Software Guard Extensions

Intel® Software Guard Extensions SDK for Linux* Availability Update

Whenever I talk with developers about Intel® SGX, one of the first questions asked is ‘When will Linux support be available’?  In the spirit of being open and transparent about our current Intel® SGX SDK development activities, I hope this short blog will answer a few questions that some of you may have.

Intel intends to:

Certificate Requirements for Intel® Attestation Services

Intel Attestation Service (IAS) uses MTLS (Mutual Transport Layer Security) as an authentication mechanism. This means that both server (IAS) and client (Service Provider) must present valid x.509 certificates that can be used for authentication, both signed by a trusted certificate authority. Due to security concerns with previous versions of SSL/TLS protocol, IAS only accepts connections using TLS 1.2 (https://tools.ietf.org/html/rfc5246).

  • Software Guard Extensions
  • Sicherheit
  • How to create Self-Signed Certificates for use with Intel® SGX Remote Attestation using OpenSSL

    Prerequisites:

    If you don’t have OpenSSL installed, an installable version of it is available here:  http://slproweb.com/products/Win32OpenSSL.html.  Choose either 32 or 64 bit depending on your OS. Install OpenSSL using the default settings.

    Create certificates for TLS authentication:

  • Software Guard Extensions
  • Sicherheit
  • 英特尔® 基于硬件的安全技术为生物识别应用带来独特优势第 1 部分

    How Intel® Hardware-based Security Technologies Improve the Security of Biometrics Recognition. Trusted Execution Environment with Intel® Software Guard Extensions. What is TEE? Intel® Software Guard Extensions Technology Overview. How to Harden Biometric Recognition Function by Intel® Software Guard Extensions Technology? Memory Protection Scheme with Virtual Machine Extensions. The Weakness of the Legacy Software-Based Memory Protection. Memory Protection Based on Virtual Machine Extensions. Multiple Factor Authentication with Intel® Identity Protection Technology with One-Time Password
  • Entwickler
  • Android* OS
  • Microsoft Windows* (XP, Vista, 7)
  • Microsoft Windows* 10
  • Microsoft Windows* 8.x
  • Android*
  • Intel® RealSense™ Technologie
  • Windows*
  • Intel® Hardware-based Security
  • Biometrics Recognition
  • Trusted Execution Environment
  • Intel Identity Protection Technology
  • Intel® RealSense™ Technologie
  • Software Guard Extensions
  • Sicherheit
  • Intel SGX: EPID Provisioning and Attestation Services

    One of the critical features of Intel SGX is the ability to attest that an enclave was successfully established on an SGX enabled platform. Our Attestation and Sealing Whitepaper from 2013 on the subject gives a high level overview of the attestation process, however it did not cover how the attestation key was delivered to the platform.

    Intel® SGX Product Licensing

    The Intel® SGX SDK for Windows was recently made available on the Intel Developer Zone site.  The SDK is provided under an evaluation license.  Since the release of the SDK, we’ve received a number of inquiries about getting a production license for Intel® SGX.  While the particulars of the production license agreement are fairly routine, it might be helpful to those that have expressed an interest to get a better sense of the context within which production license requests are considered.

  • Software Guard Extensions
  • Sicherheit
  • The Intel SGX Memory Encryption Engine

    Intel SGX has had to break ground in many areas. One of these was how to protect memory outside of the processor package. At a couple of recent workshops we have presented on the subject so that people could understand the basic concepts behind how we provide Confidentiality and Integrity over the Enclave Page Cache region of memory used in SGX. Intel has now produced a whitepaper to accompany those slides, here's its abstract

    Software Guard Extensions abonnieren