面向隐私计算的可信执行环境综述  

作　　者：张涵 于航 周继威 白云开 赵路坦 ZHANG Han;YU Hang;ZHOU Jiwei;BAI Yunkai;ZHAO Lutan(Longyuan(Beijing)New Energy Engineering Technology Company Limited,Beijing 100081,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100085,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China)

机构地区：[1]龙源(北京)新能源工程技术有限公司,北京100081 [2]中国科学院信息工程研究所,北京100085 [3]中国科学院大学网络空间安全学院,北京100049

出　　处：《计算机应用》2025年第2期467-481,共15页journal of Computer Applications

基　　金：国家重点研发计划项目(2023YFB4503200)。

摘　　要：随着云计算和大数据的普及,越来越多的用户隐私数据被上传到云端计算和处理;然而,由于隐私数据交由不可信的第三方存储和管理,因此面临被泄露的风险,进而导致公民的生命和财产安全乃至国家的安全都受到不利影响。近年来,一些基于密码学算法的隐私计算技术,例如安全多方计算、同态加密(HE)和联邦学习等,解决了隐私数据传输和计算过程中的安全问题,进而实现了隐私数据的“可用不可见”;然而,这些方案由于计算和通信复杂度的原因没能得到广泛部署和应用。许多研究工作致力于利用可信执行环境(TEE)降低隐私计算技术的计算量和通信复杂度,同时保证不影响这些技术的安全性。TEE通过硬件辅助创建可以信赖的执行环境,并保证其中隐私数据和代码的机密性、完整性和可用性。因此,从隐私计算和TEE结合的研究入手。首先,全面分析TEE保护用户隐私数据的系统架构和硬件支持;其次,对比现有TEE架构各自的优势和不足;最后,结合工业界和学术界的最新进展,探讨隐私计算和TEE交叉研究领域的未来发展方向。With the popularization of cloud computing and big data,increasing user privacy data was updated for cloud computing and processing.However,as privacy data was stored and managed by untrusted third parties,user private data faces the risk of privacy leakage,thereby affecting the safety of citizens'lives and property,and even national security.In recent years,several privacy preserving techniques based on cryptographic algorithms,such as secure multi-party computation,Homomorphic Encryption(HE),and federated learning,solve the security issues in the transmission and computation process of private data,thereby achieving“usable but invisible”of private data.However,these schemes have not been widely deployed and applied due to their computational and communication complexity.At the same time,much research devotes to use Trusted Execution Environment(TEE)to reduce the computational and communication complexity of privacy preserving techniques while ensuring security of these techniques.TEEs create execution environments that can be trusted with hardware assistance,and ensure the confidentiality,integrity,and availability of privacy data and code in the environment.Therefore,start from the research combining privacy computing and TEEs,the review was performed.Firstly,the system architecture and hardware support of TEEs to protect the user data privacy were analyzed comprehensively.Then,the advantages and disadvantages of the existing TEE architectures were compared.Finally,combined with the latest developments in industry and academia,the future development trends of the cross-research field of privacy computing and TEEs were discussed.

关 键 词：隐私计算 可信执行环境 云计算 机密性 完整性 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]