The present disclosure is generally related to distributed computing systems, and is more specifically related to implementing trusted clients using secure execution environments.
Distributed computing systems may be utilized for performing digital content distribution, implement online gaming systems, manage Internet of Things (IoT) devices, etc. A distributed computing system may include one or more servers communicating, via public and/or private networks, to multiple client computing devices.
The present disclosure is illustrated by way of examples, and not by way of limitation, and may be more fully understood with references to the following detailed description when considered in connection with the figures, in which:
Described herein are methods and systems for implementing trusted clients using secure execution environments.
A distributed computing system may include one or more servers communicating, via public and/or private networks, to multiple client computing devices. Examples of such systems include digital content distribution systems, software distribution systems, distributed gaming systems, Internet of Things (IoT) systems, etc. Most often, the client computing devices are controlled by end users and/or third parties, and thus the party controlling the server(s) may not be able to exercise full control over the client computing devices. Therefore, a malicious end user or a third party may tamper with the software running on a client computing device and/or with the digital content received or transmitted by the client computing device. Accordingly, the client computing devices are typically treated as untrusted systems which places additional processing burden on the server(s) and/or imposes more stringent requirements to the communication channels over which the server(s) and the client computing devices communicate.
The present disclosure alleviates these and other deficiencies of various common implementations by employing trusted execution environments for implementing trusted clients. “Secure execution environment” herein refers to a hardware platform architecture or implementation that is capable of implementing an isolated execution environment providing integrity of the applications executing therein and confidentiality of their data. Accordingly, in various implementations of the present disclosure, the client computing devices may run secure execution environments that are attestable by the server, such that the server may authenticate the client platform and/or code running on the client platform.
In various illustrative examples, trusted clients implemented in accordance with aspects of the present disclosure may be employed by digital content distribution systems, software distribution systems, distributed gaming systems, Internet of Things (IoT) systems, etc. Accordingly, client applications that are executed in the secure execution environments may act as content distribution proxies with respect to peer client computing devices, as trusted game client devices, as trusted IoT devices, etc.
In an illustrative example, a client computing device running a secure execution environment may act as a digital content playback device or a game client device, and may further act as a content distribution proxy with respect to peer client computing devices, by receiving from the content distribution server and locally storing the digital content (e.g., executable files or audiovisual files or streams) that may later be accessed by one or more peer client computing devices (e.g., peer client computing devices that share a local area network with the client computing device acting as the content distribution proxy), as described in more detail herein below.
In another illustrative example, the secure execution environment implemented by a client computing device (e.g., a game client device) may be utilized by the game server to run executable code implementing at least part of the game functionality, which, by virtue of running in a secure execution environment, would be protected from being tampered with by the party having physical possession of the client computing device and/or by a third party. The ability to run a trusted executable code on the game client device may allow running interactive gaming sessions using high-latency and/or low bandwidth communication channels, which would not be adequate for conventional gaming implementations employing untrusted client computing devices, as described in more detail herein below.
In yet another illustrative example, the client computing device may be an IoT device (e.g., a video stream capturing device) which runs, in a secure execution environment, a trusted code utilized for pre-processing of the data acquired by the IoT device (e.g., audiovisual streams) before transmitting the transformed data to a server, thus relieving the latency and/or bandwidth requirements to the communication channel utilized for the transmission. The pre-processing may involve audiovisual stream compression, pattern recognition, motion detection, and/or various other functions, as described in more detail herein below.
Various aspects of the methods and systems are described herein by way of examples, rather than by way of limitation. The methods described herein may be implemented by hardware (e.g., general purpose and/or specialized processing devices, and/or other devices and associated circuitry), software (e.g., instructions executable by a processing device), or a combination thereof.
