云中数据_云中的机密计算

云中数据

Security is one of the most important pillars for an organization. Worryingly, there has been an increase in the number of CVEs (Common Vulnerabilites and Exposures) every year, for e.g. in just last three months, there have been 5959 new security loopholes found. There is even a twitter feed to follow every new vulnerability as it is announced (not for the faint-hearted!).

安全是组织最重要的Struts之一。 令人担忧的是，每年CVE(通用漏洞和暴露)的数量在增加，例如在最近三个月内，发现了5959个新的安全漏洞。 甚至还有一个Twitter 提要，用于关注每个已宣布的新漏洞(不适合胆小的人！)。

数据安全性-不同状态 (Data security — in different states)

Data is primarily in three states — at-rest, in-transit or in use. In the last years, the focus has primarily been on security of data at-rest and in-transit. Data at-rest can be encrypted at file, filesystem or disk level. Data in-transit has been more and more secure with the increased adoption of HTTPS. More and more companies are even moving towards stronger RSA encryption.

数据主要处于三种状态-静止，运输或使用中。 在过去的几年中，重点主要放在静态数据和传输中数据的安全性上。 静态数据可以在文件，文件系统或磁盘级别进行加密。 随着越来越多的HTTPS的采用，传输中的数据越来越安全。 越来越多的公司甚至朝着更强大的RSA加密迈进。

© SSL Labs — Key strength distribution comparison between July 8, 2020 and June 3, 2020

©SSL Labs — 2020年7月8日至2020年6月3日之间的主要强度分布比较

Data-in-use security however had been ignored, but has grained traction lately for multiple reasons:

但是，使用中的数据安全性已被忽略，但近来由于许多原因而受到关注：

• Attack vectors — As data-at-rest and in-transit have gotten more secure, the attackers have started to exploit the vulnerabilities of data-in-use, mainly using malwares / memory snooping / memory scraping. Attack vectors on the cloud include hypervisor and container breakout, firmware compromise, and insider threats.

  攻击媒介 -静态数据和传输中数据变得更加安全时，攻击者已开始利用正在使用的数据的漏洞，主要使用恶意软件/内存监听/内存抓取。 云上的攻击媒介包括虚拟机管理程序和容器突破，固件泄露以及内部威胁。

• Costs of data breaches — As more and more regulations are introduced in various places (GDPR in Europe, CCPA in California etc.), there has been a monetary cost associated with data breaches, other than the loss of brand image and general embarrassment. For e.g. under GDPR, the data custodian is to pay 4% of gross annual revenue for a data breach.

  数据泄露的成本 —随着越来越多的法规在各个地方(欧洲的GDPR，加利福尼亚的CCPA等)出台，除了品牌形象的丧失和普遍的尴尬之外，还有与数据泄露相关的金钱成本。 例如，根据GDPR，数据保管人应为数据泄露支付年度总收入的4％ 。

• Reluctance in Cloud Adoption — Many companies have been reluctant in adopting the public cloud because of the lack of security while data-in-use or because the regulation prohibits it or unauthorized access to their code (intellectual property) or the fear of data compromise etc.

  磁阻在采用云 -许多公司都不愿意在采用的，因为缺乏安全的公共云，而数据在使用或因为调控禁止它或它们的代码(知识产权)，未经授权的访问或数据泄漏等的恐惧。

The problem of data-in-use security is what is primarily confronted in Confidential computing. So let’s dive in.

使用数据的安全性问题是机密计算中主要遇到的问题。 因此，让我们开始吧。

机密计算 (Confidential Computing)

Confidential computing aims to protect your code and data from being compromised. Confidential computing is achieved using hardware-based Trusted Execution Environments (TEE), also known as Enclaves, however there are other ways of data protection called Homomorphic encryption and Trusted Platform Modules (TPM).

