In the current era of cloud computing and data explosion, enterprises, organizations and individuals are faced with such a problem: on the one hand, they hope that their data on the cloud can enjoy the dividend of data cooperation or the convenience of services, on the other hand, they worry about how cloud computing providers or service providers use and protect their data. Compared with local data protection on personal terminals or internal enterprise devices, cloud data involves more complex trust and protection issues due to its mobility and user transfer.

Safety calculation based on the trusted execution environment (TEE) (often referred to as the foreign confidential terms) can guarantee the data security when using, combined with the data network transmission security, data storage security, for the first time we are surprised to see the possibility of whole life cycle of data security, see the technology alternative business promises to improve data security and user confidence. Therefore, the launch of cloud TEE, a new technology, immediately attracted extensive attention from the academic and industrial circles.

User privacy protection and compliance have always been ant Group’s number one priority. SOFAEnclave security computing platform is ant keenly aware of and follow the trend of TEE technology, very early into the research and development of security computing products. Recently, **SOFAEnclave has become the first secure computing product to pass all the test items based on the industry standard “Technical Framework for Secure Computing System Based on Trusted Execution Environment” issued by China Communications Standardization Association (CCSA). ** From the start of the test plan to the final passing of all the test items, the whole standard test process lasted about 1 month, and was finally recognized by the on-site review and acceptance experts. This article hopes to share with the reader some understanding of the standard and testing experience for your reference.

TEE technology solution is blooming, and the industry standard of ICT should be born in time

According to Gartner’s 2020 Cloud Security Technology forecast, secure computing based on TEE is still in its early stages of free development. From the initial ARM TrustZone, to Intel SGX, AMD SEV, Keystone, to the upcoming Intel TDX, ARM CCA, and some other virtualization solutions like AWS Nitro Enclave, etc. Behind the flowering of a hundred flowers is accompanied by differentiated development. These TEE scenarios differ greatly in architecture, isolation mode, interface support, and trust model.

Therefore, we hope that the whole industry has a unified reference standard on TEE, to guide the orderly development of the industry. Under this background, “Technical Framework of Secure Computing System Based on Trusted Execution Environment” was led by China Academy of Information and Communication Technology, China Mobile, and initiated by Ant Group. Huawei, Tencent, Baidu, Light tree, Oppo, 360, Qualcomm, Datang Telecom, China Telecom, Home Inhome Travel, Shanghai Jiao Tong University and many other industry leaders participate in the secure computing industry standard. The standard participation lineup is very strong, the authority of the undoubted.

Technical requirements and guiding significance of TEE standard

First of all, the introduction of standards can help us understand the nature of TEE technology and select TEE technology in a targeted manner. We are faced with many TEE technologies, how to define their security? How to choose suitable TEE technology products? Standards were rolled out in time to help us see through the clouds. Some of the basic technical requirements of TEE proposed in the standard are summarized as follows:

  • Hardware trust root: A truly technology-neutral and trusted TEE solution must be based on immutable and impassable hardware trust roots to build a trusted execution environment that incorporates hardware and software.
  • Isolation: One of the most basic ways to protect confidentiality in TEE technology is to separate trusted execution environments from untrusted execution environments. In addition, most TEE technologies provide an in-memory encryption engine to protect the confidentiality of data and code in operation.
  • Integrity: TEE technical solutions usually provide remote proof and other means to ensure the integrity of trusted applications.
  • Availability: A practical TEE solution should be acceptable in terms of production environment performance losses, additional costs, and implementation complexity.

Second, the standard is also important to guide us through industry consensus to design a truly secure TEE secure computing system. The definition of secure computing system and reference technical framework of secure computing system design are given in the standard. At the same time, a total of 74 requirements for secure computing system based on TEE are completely defined from multiple aspects, as shown in the following figure:

Among them:

  • Functional requirements: include the functional requirements of each software level in the security system, especially the requirements related to actual production, such as cluster management and monitoring operation and maintenance. These requirements not only reflect the practicability of the system, but also integrate the concept of safety design throughout the whole software life cycle.
  • Isolation requirements: Specifications are made for the TEE technical features themselves.
  • Performance requirements: Certain thresholds are set for TEE technology.
  • Compatibility and availability requirements: certain requirements are put forward for compatibility and robustness of system design.
  • General safety requirements and data safety requirements: it reflects that the goal of TEE safe computing system is safe computing, and the essence of safe computing is to ensure the safety of data in calculation.

SOFAEnclave secure computing platform has become the first product to pass the security computing industry standard test of the Ict

SOFAEnclave security computing platform is designed to serve ant’s internal large-scale standardized clustering business usage scenarios, and is a product-oriented product. SOFAEncalve is also expected to be used in multiple technology domains and business scenarios such as joint risk control, multi-party data collaboration, blockchain trusted computing, and sensitive data protection. How to design such a low level, wide coverage of the security computing system, our design thinking process and the requirements of the above standards are basically consistent.

The SOFAEnclave security computing platform that participated in the test includes: TEE infrastructure part (SGX server and our self-developed HyperEnclave TEE solution based on virtualization technology), Occlum Enclave OS for trusted application development (now open source and widely used in the industry), KubeTEE for application publishing and operation Secure computing cluster (including network agent, key management AECS service and other basic services), basically from the underlying TEE technical requirements, to the application development mode, to the system operation and maintenance and other dimensions to verify the security and completeness of SOFAEncave.

Because the SOFAEnclave security computing platform itself has many components and full coverage, we also carried out a complete test design in this test practice, considering the test case writing, environment building, the convenience of actual test execution and other factors. We reclassified all the test items, adjusted the test sequence and arranged the corresponding test environment. Full preparation greatly accelerated the progress of site acceptance.

Moving forward with determination: SOFAEnclave thinking after passing standard tests

Ant Group, as the initiator of the standard and the user of TEE technology, has been actively participating in the formulation of the standard and contributing its own practical experience. SOFAEnclave security computing platform has been in a positive cycle of standard compliance and feedback standards. Taking part in this standard test is not only a natural proof of SOFAEnclave’s acceptance, but also a process of self-examination and re-learning.

Passing the standard test provides a better foundation for SOFAEnclave to support its internal business and cooperate with compliance regulation. The authority of the standard also provides trust foundation and common language for SOFAEnclave’s future foreign exchange and cooperation. We also hope that more industry partners through the contribution to the standard or testing to constantly improve the industry ecological construction.

, of course, is only at this stage the best guidance standard, can’t say the maturity of the industry, also won’t continues to break through the shackles technology, TEE technology is ascendant, multiparty secure computation, the study, the difference of privacy and so on technology in the development of hot, also hope I can and the whole cloud computing security TEE technology collaborative development, accelerate the data security infrastructure, Realize the ultimate data resource vision. SOFAEnclave will continue to be based on the practice of ant technology, continue to pay attention to TEE technology, contribute to the development of the industry, we are determined to move forward, and encourage you together.