Extending the Remote Attestation capabilities of the Enarx framework

Recently, the Cloud Computing paradigm has significantly spread thanks to high-speed Internet connections, the standardization of digital technology and the wide adoption of mobile devices. The increasing usage of third-party cloud infrastructures poses considerable challenges in maintaining sensitive data confidential and processes trustworthy. As a result, several privacy-enhancing technologies have been developed, among which Confidential Computing aims to guarantee data protection in use. Among the various solutions proposed by Confidential Computing, Trusted Execution Environments (TEEs) succeed, offering a secure area where data and code can be securely processed and stored. Various TEE technologies from different vendors and with their specific implementations are now available. This makes trusted application development difficult for developers, requiring them to write and compile the application for each TEE supported. This thesis focuses specifically on the Enarx framework, an open-source and TEE-agnostic solution that adds an abstraction layer on top of the TEE technologies, permitting the development of applications unaware of which TEE will run. Enarx permits the deployment of workloads to various TEE instances in the public cloud, being CPU-architecture independent and guaranteeing the security of applications from cloud providers. Taking advantage of a WebAssembly runtime, Enarx can run workloads compiled from different programming languages (C, C++, Rust, Python, and others). The Enarx logic is loaded inside a TEE instance as a trusted application but needs to be attested before running a workload on it. To do so, Enarx leans on a remote attestation service which assesses the hardware's trustworthiness. Despite the attestation of the platform and the Enarx components, the chosen workload could be forged by a malicious software component running on the cloud provider machine. Therefore, the primary objective of this thesis is to propose an extension where Enarx is capable of signing the workload and verifying the signature before carrying on the deployment of the workload. To do so, a specific attestation service should be set up to corroborate the signature and give a response back to Enarx. Moreover, the next objective is to integrate the extended Enarx framework with the Trust Monitor system. The proposed extension to the Enarx framework is described along with validation and tests to evaluate the performance of the Enarx framework before and after the extension presented.