference: Linux Security Summit Europe 2022
Authors: Jiewen Yao, Jun Nakajima
2022-09-15
tldr - powered by Generative AI
Device attestation is necessary for maintaining confidentiality of workload in a hardware-based Trusted Execution Environment (TEE) virtual machine (VM) when transferring workload to a device for acceleration.
- Physical devices in TEE environment
- Device attestation model
- Verification of device identity and evidence information
- Device initialization flow