Last November I attended The 5th International Symposium on Cyberspace Safety and Security (CSS 2013), November 13-15, 2013 in Zhangjiajie, China and presented Towards an Open Framework Leveraging a Trusted Execution Environment in one of the technical sessions (TrustData’13).
The CSS is an international conference where the academia and the industry come together with the goal of addressing challenges related to Cyberspace, Safety and Security. (http://trust.csu.edu.cn/conference/css2013/).
The work we presented in TrustData is a first step towards a prototype for the Trusted Cells, a decentralized data platform based on trusted execution environments embedded on personal data devices (set top boxes, smart phones or smart meters) at the edges of the Internet. We presented a combination of commercially available hardware and open software to provide the trusted execution environment in which the Trusted Cells are grounded. The basic idea is separating the execution environment into two worlds: Rich and Secure. Rich supports the execution of high-performance task, necessary for enabling innovative services involving the integration, aggregation and mining of big volumes of data. Secure, on the other hand, leverages a higher level of security (down to the hardware), assuring sensitive data confidentiality.
At the moment we are building on top of this framework in order to create a working prototype for the Trusted Cells. This involves defining the right abstractions between Rich and Secure, integrating the execution model with storage systems, and exploring how to use all together to enforce privacy policies over sensitive data.