Crossing Shifted Moats: Replacing Old Bridges with New Tunnels to Confidential Containers

Enriquillo Valdez, Salman Ahmed, Zhongshu Gu, Christophe Dinechin, Pau-Chen Cheng and Hani Jamjoom

ACM SIGSAC Conference on Computer and Communications Security (CCS) 2024

Salt Lake City, Utah, Oct 2024

Abstract. The Confidential Containers (CoCo) project, as an open-source community initiative, inherits the system architecture of Kata Containers while integrating confidential computing to protect cloud-native container workloads. However, there exists a misalignment in the threat model and trusted computing base (TCB) between Kata Containers and confidential computing. The shifted trust boundaries could potentially expose a range of vulnerabilities, particularly in scenarios where a malicious actor on the host gains access to the CoCo's unprotected control interface. This paper conducts a thorough examination of CoCo's system architecture, exploring the attack surface resulting from the discord in trust boundaries. We have assessed all API endpoints of CoCo's control interface, categorizing them based on their security properties. Drawing from these insights, we have developed a bifurcation approach to splitting CoCo's control interface. This involves establishing an owner-side controller and minimizing the capabilities of the existing host-side controller. Under this framework, the host-side controller is exclusively responsible for allocating and recycling compute resources, while dedicated workload owners can directly manage their containers through alternative secure tunnels. This approach ensures seamless integration with cloud-native orchestration layers and aligns CoCo with the threat model of confidential computing. By doing so, it effectively prevents untrusted hosts from accessing confidential data and interfering with the execution of workloads within protected domains.

Link. https://dl.acm.org/doi/10.1145/3658644.3670352

Bibtex.

@inproceedings{jamjoom-ccs-2024,
author = {Enriquillo and Valdez and Salman and Ahmed and Zhongshu and Gu and Christophe and Dinechin and Pau-Chen and Cheng and Hani and Jamjoom},
title = {{Crossing Shifted Moats: Replacing Old Bridges with New Tunnels to Confidential Containers}},
booktitle = {ACM SIGSAC Conference on Computer and Communications Security (CCS) 2024},
address = {Salt Lake City, Utah},
month = {Oct},
year = {2024}
}