A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs

TL;DR

This paper presents a portable, WebAssembly-based publish/subscribe middleware leveraging TEEs like Intel SGX, enhancing security, trust, and privacy in distributed systems with minimal performance overhead.

Contribution

It introduces a novel, fully attested, portable publish/subscribe system using WebAssembly and TEEs, addressing portability, attestation management, and privacy concerns.

Findings

Achieved a 1.55x decrease in message throughput with trusted broker

Developed a WebAssembly-based middleware compatible with industry standards

Extended TLS to preserve attestation privacy

Abstract

Publish/subscribe systems play a key role in enabling communication between numerous devices in distributed and large-scale architectures. While widely adopted, securing such systems often trades portability for additional integrity and attestation guarantees. Trusted Execution Environments (TEEs) offer a potential solution with enclaves to enhance security and trust. However, application development for TEEs is complex, and many existing solutions are tied to specific TEE architectures, limiting adaptability. Current communication protocols also inadequately manage attestation proofs or expose essential attestation information. This paper introduces a novel approach using WebAssembly to address these issues, a key enabling technology nowadays capturing academia and industry attention. We present the design of a portable and fully attested publish/subscribe middleware system as a holistic approach for trustworthy and distributed communication between various systems. Based on this proposal, we have implemented and evaluated in-depth a fully-fledged publish/subscribe broker running within Intel SGX, compiled in WebAssembly, and built on top of industry-battled frameworks and standards, i.e., MQTT and TLS protocols. Our extended TLS protocol preserves the privacy of attestation information, among other benefits. Our experimental results showcase most overheads, revealing a 1.55x decrease in message throughput when using a trusted broker. We open-source the contributions of this work to the research community to facilitate experimental reproducibility.