Each client computing device 120 may implement a respective secure execution environment 130. In an illustrative example, the secure execution environment 130 may be implemented by Intel® Software Guard Extensions (SGX) secure enclave, which is a private region of encrypted memory, the contents of which would only be decrypted for access by the process running within the enclave. In another illustrative example, the secure execution environment 130 may be implemented by a virtual machine running in the Intel® Trust Domain Extension (TDX) environment. In another illustrative example, the secure execution environment 130 may be implemented by the AMD® Secure Encrypted Virtualization (SEV), which encrypts the memory state of each virtual machine using a respective encryption key inaccessible by other virtual machines. Various other secure execution environment implementations for the above-referenced and/or other processor architectures may be compatible with the systems and methods of the present disclosure.
A secure execution environment, such as the secure execution environment 130A, may be utilized for running one or more client applications, such as the client application 140A. In various illustrative examples, the client application 140A may act as an audiovisual content playback client, game client, IoT sensor (e.g., performing audiovisual stream acquisition and preprocessing), and/or may perform various other functions.
In some implementations, at least part of the executable code of a client application 140 may be received from the server 110 and/or from a peer client computing device. Furthermore, at least part of the executable code of a client application 140 may be pre-installed on a client computing device 120.
The server 110 may request attestation of the client application 140 running within the secure execution environment 130. “Attestation” herein refers to a platform-specific mechanism of proving the identity of a computing process running within a secure execution environment, as well as proving that the computing process has not been tampered with and is running on a secure hardware platform. Furthermore, the server 110 may request a pre-execution measurement of the client application 140 and/or a measurement of one or more data items 145 to be utilized by the client application 140. The measurement may be performed by computing a cryptographic hash of the executable images of the client application 140 and data items 145 and/or by cryptographically signing the executable images and data items. Responsive to successfully completing the attestation and measurement procedures with respect to the client application 140 running within the secure execution environment 130, the server 110 may consider the client application 140 as a trusted code suitable for implementing various use cases, as described in more detail herein below.
In an illustrative example, the systems and methods of the present disclosure may be employed for audiovisual content distribution, software distribution, and gaming content distribution. As schematically illustrated by
In some implementations, the client computing device 220N may in turn implement the content distribution proxy functionality with respect to other peer client computing devices 220. In the illustrative example of
In another illustrative example, the systems and methods of the present disclosure may be employed for implementing trusted game clients. As schematically illustrated by
Responsive to successfully completing the attestation and measurement procedures with respect to the game client application 340 running within the secure execution environment 330, the server 330 may send to and/or receive from the game client application 340 confidential data items reflecting the updates of the game server state and the game client state. For example, responsive to receiving a user interface input (e.g., via one or more joysticks of the gaming console), the client computing device 320 may accordingly update its internal state, and may transmit, to the game server 330, one or more client state messages 350 comprising at least part of the updated game client state. The game server 330, responsive to receiving the updated game client state, may accordingly update its internal state, and may transmit, to the game client device 320, one or more game control messages 360 reflecting the updated game server state.
In some implementations, the game client device 320 may further act as a game content distribution proxy with respect to one or more peer client computing devices (not shown in
In yet another illustrative example, the systems and methods of the present disclosure may be employed for implementing trusted IoT clients. As schematically illustrated by
Responsive to successfully completing the attestation and measurement procedures with respect to the IoT client application 440 running within the secure execution environment 430, the IoT server 440 may send confidential data to the IoT client application 440, e.g., the control and configuration data 470 for one or more IoT client computing devices 420.
In some implementations, the IoT client application 440 may be employed for pre-processing of the sensor data (e.g., a video stream) acquired by the sensor 450 (e.g., a video camera). The pre-processing may involve video stream compression, pattern recognition, motion detection, and/or various other functions. The transformed sensor data (e.g., transformed video stream) 460 may be transmitted to the IoT server 410.