机密计算旨在保护您的代码和数据免遭破坏。 使用基于硬件的可信执行环境( TEE )(也称为Enclaves )可以实现机密计算，但是还有其他数据保护方式，称为同态加密和可信平台模块(TPM)。

© Confidential Computing Consortium

©机密计算联盟

Important: It’s important to clear up what confidentiality and integration stand for here. Confidentiality stands for prevention of any unauthorized view, whereas Integrity stands for prevention or detection of any unauthorized change.

重要提示 ：在这里清除机密性和集成性很重要。 机密性代表防止任何未经授权的查看 ，而完整性代表防止或检测任何未经授权的更改 。

Confidential computing requires a mix of software and hardware where hardware normally serves as the root of trust for security purposes.

机密计算需要软件和硬件的混合，其中出于安全目的，硬件通常是信任的基础。

飞地/ TEE (Enclaves / TEEs)

The basic idea in confidential computing is to reduce your attack surface area, for e.g. on traditional systems, if some attacker is able to get root access to your machine where you keep your keys, not much can be done to stop this attack. However if you run an application in an Enclave (TEE), the application can run protected from even the OS kernel, with the guarantee that even a user running with root privileges cannot extract the Enclave’s secrets or compromise its integrity.

机密计算的基本思想是减少攻击的范围，例如在传统系统上，如果某些攻击者能够对您保留有密钥的计算机进行root访问，那么阻止该攻击的工作就很多。 但是，如果您在Enclave(TEE)中运行应用程序，则即使在操作系统内核的保护下，该应用程序也可以运行，并确保即使具有root特权的用户也无法提取Enclave的机密或损害其完整性。

Trusted Computing Base 可信赖计算基地

In Confidential Computing, the only other thing that you trust is your CPU. Any calls to the OS go through the enclave, thus enclave has to either bypass the call to the OS in case this call poses no security threat or provide a secure alternative to the OS call.

在“机密计算”中，您唯一信任的另一件事就是您的CPU。 对OS的任何呼叫都会经过安全区，因此，安全区必须绕过对OS的呼叫，以防此调用不会造成安全威胁，或者为OS调用提供安全的替代方案。

Enclaves ensure that only authorized code can access the data (Data confidentiality). In case the code has been tampered with, the Enclave denies the operation (Code Integrity). Enclaves however have no industry standard and the technologies can be varied. There are multiple frameworks that allow you to develop application using multiple TEE backends, hardware or software, for e.g. Google offers Asylo , whereas Microsoft has OpenEnclave.

安全区确保只有授权代码才能访问数据(数据机密性)。 万一代码被篡改，Enclave会拒绝该操作(代码完整性)。 但是，飞地没有行业标准，因此技术可以变化。 有多种框架可让您使用多个TEE后端，硬件或软件来开发应用程序，例如Google提供了Asylo ，而Microsoft提供了OpenEnclave 。

Enclaves can be enabled through hardware isolation technologies such as Intel SGX or ARM TrustZone, or through additional software layers such as a hypervisor, for e.g. Microsoft’s Virtual Secure Mode is a software-based TEE implemented by Hyper-V.

可以通过诸如Intel SGX或ARM TrustZone之类的硬件隔离技术或通过诸如hypervisor之类的其他软件层来启用Enclaves，例如， Microsoft的Virtual Secure Mode是由Hyper-V实现的基于软件的TEE。

同态加密 (Homomorphic encryption)

Homomorphic Encryption provides the ability to compute on data while the data is encrypted. It can thus protect arbitrary data, but by itself cannot ensure that the correct operations have been done and that the code has not been tampered with, whereas an Enclave/TEE protects both the data and the code.

同态加密提供了在加密数据时对数据进行计算的功能。 因此，它可以保护任意数据 ，但其本身不能确保已完成正确的操作且代码未被篡改，而Enclave / TEE 既保护数据又保护代码 。

可信平台模块(TPM) (Trusted Platform Modules (TPM))

TPM protects keys, but by itself cannot vouch for the validity of the data signed or encrypted by those keys, and it is not programmable with arbitrary code, whereas an Enclave/TEE is programmable and protects that code and its data.

