CERTIFY at NeCS PhD School

We are happy to announce that CERTIFY contributed to this year’s edition of the European Network for Cybersecurity (NeCS) PhD School from 6th to 10th Feb 2023. The school was launched six years ago, in response to the increasing need of highly qualified experts in cyber-security. The School addresses the issues of training and development of talented junior researchers, as indicated in the European Cybersecurity strategy and highlighted in the EC's Digital Agenda.

Luigi Romano from TrustUp gave a lecture titled: “Hardware-assisted Trusted Computing: State of The Art and Emerging Use Cases”. In the lecture, he explained that even the most secure algorithm is vulnerable, if the computing environment where it is executed is not adequately protected and he presented the solutions which are being developed in CERTIFY to provide such protection. In particular, he focused on CERTIFY protection mechanisms for data “in use” (i.e. when it is loaded in the RAM or in the CPU for executing a computation) based on Trusted Execution Environment (TEE) technology.

It is worth emphasizing that - while protection of data in transfer and at rest is relatively easy to achieve - protection of data in use is still, to a large extent, an open issue. The challenge here is that data must be also protected from attacks by privileged users (e.g. system administrators or cloud providers) and software (e.g. the operating system or the hypervisor). Protection of data in use is a number one priority in security research, since it the enabling factor of a number of business opportunities. Suffice to say that there is a huge business case around Cloud Computing. The Cloud Security Alliance report lists the top threats to cloud security and one of these is the insider threat, which  is a major obstacle to the real adoption of the cloud computing paradigm. Same applies to the IoT domain, where a higher level of trust would unleash the potential of a number of application domains (e.g. new generation Industrial Control Systems). The talk introduced the basic concepts of hardware-assisted security and gave an overview of the current State of The Art of CPU support for Trusted Execution Environment technology. Then, CERTIFY use cases were presented, where TEE technology is used to effectively improve security in real world setups.