In some implementations, the IoT device 420 may further act as a content distribution proxy with respect to one or more peer IoT devices, by serving to the peer IoT devices the executable code and/or configuration data that have been previously received by the IoT device from the IoT server 410, as described in more detail herein above with references to
At block 510, the computing system implementing the content distribution server receives a measurement from an application running in a secure execution environment implemented by a client computing device. In various illustrative examples, the client computing device may be a portable communication device (such as a smartphone), a general purpose computing device (such as a personal computer), a specialized computing device (such as a gaming console), or any other suitable computing device. The measure computed by the secure execution environment may reflect a pre-execution measurement of one or more computing processes residing in the secure execution environment and implementing the application and/or a measurement of one or more data items to be utilized by those computing processes. The measurement may be performed by computing a cryptographic hash of the executable images of the computing processes and the data items and/or by cryptographically signing the executable images and data items.
Responsive to successfully validating the measurement at block 520, the computing system transmits, at block 530, a first confidential data item to the application running in the secure execution environment. In an illustrative example, the first confidential data item may contain an audiovisual content item. In another illustrative example, the first confidential data item may contain an executable code to be run by the client computing device. In yet another illustrative example, the first confidential data item may contain a configuration message and/or control message issued by the server to the client computing device. In yet another illustrative example, the first confidential data item may contain at least part of a state of a game session, as described in more detail herein above.
At block 540, the computing system causes the application running in the secure execution environment to forward, to a peer client computing device, the first confidential data item and/or a second confidential data item derived from the first confidential data item. In an illustrative example, the client computing device may implement a content distribution proxy with respect to peer client computing devices. In some implementations, each digital content item and/or executable code item transmitted by the server to the client computing device may have metadata indicating whether the content item may be forwarded to peer client computing devices. In some implementations, the client computing device may forward the received confidential data items to one or more peer client computing device. In other implementations, the client computing device may transform the received confidential data items and forward the transformed confidential data items to the peer client computing devices. Transforming the confidential data items may involve performing data compression, encoding, decoding, splitting a data item into two or more data items, combining two or more data items into a single data item, and/or performing various other data transformation operations. Responsive to completing the operation of block 540, the method terminates.
At block 610, the computing system implementing the game server receives a measurement from a game client application running in a secure execution environment implemented by a client computing device. In various illustrative examples, the client computing device may be a portable communication device (such as a smartphone), a general purpose computing device (such as a personal computer), a specialized computing device (such as a gaming console), or any other suitable computing device. The measure computed by the secure execution environment may reflect a pre-execution measurement of one or more computing processes residing in the secure execution environment and implementing the game client application and/or a measurement of one or more data items to be utilized by those computing processes. The measurement may be performed by computing a cryptographic hash of the executable images of the computing processes and the data items and/or by cryptographically signing the executable images and data items.
Responsive to successfully validating the measurement at block 620, the computing system transmits, at block 630, a first confidential data item to the game client application running in the secure execution environment. In an illustrative example, the first confidential data item may contain an audiovisual content item to be utilized by the game client application. In another illustrative example, the first confidential data item may contain an executable code to be run by the client computing device. In yet another illustrative example, the first confidential data item may contain a configuration message and/or control message issued by the game server to the game client application. In yet another illustrative example, the first confidential data item may contain at least part of a state of a game session, as described in more detail herein above.
At block 640, the computing system receives, from the game client application, a second confidential data item derived from a local state of the client application modified by the first confidential data item. In an illustrative example, responsive to receiving the first confidential data item (e.g., containing a configuration message and/or control message issued by the game server to the game client application), the game client application modifies its local state (e.g., by updating the local configuration based on the configuration message specifying values of one or more configuration parameters, and/or by performing one or more actions specified by the control message). The game client further derives the second confidential data item from the modified local state, and transmits the second confidential data item back to the game server. In an illustrative example, the second confidential data item may contain at least part of a state of a game session, e.g., values of one or more parameters of the game session which have been modified in response to receiving the configuration message from the game server and/or in response to receiving one or more user interface inputs, e.g., via one or more joysticks of the gaming console. Responsive to receiving a user interface input, the client computing device may accordingly update its local state, and may transmit, to the game server, one or more confidential data items comprising at least part of the updated game client state.
