ISLET is a project of Samsung Research that extends confidential computing to user devices. We enable on-device confidential computing for end users by leveraging ARMv9 CCA that is the newly emerging confidential computing hardware on ARM devices.
Using the hardware support, ISLET enables a Trusted Execution Environment (TEE) on user’s devices within which users can securely process, store, communicate and manage their private data. The protection provided by ISLET applies not only to data-at-rest but also to data-in-use even in the presence of malicious privileged software on devices.
We develop components enabling Realm Virtual Machines (VMs), which are secure VM-level TEE provided by ARMv9 CCA. To manage Realm VMs, Realm Management Monitor (RMM) is needed to be running at EL2 in the Realm world. ISLET provides the implementation of RMM that is written in Rust.
- Rust-based Realm Management Monitor
- Confidential Computing API Standardization
- Confidential Machine Learning
We contribute mainly to Islet RMM, Islet SDK.
For more information, please visit our developer site.
- This video shows how ISLET achieves an end-to-end confidential machine learning with a chat-bot scenario.
- This video flows as follows.
- It starts with a slide that describes all components involved in this demo. All components will run on confidential computing platforms.
- (feed an ML model) The model provider feeds the ML model into the ML server. This is done through a secure channel established with the aid of the certifier framework.
- (run a coding assistant) A mobile device user asks a chat-bot application that runs on ISLET for generating a function. And then, that request is passed on to the ML server through a secure channel. Finally, the user can see the result (i.e., function).
- (launch a malicious server) This time, we launch a malicious server to show a failure case. When it attempts to join the certifier service (on the right side of the screen), it will not pass authentication as it results in a different measurement. Therefore, the malicious server cannot interact with the mobile device user in the first place.
- To download this video, click here.