TY - GEN
T1 - SoK
T2 - 9th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2020, in conjunction with the 53rd International Symposium on Microarchitecture, MICRO 2020
AU - Dangwal, Deeksha
AU - Cowan, Meghan
AU - Alaghi, Armin
AU - Lee, Vincent T.
AU - Reagen, Brandon
AU - Trippel, Caronline
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/10/17
Y1 - 2020/10/17
N2 - Users are demanding increased data security. As a result, security is rapidly becoming a first-order design constraint in next generation computing systems. Researchers and practitioners are exploring various security technologies to meet user demand such as trusted execution environments (e.g., Intel SGX, ARM TrustZone), homomorphic encryption, and differential privacy. Each technique provides some degree of security, but differs with respect to threat coverage, performance overheads, as well as implementation and deployment challenges. In this paper, we present a systemization of knowledge (SoK) on these design considerations and trade-offs using several prominent security technologies. Our study exposes the need for software-hardware-security codesign to realize efficient and effective solutions of securing user data. In particular, we explore how design considerations across applications, hardware, and security mechanisms must be combined to overcome fundamental limitations in current technologies so that we can minimize performance overhead while achieving sufficient threat model coverage. Finally, we propose a set of guidelines to facilitate putting these secure computing technologies into practice.
AB - Users are demanding increased data security. As a result, security is rapidly becoming a first-order design constraint in next generation computing systems. Researchers and practitioners are exploring various security technologies to meet user demand such as trusted execution environments (e.g., Intel SGX, ARM TrustZone), homomorphic encryption, and differential privacy. Each technique provides some degree of security, but differs with respect to threat coverage, performance overheads, as well as implementation and deployment challenges. In this paper, we present a systemization of knowledge (SoK) on these design considerations and trade-offs using several prominent security technologies. Our study exposes the need for software-hardware-security codesign to realize efficient and effective solutions of securing user data. In particular, we explore how design considerations across applications, hardware, and security mechanisms must be combined to overcome fundamental limitations in current technologies so that we can minimize performance overhead while achieving sufficient threat model coverage. Finally, we propose a set of guidelines to facilitate putting these secure computing technologies into practice.
UR - http://www.scopus.com/inward/record.url?scp=85118790434&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85118790434&partnerID=8YFLogxK
U2 - 10.1145/3458903.3458911
DO - 10.1145/3458903.3458911
M3 - Conference contribution
AN - SCOPUS:85118790434
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the 9th International Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2020
PB - Association for Computing Machinery
Y2 - 17 October 2020
ER -