Users of modern data-processing services such as tax preparation or genomic screening are forced to trust them with data that the users wish to keep secret. Ryoan 1 protects secret data while it is processed by services that the data owner does not trust. Accomplishing this goal in a distributed setting is difficult, because the user has no control over the service providers or the computational platform. Confining code to prevent it from leaking secrets is notoriously difficult, but Ryoan benefits from new hardware and a request-oriented data model. Ryoan provides a distributed sandbox, leveraging hardware enclaves (e.g., Intel’s software guard extensions (SGX) [40]) to protect sandbox instances from potentially malicious computing platforms. The protected sandbox instances confine untrusted data-processing modules to prevent leakage of the user’s input data. Ryoan is designed for a request-oriented data model, where confined modules only process input once and do not persist state about the input. We present the design and prototype implementation of Ryoan and evaluate it on a series of challenging problems including email filtering, health analysis, image processing and machine translation.

中文翻译：

---

龙庵

现代数据处理服务（例如报税或基因组筛查）的用户被迫信任他们希望保密的数据。龙庵1在由数据所有者不信任的服务处理时保护机密数据。在分布式环境中实现这一目标很困难，因为用户无法控制服务提供商或计算平台。众所周知，限制代码以防止其泄露机密非常困难，但 Ryoan 受益于新硬件和面向请求的数据模型。Ryoan 提供了一个分布式沙箱，利用硬件飞地（例如，英特尔的软件保护扩展（SGX）[40]）来保护沙箱实例免受潜在的恶意计算平台的影响。受保护的沙箱实例限制了不受信任的数据处理模块，以防止用户输入数据的泄漏。Ryoan 是为面向请求的数据模型而设计的，其中受限的模块只处理一次输入，并且不会持久化输入的状态。