In an era engulfed by the collection, storage and analysis of sensitive information, data privacy and security are among the foremost challenges to be solved. In this blog series, we are primarily interested in how we can compute securely on sensitive data using untrusted code on multi-tenant systems.
Here at Very Good Security (VGS) we understand this problem well as we handle sensitive data and face these challenges everyday. VGS protects its customers’ sensitive data while removing the cost or liability that comes with storing and operating on that data. VGS decouples and insulates customer systems and applications from sensitive data by collecting, segmenting, aliasing and storing the data on the customers behalf. Aliasing is done using tokenization, where customers receive non-sensitive tokens that represent sensitive data but with minimal extrinsic value. Customers can interact with their data using these tokens through an API with predefined operations implemented and maintained by VGS or through custom applications implemented by the customer and deployed on VGS’s infrastructure. However, deploying these untrusted workloads opens the door to malicious adversaries who may attempt privilege escalation and/or leak sensitive data, and therefore requires a secure compute platform that can execute untrusted applications while defending against such malicious adversaries.
Securing data computations can be achieved through either hardware-based isolation (e.g. TEEs, Intel SGX, ARM TrustZones), or software-based isolation (e.g. gVisor, firecracker, kata-containers). HW isolation provides strong security guarantees using hardware-backed techniques, and protects data computations against a malicious or compromised host. SW isolation, on the other hand, provides strong process isolation through virtualization or sandboxing techniques that guarantee the security and integrity of data computations within a process. The focus of this blog is running untrusted workloads on a secure and trusted host, and so it is sufficient to solely consider SW techniques to isolate untrusted workloads and mitigate malicious behavior. In addition, SW isolation techniques introduce a lower performance overhead than HW techniques, making it a more attractive option without compromising on security. We see potential in further considering HW isolation technologies in the future as they mature and become increasingly performant & scalable.
At this point, you might be wondering: well, what about side-channel and speculative execution attacks such as Spectre? This is an industry-wide issue and definitely a concern, but for the scope of this blog we assume systems are kept up-to-date with the necessary kernel patches that mitigate such hardware vulnerabilities.
In this blog series, we will explore a solution using gVisor and OpenFaaS to construct a secure serverless compute platform where we can execute untrusted workloads on multi-tenant clusters such as Amazon EKS. We will go through a technical walkthrough that looks at this platform and its different production components.
Next: Part 2 - gVisor Runtime on EKS
In part 2 of this series we will build a platform that can run containers securely on Amazon EKS using gVisor.