Software Guard Extensions (SGX) is a good candidate to address sensitive information disclosure in cloud computing because SGX creates enclaves for applications that protect security sensitive code and data from malicious access. However, existing SGX-enabled Virtual Machine Managers (VMMs) do not provide live migration of SGX-enabled Virtual Machines (VMs). This management operation is impossible because the VMM cannot directly access the Enclave Page Cache (EPC) pages where the VM’s enclaves reside. SGX supports the EPC page swapping mechanism that evicts the EPC pages into the untrusted memory which the VMM can access. However, this mechanism has the limitations to be applied to enclave migration. In this paper, we propose an SGX extension for migrating enclaves called eMotion that adds additional instructions and migration support to the SGX architecture for enabling the secure managed migration of running enclaves. eMotion allows that the participating hosts establish a key used in enclave migration and the VMMs in the hosts migrate running enclaves using the established key. We implement a prototype on top of OpenSGX, an open source SGX emulator, to demonstrate the operations of eMotion and to estimate the impact on enclave migration.
Read full abstract