Association for Computing Machinery
The authors propose an architecture that enables the creation and management of multiple, concurrent secure execution environments on multi-core systems. Their architecture is suitable for use in cloud settings where each user may require an independent secure environment within which he can run his sensitive applications. Their solution effectively scales architectures like Intel TXT which, both on single- and multi-core platforms, support the creation of only one secure environment. Unlike existing solutions that require significant hypervisor participation, their architecture relies on light-weight processor extensions and a novel hardware-based virtualized TPM that supports multiple, concurrent dynamic root of trust requests from different VMs.