Publish/subscribe systems play a key role in enabling communication between numerous devices in distributed and large-scale architectures. While widely adopted, securing such systems often trades portability for additional integrity and attestation guarantees. Trusted Execution Environments (TEEs) offer a potential solution with enclaves to enhance security and trust. However, application development for TEEs is complex, and many existing solutions are tied to specific TEE architectures, limiting adaptability. Current communication protocols also inadequately manage attestation proofs or expose essential attestation information. This paper introduces a novel approach using WebAssembly to address these issues, a key enabling technology nowadays capturing academia and industry attention. We present the design of a portable and fully attested publish/subscribe middleware system as a holistic approach for trustworthy and distributed communication between various systems. Based on this proposal, we have implemented and evaluated in-depth a fully-fledged publish/subscribe broker running within Intel SGX, compiled in WebAssembly, and built on top of industry-battled frameworks and standards, i.e., MQTT and TLS protocols. Our extended TLS protocol preserves the privacy of attestation information, among other benefits. Our experimental results showcase most overheads, revealing a 1.55x decrease in message throughput when using a trusted broker. We open-source the contributions of this work to the research community to facilitate experimental reproducibility.

翻译：发布/订阅系统在分布式和大规模架构中实现众多设备间的通信方面发挥着关键作用。尽管被广泛采用，但此类系统的安全性往往以牺牲可移植性为代价来换取额外的完整性和认证保证。可信执行环境（TEEs）通过飞地技术提供了一种增强安全性和信任的潜在解决方案。然而，针对TEE的应用程序开发较为复杂，且许多现有解决方案依赖于特定的TEE架构，限制了其适应性。当前的通信协议在管理认证证明或暴露关键认证信息方面也存在不足。本文提出了一种利用WebAssembly解决这些问题的新方法，WebAssembly是当前备受学术界和工业界关注的关键使能技术。我们设计了一个可移植且完全认证的发布/订阅中间件系统，作为实现不同系统间可信分布式通信的整体化方案。基于这一方案，我们在Intel SGX内实现并深入评估了一个完整的发布/订阅代理，该代理通过WebAssembly编译，并构建于经过行业验证的框架和标准（即MQTT和TLS协议）之上。我们扩展的TLS协议保护了认证信息的隐私性，并带来了其他优势。实验结果表明，使用可信代理时消息吞吐量下降了1.55倍，大多数开销处于可接受范围。我们将本研究的工作开源给学术界，以促进实验的可复现性。