TPM保护密钥，但是它本身不能保证由那些密钥签名或加密的数据的有效性，并且不能用任意代码编程，而Enclave / TEE是可编程的并且可以保护该代码及其数据。

机密计算的用例 (Use cases of Confidential Computing)

• Public Cloud use — Enhanced protection guarantees provided by Confidential computing enable many workloads to move to the public cloud which previously could not due to security concerns or compliance requirements.

  公共云的使用 -机密计算提供的增强保护保障使许多工作负载可以迁移到公共云，而以前由于安全问题或合规性要求而无法实现。

• Better collaboration opportunities — Better isolation and confidentiality provided by confidential computing allows companies to work together without worrying about their IP being stolen or data being compromised.

  更好的协作机会 -机密计算提供了更好的隔离性和机密性，使公司可以一起工作，而不必担心IP被盗或数据遭到破坏。

• Mobile and personal computing devices — Better guarantees for the customers that their personal data is not observable by anyone else during data processing.

  移动和个人计算设备 -更好地向客户保证在数据处理期间其他任何人都无法观察到他们的个人数据。

• Edge and IoT — A lot of machine-learning use cases can be enabled in the presence of confidential computing, for e.g. CCTV camera surveillance, where the provider needs to load templates of persons of interest that could be harmful if leaked.

  边缘和物联网 —在存在机密计算的情况下，可以启用许多机器学习用例，例如CCTV摄像机监控，提供商需要加载感兴趣的人员模板，如果泄漏这些人员可能会有害。

机密计算产品 (Confidential Computing Offerings)

谷歌云 (Google Cloud)

Google Cloud recently released Confidential VMs (in Beta) which keep data encrypted in memory and elsewhere outside the central processing unit (CPU). Memory encryption ensures that data is encrypted while it’s in RAM. Main memory encryption is performed using dedicated hardware within the on-die memory controllers. Each controller includes a high-performance Advanced Encryption Standard (AES) engine. The AES engine encrypts data as it is written to DRAM or shared between sockets, and decrypts it when data is read. This makes the content of the memory more resistant to memory snooping and cold boot attacks.

Google云端最近发布了机密VM(处于Beta版)，该数据可将数据加密在内存中以及中央处理器(CPU)之外的其他地方。 内存加密可确保数据在RAM中时被加密。 主内存加密是使用片上内存控制器中的专用硬件执行的。 每个控制器都包含一个高性能的高级加密标准(AES)引擎 。 AES引擎在将数据写入DRAM或在套接字之间共享时对其进行加密 ，并在读取数据时对其进行解密 。 这使得内存内容更能抵抗内存监听和冷启动攻击。

Confidential VMs leverage the Secure Encrypted Virtualization (SEV) feature of 2nd Gen AMD EPYC™ CPUs. AMD Secure Encrypted Virtualization uses keys to cryptographically isolate individual virtual machines and the hypervisor from one another. The keys are managed by the AMD Secure Processor. An attacker with hypervisor administrator access or a compromised VM account may try to read the memory of other virtual machines. With SEV, the attacker sees only encrypted data.

机密VM利用第二代AMD EPYC™CPU的安全加密虚拟化 (SEV)功能。 AMD安全加密虚拟化使用密钥将各个虚拟机和虚拟机管理程序彼此加密隔离 。 密钥由AMD安全处理器管理。 具有管理程序管理员访问权限或虚拟机帐户受到攻击的攻击者可能会尝试读取其他虚拟机的内存。 使用SEV，攻击者只能看到加密数据 。

Confidential VMs are built on Shielded VMs (enabling protection against rootkits and bootkits) and allow for any workload to be deployed without any change whatsoever.

机密VM建立在Shielded VM上(可针对rootkit和bootkit进行保护)，并允许在不进行任何更改的情况下部署任何工作负载。

The performance hit because of encryption/decryption has been shown to be 1–6%.

