Trusted Execution Environments

Trusted Execution Environments(TEE) are a promising technology to enhance securely processing information in otherwise untrusted environments. TEE’s are becoming a commonplace addition to the CPU instruction set of most server architectures. They represent an important advancement in the use of hardware to protect code and data, allowing us to secure the execution of certain programs or processes.

They are used to create secure Enclaves which provide important hardware-based security promises including:

Confidentiality: all the memory values are encrypted

Execution Integrity: no one can corrupt the correctness of the execution even if they control the operating system and the physical computer

Remote Attestation: users can remotely verify the hardware and the software running inside the secure enclave