In the current era of cloud computing and data explosion, enterprises, organizations, and individuals will face this problem: on the one hand, they want their data to go to the cloud to enjoy the dividends of data cooperation or the convenience of services, and on the other hand, they can provide cloud computing providers or services. How the party uses and protects his data is worried. Compared with the local data protection on personal terminals or internal enterprise equipment, the trust and protection issues involved in cloud data are obviously more complicated due to its liquidity and user transfer.
Secure computing based on the Trusted Execution Environment (TEE) (commonly referred to as confidential computing abroad) can guarantee data security when using , combined with data network transmission security and data storage security, we were pleasantly surprised to see data The possibility of life cycle security sees the hope that technology replaces commercial promises to enhance data security and user trust. Therefore, as soon as the emerging technology of cloud TEE was launched, it immediately attracted widespread attention from academia and industry.
User privacy protection and compliance have always been the first priority tasks of Ant Group. The SOFAEnclave secure computing platform is exactly the secure computing product that Ants keenly discovered and followed the trend of TEE technology and invested in research and development very early. Recently, SOFAEnclave has passed all the test items based on the China Communications Standards Association (CCSA) "Technical Framework of Secure Computing System Based on Trusted Execution Environment" industry standard (draft for approval), becoming the first secure computing product to pass the standard. From the start of the test plan to the final passing of all test items, the entire standard test process lasted about 1 month, and was finally recognized by the on-site review and acceptance experts. This article hopes to share with readers some understanding of the standard and testing experience for your reference.
TEE technology solutions are blooming, and the industry standards of the Institute of Information and Communications Technology are born at the right time
According to Gartner's 2020 cloud security technology forecast, TEE-based secure computing is still in an early stage of free development. From the initial ARM TrustZone, to Intel SGX, AMD SEV, Keystone, to the upcoming Intel TDX, ARM CCA, and some other virtualization solutions similar to AWS Nitro Enclave, etc., the blossoming of flowers is accompanied by differentiated development. . These TEE schemes are very different in terms of architecture, isolation mode, interface support, and trust model.
Therefore, we hope that the entire industry has a unified reference specification for TEE to guide the orderly development of the industry. "Technical Framework of Secure Computing System Based on Trusted Execution Environment" is in this context, led by China Academy of Information and Communications Technology, China Mobile, and initiated by Ant Group, Huawei, Tencent, Baidu, Light Tree, Oppo, 360, Qualcomm, Datang Telecom, China Telecom, Home Inns, Shanghai Jiaotong University and many other industry-leading industry-university-research institutions jointly participate in the safety computing industry standard. The standard participation lineup is very strong, and there is no doubt about its authority.
Technical requirements and guiding significance of TEE standards
First of all, the introduction of standards can help us understand the nature of TEE technology, and select TEE technology in a targeted manner. We are faced with many TEE technologies, how do we define their security? How to choose the right TEE technology product? The standard was released in time, helping us to see through the dark clouds and see the sunny day. Some basic technical requirements of TEE proposed in the standard are summarized as follows:
- Hardware Root of Trust: A truly technology-neutral and credible TEE solution must be based on a hardware root of trust that cannot be tampered with and impersonated, so as to build a trusted execution environment that integrates software and hardware.
- isolation: TEE technology one of the most basic confidentiality protection method is to isolate the trusted execution environment and the untrusted execution environment. In addition, most TEE technologies provide a memory encryption engine to protect the confidentiality of running data and codes.
- integrity: TEE technical solutions usually provide remote certification and other means to ensure the integrity of trusted applications.
- Usability: A practical TEE technical solution should be acceptable in terms of production environment performance loss, additional cost, and implementation complexity.
Secondly, another important significance of the standard lies in guiding us to design a truly secure TEE secure computing system through industry consensus. standard gives the definition of a secure computing system and a reference technical architecture for secure computing system design. At the same time, a total of 74 requirements for a TEE-based secure computing system have been fully and completely defined from multiple aspects. The details are as follows:
among them:
- functional requirements: actual production, such as cluster management and monitoring operation and maintenance related requirements. These requirements not only reflect the practical orientation of the system, but also integrate the concept of safety design throughout the entire software life cycle.
- isolation requirements: requirements for TEE technical characteristics.
- performance requirements: sets a certain threshold for TEE technology.
- compatibility and usability requirements: puts forward certain requirements for the compatibility and robustness of the system design.
- General security requirements and data security requirements: reflects that the goal of the TEE secure computing system is secure computing, and the essence of secure computing is to ensure the safety of data during calculations.
The SOFAEnclave secure computing platform becomes the first product to pass the test of the China Academy of Information and Communications Technology's secure computing industry standards
The original intention of the SOFAEnclave secure computing platform is to service scenario of ant's internal large standardized clustering business , which is a product oriented to the production environment. At the same time, SOFAEncalve is also expected to use joint risk control, multi-party data collaboration, trusted computing, sensitive data protection 160c30d3c11834 and other multiple technical fields and business scenarios. How to design such a low-level, wide-covered secure computing system, our design thinking process is basically in line with the requirements in the above-mentioned standards.
The SOFAEnclave secure computing platform that participated in the test includes: TEE infrastructure (SGX server and our self-developed HyperEnclave TEE solution based on virtualization technology), Occlum Enclave OS for trusted application development (currently open source and accepted by the industry) Widely used), KubeTEE secure computing cluster for application release and operation and maintenance (including basic services such as network agents, key management AECS services, etc.), basically from the underlying TEE technical requirements, to application development models, to system operation and maintenance, etc. Multiple dimensions have verified the safety and completeness of SOFAEncave.
Because the SOFAEnclave secure computing platform itself has many components and full coverage, taking into account factors such as test case writing, environment construction, and the convenience of actual test execution, in this test practice, we also carried out a complete test design. We reclassified all test items, adjusted the test sequence, arranged the corresponding test environment, and fully prepared to greatly accelerate the progress of on-site acceptance.
Moving forward with determination: Thoughts after SOFAEnclave passed the standard test
As the initiator of the standard and the user of TEE technology, Ant Group has been actively participating in the formulation of the standard and contributing its own practical experience. The SOFAEnclave secure computing platform has been in a positive cycle of standard compliance and feedback. participated in this standard test, which proved that SOFAEnclave was recognized as a matter of course, but also a process of self-examination and re-learning.
Passing the standard test provides a better foundation for SOFAEnclave to support internal business and cooperate with compliance supervision. The authority of the standard also provides a foundation of trust and a common language for SOFAEnclave's future foreign exchanges and cooperation. We also hope that more industry partners will continue to improve the industry's ecological construction through their contributions to standards or testing.
Of course, standards are only the best guidelines at this stage. They cannot indicate the maturity of the industry and will not restrict continuous breakthroughs in technology. TEE technology is still in the ascendant, and related technologies such as multi-party secure computing, federated learning, differential privacy, etc. are also developing rapidly. In the process, I hope that TEE technology can develop synergistically with the entire cloud computing security, accelerate the data security infrastructure, and realize the ultimate vision of data resource utilization. SOFAEnclave will continue to be based on the practice of ant technology, continue to pay attention to TEE technology, and contribute to the development of the industry. We are determined to move forward and encourage everyone.
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。