Synergia: Hardening High-Assurance Security Systems with Confidential and Trusted Computing

TL;DR

This paper introduces Synergia, a novel framework that enhances high-assurance security systems by defending against cuckoo attacks and efficiently attesting OS trustworthiness, demonstrated through real-world application protection and performance benchmarks.

Contribution

It presents a new defense mechanism against cuckoo attacks, with formal proof, integrated into an efficient integrity monitoring framework for trusted OS attestation.

Findings

Achieves 3.7x to 8.5x faster attestation than existing systems.

Successfully protects a real-world eHealth application.

Provides formal proof of cuckoo attack defense.

Abstract

High-assurance security systems require strong isolation from the untrusted world to protect the security-sensitive or privacy-sensitive data they process. Existing regulations impose that such systems must execute in a trustworthy operating system (OS) to ensure they are not collocated with untrusted software that might negatively impact their availability or security. However, the existing techniques to attest to the OS integrity fall short due to the cuckoo attack. In this paper, we first show a novel defense mechanism against the cuckoo attack, and we formally prove it. Then, we implement it as part of an integrity monitoring and enforcement framework that attests to the trustworthiness of the OS from 3.7x to 8.5x faster than the existing integrity monitoring systems. We demonstrate its practicality by protecting the execution of a real-world eHealth application, performing micro and macro-benchmarks, and assessing the security risk.