The Viability of Using Trusted Execution Environments to Protect Data in Node-RED : A study on using AMD-SEV and Intel SGX to protect sensitive data when Node-RED is deployed on the cloud.

Abstract: The Internet of Things (IoT) consists of a network of physical devices that are connected over the internet for the purpose of exchanging data with other devices and systems. IoT platforms, such as Node-RED, have been introduced in recent times to facilitate communication between different IoT devices. Hosting Node-RED on a cloud service provider might result in the confidentiality of sensitive data on Node-RED being violated by malicious attackers, since users are forced to entrust their sensitive data with the cloud service providers. Using trusted execution environments, such as AMD-SEV and Intel SGX, can mitigate several potential attacks from exposing sensitive information in Node-RED. This thesis investigates if AMD-SEV and Intel SGX are viable options to protect sensitive data in Node-RED when hosted on a cloud service provider. The work in this thesis investigates difficulties encountered when deploying Node-RED on AMD-SEV and Intel SGX, from a usability perspective. Usability is measured by running Node-RED in AMDSEV and Intel SGX, and then recording the complexity of the process. Several performance tests are conducted to measure the performance overhead of Node-RED caused by AMD-SEV. A literature review is also conducted to investigate potential vulnerabilities in AMD-SEV and Intel SGX that could undermine the security of user’s data in Node-RED. The results from this thesis finds that AMD-SEV is a viable option to protect sensitive data in Node-RED when hosted on a cloud service provider. Deploying Node-RED on AMD-SEV is found to be a relatively simple process from a usability perspective. There are some noticeable performance overhead with regards to CPU utilization and TCP throughput, but all other metrics show marginal performance overhead. The potential vulnerabilities in AMD-SEV are not found to be significant enough to make AMD-SEV unviable. The thesis finds Intel SGX to be an unviable solution primarily due to usability. The process of running Node-RED in an Intel SGX enclave is extremely complex and the results show that for most users of Node-RED, this is not viable. The security vulnerabilities found from the literature review, are not significant enough to make Intel SGX an unviable option to protect sensitive user data inNode-RED.