Arca: A Lightweight Confidential Container Architecture for Cloud-Native Environments
Di Lu, Mengna Sun, Qingwen Zhang, Yujia Liu, Jia Zhang, Xuewen Dong, Yulong Shen, Jianfeng Ma
TL;DR
Arca addresses the security and performance limitations of Container-in-TEE designs by proposing a TEE-in-Container architecture where each container runs its own hardware-protected TEE. The approach confines the trusted computing base to the security-critical workload, while orchestration, management, and I/O remain outside the TEE, enabling lightweight, auditable, and scalable confidentiality for cloud-native workloads. The authors implement Arca on Intel SGX, Intel TDX, and AMD SEV, and show through micro-benchmarks and system-level tests that Arca achieves near-native performance and often outperforms CoCo, with improved verifiability and resilience to host compromise. The work demonstrates that strong runtime confidentiality can be achieved without enlarging the TCB, preserving container ecosystem compatibility, and enabling practical confidential computing across heterogeneous TEEs.
Abstract
Confidential containers protect cloud-native workloads using trusted execution environments (TEEs). However, existing Container-in-TEE designs (e.g., Confidential Containers (CoCo)) encapsulate the entire runtime within the TEE, inflating the trusted computing base (TCB) and introducing redundant components and cross-layer overhead. We present Arca, a lightweight confidential container framework based on a TEE-in-Container architecture that isolates each workload in an independent, hardware-enforced trust domain while keeping orchestration logic outside the TEE. This design minimizes inter-layer dependencies, confines compromise to per-container boundaries, and restores the TEE's minimal trust principle. We implemented Arca on Intel SGX, Intel TDX, and AMD SEV. Experimental results show that Arca achieves near-native performance and outperforms CoCo in most benchmarks, while the reduced TCB significantly improves verifiability and resilience against host-level compromise. Arca emonstrates that efficient container management and strong runtime confidentiality can be achieved without sacrificing security assurance.
