EnCloak: Protecting Sensitive Data in Remote Computing Using Trusted Execution Environments

Offloading computing jobs to untrusted clouds poses significant risks to sensitive data processed in those jobs. We present EnCloak, a Trusted Execution Environment (TEE)–based framework that protects the confidentiality and integrity of sensitive data in Java programs executed in untrusted clouds. EnCloak combines bidirectional taint analysis, which identifies sensitive statements in the program, and a code transformation scheme, which compiles these sensitive statements into Enclave Instructions (EIs) for safe execution inside TEE enclaves, thereby protecting sensitive variables and their intermediate states during the program execution. We implemented a prototype system based on the design of EnCloak and evaluated it on both CPU-intensive and big-data computing jobs. Our results showed that EnCloak provides end-to-end sensitive data protection with reasonable performance overhead. The technique of EnCloak, including the sensitive statement identification and EI design, are language-agnostic and TEE-agnostic, which lays a foundation to design a sensitive data protection system for cloud applications implemented in other languages or executed on remote environments that support different TEE implementations.