As an essential technology underpinning trusted computing, the trusted execution environment (TEE) allows one to launch computation tasks on both on- and off-premises data while assuring confidentiality and integrity. This article provides a systematic review and comparison of TEE-based secure computation protocols. We first propose a taxonomy that classifies secure computation protocols into three major categories, namely secure outsourced computation, secure distributed computation and secure multi-party computation. To enable a fair comparison of these protocols, we also present comprehensive assessment criteria with respect to four aspects: setting, methodology, security and performance. Based on these criteria, we review, discuss and compare the state-of-the-art TEE-based secure computation protocols for both general-purpose computation functions and special-purpose ones, such as privacy-preserving machine learning and encrypted database queries. To the best of our knowledge, this article is the first survey to review TEE-based secure computation protocols and the comprehensive comparison can serve as a guideline for selecting suitable protocols for deployment in practice. Finally, we also discuss several future research directions and challenges.

翻译：作为支撑可信计算的关键技术，可信执行环境（TEE）允许用户在本地及远程数据上启动计算任务，同时确保数据的机密性与完整性。本文对基于TEE的安全计算协议进行了系统性综述与比较。我们首先提出一种分类体系，将安全计算协议划分为三大类：安全外包计算、安全分布式计算与安全多方计算。为实现对这些协议的公平比较，我们进一步从设置、方法论、安全性与性能四个维度提出了综合评估标准。基于这些标准，我们回顾、讨论并比较了面向通用计算函数与专用计算函数（如隐私保护机器学习与加密数据库查询）的现有最佳TEE安全计算协议。据我们所知，本文是首个对TEE安全计算协议进行全面综述的研究，其综合比较结果可作为实践中选择合适部署协议的指南。最后，我们还探讨了若干未来研究方向与挑战。