At block 650, the computing system updates the server state based on the second confidential data item receives from the game client application. In an illustrative example, the game session state maintained by the server may be updated to reflect the user interface inputs that have been encoded by one or more confidential data items received from the game client at block 640. Responsive to completing the operation of block 650, the method terminates.
In a further aspect, the computer system 1000 may include a processing device 1002, a volatile memory 1004 (e.g., random access memory (RAM)), a non-volatile memory 1009 (e.g., read-only memory (ROM) or electrically-erasable programmable ROM (EEPROM)), and a data storage device 1016, which may communicate with each other via a bus 1008.
Processing device 1002 may be provided by one or more processors such as a general purpose processor (such as, for example, a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a microprocessor implementing other types of instruction sets, or a microprocessor implementing a combination of types of instruction sets) or a specialized processor (such as, for example, an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), or a network processor).
Computer system 1000 may further include a network interface device 1022. Computer system 1000 also may include a video display unit 1010 (e.g., an LCD), an alphanumeric input device 1012 (e.g., a keyboard), a cursor control device 1014 (e.g., a mouse), and a signal generation device 1020.
Data storage device 1016 may include a non-transitory computer-readable storage medium 1024 on which may store instructions 1026 encoding any one or more of the methods or functions described herein, including instructions for implementing method 500 of digital content distribution using a trusted client application running in a secure execution environment and/or method 600 of implementing a trusted game client by a secure execution environment, in accordance with aspects of the present disclosure.
Instructions 1026 may also reside, completely or partially, within volatile memory 1004 and/or within processing device 1002 during execution thereof by computer system 1000, hence, volatile memory 1004 and processing device 1002 may also constitute machine-readable storage media.
While computer-readable storage medium 1024 is shown in the illustrative examples as a single medium, the term “computer-readable storage medium” shall include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of executable instructions. The term “computer-readable storage medium” shall also include any tangible medium that is capable of storing or encoding a set of instructions for execution by a computer that cause the computer to perform any one or more of the methods described herein. The term “computer-readable storage medium” shall include, but not be limited to, solid-state memories, optical media, and magnetic media.
Other computer system designs and configurations may also be suitable to implement the system and methods described herein. The following examples illustrate various implementations in accordance with one or more aspects of the present disclosure.
The methods, components, and features described herein may be implemented by discrete hardware components or may be integrated in the functionality of other hardware components such as ASICS, FPGAs, DSPs or similar devices. In addition, the methods, components, and features may be implemented by firmware modules or functional circuitry within hardware devices. Further, the methods, components, and features may be implemented in any combination of hardware devices and software components, or only in software.
Unless specifically stated otherwise, terms such as “updating”, “identifying”, “determining”, “sending”, “assigning”, or the like, refer to actions and processes performed or implemented by computer systems that manipulates and transforms data represented as physical (electronic) quantities within the computer system registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices.
Examples described herein also relate to an apparatus for performing the methods described herein. This apparatus may be specially constructed for performing the methods described herein, or it may comprise a general purpose computer system selectively programmed by a computer program stored in the computer system. Such a computer program may be stored in a computer-readable tangible storage medium.
The methods and illustrative examples described herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used in accordance with the teachings described herein, or it may prove convenient to construct more specialized apparatus to perform methods 400, 500 and/or each of their individual functions, routines, subroutines, or operations. Examples of the structure for a variety of these systems are set forth in the description above.
The above description is intended to be illustrative, and not restrictive. Although the present disclosure has been described with references to specific illustrative examples and implementations, it will be recognized that the present disclosure is not limited to the examples and implementations described. The scope of the disclosure should be determined with reference to the following claims, along with the full scope of equivalents to which the claims are entitled.