加密/解密导致的性能下降已显示为1–6％。

蔚蓝 (Azure)

Azure offers DCsv2-series VM that uses hardware-based trusted execution environments (TEEs). Even cloud administrators and datacenter operators with physical access to the servers cannot access TEE-protected data. It uses Intel SGX hardware which protects your data and keeps it encrypted while the CPU is processing it, even the operating system and hypervisor cannot access it, nor can anyone with physical access to the server.

Azure提供了DCsv2系列VM ，该VM使用基于硬件的受信任执行环境(TEE)。 即使对服务器具有物理访问权限的云管理员和数据中心操作员也无法访问受TEE保护的数据。 它使用Intel SGX硬件来保护您的数据，并在CPU处理数据时对其进行加密，即使操作系统和虚拟机管理程序也无法访问它，任何具有物理访问服务器权限的人也无法访问它。

Unlike Google Cloud’s Confidential VMs where you can use any workload, with Azure’s offering you can’t just use any workload so you might have to rewrite application or work with one of Azure partners like Anjuna.

与您可以使用任何工作负载的Google Cloud机密VM不同，使用Azure的产品，您不仅可以使用任何工作负载，因此您可能不得不重写应用程序或与其中一个Azure合作伙伴(例如Anjuna)合作。

AWS (AWS)

AWS offers Nitro Enclaves which uses the same Nitro Hypervisor technology that creates the CPU and memory isolation among EC2 instances, to create the isolation between an Enclave and an EC2 instance. Nitro Enclaves are virtual machines attached to EC2 instances that come with no persistent storage, no administrator or operator access, and only secure local connectivity to your EC2 instance.

AWS提供了Nitro Enclaves ，它使用相同的Nitro Hypervisor技术在EC2实例之间创建CPU和内存隔离 ，以在Enclave和EC2实例之间创建隔离。 Nitro Enclaves是连接到EC2实例的虚拟机， 没有持久性存储，没有管理员或操作员访问权 ，并且仅保护与EC2实例的本地连接。

Nitro Enclaves includes cryptographic attestation for your software, so that you can be sure that only authorized code is running, as well as integration with the AWS Key Management Service, so that only your enclaves can access sensitive material. Nitro Enclaves are currently available only in preview.

Nitro Enclaves包括软件的加密证明 ，因此您可以确保仅授权代码正在运行，并且可以与AWS Key Management Service集成，以便只有您的Enclaves才能访问敏感材料。 Nitro Enclaves当前仅在预览中可用。

结论 (Conclusion)

All three clouds have gone different ways. Google Cloud’s Confidential VMs provides a very smooth experience if you are only looking for data integrity and confidentiality. However if you are looking for code integrity and confidentiality, you’d have to use Asylo as mentioned earlier, which although is not an official Google product.

所有三朵云都走了不同的方式。 如果您只是在寻找数据完整性和机密性，那么Google Cloud的机密VM可以提供非常流畅的体验。 但是，如果您要寻找代码完整性和机密性，则必须使用前面提到的Asylo，尽管它不是Google的正式产品。

Azure’s offering uses hardware-based trusted execution environments (TEEs) which although doesn’t allow easy integration for all workloads. AWS Nitro enclaves are very promising as they are able to leverage Nitro for isolation and security. It will be interesting to see how these technologies evolve and which cloud ultimately offers the easiest path to confidential computing as a whole.

Azure的产品使用基于硬件的受信任执行环境(TEE)，尽管该环境不允许所有工作负载轻松集成。 AWS Nitro飞地非常有前途，因为它们能够利用Nitro来实现隔离和安全性。 有趣的是，这些技术是如何发展的，以及哪种云最终为整体机密计算提供了最简单的途径。

翻译自: https://levelup.gitconnected.com/confidential-computing-in-the-cloud-64183d3bdb31

云中数据