TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Lobsters — security tag

Mind the Gap - Where TEE Attestations Fall Short and Why Do TEEs Need Proof of Cloud | Flashbots Writings

writings.flashbots.net via badcryptobitch · 5 days ago · Read original ↗

ATT&CK techniques detected

5 predictions
T1195Supply Chain Compromise
41%
“inventory monitoring and revocation processes, but the security guarantee ultimately depends on operational discipline. # the trust supply chain problemthe problem deepens when you trace the full infrastructure supply chain. cloud computing is not a monolithic service. it is a co…”
T1190Exploit Public-Facing Application
40%
“on virtual machine ( vm ) images. during this migration to the cloud, remote attestations ( ras ) have remained largely unchanged. ras let a verifier confirm what code is running : the firmware version, the guest kernel, the vm image. they root the authenticity of this informatio…”
T1199Trusted Relationship
35%
“provider. dcea includes an evidence about the integrity of the software layers between the hardware and your workload, but is more challenging to deploy. they represent the current state of the art in making " proof of cloud " a deployable reality. however, we must also recognize…”
T1190Exploit Public-Facing Application
31%
“- channel attacks — can be partially mitigated by hardening the cvm workload itself, for example through oblivious memory access patterns. however, this is workload - specific and does not generalize. ) a standard tee attestation tells the searcher that the cvm it is uploading it…”
T1525Implant Internal Image
31%
“data center hardware. the threat model assumes the host software stack ( os, hypervisor, vtpm ) is adversarial, but cpu / tpm hardware roots and their supply chains are trusted for attestation evidence, while broader supply - chain guarantees remain out of scope. the cloud provid…”

Summary

Comments