80 Search Results

Secure Processors (Part 2): Stronger Guarantees for Security Analyses

Last updated: September 27, 2018

The MIT Sanctum processor addresses shortcomings in Intel® Software Guard Extensions and offers stronger security guarantees. It has a better analysis and a formal verification, and offers a more straightforward and complete threat model.

Intel® Software Guard Extensions Explained

Last updated: September 27, 2018

Get a summary of architectural and microarchitectural details that are necessary for understanding this set of extensions.

Documentation | OpenSGX: An Open Platform for Intel® SGX Research

Last updated: September 27, 2018

OpenSGX emulates Intel® SGX hardware components at the instruction level and provides new system software components necessarily required for full TEE exploration.

An Open Platform for Intel® Software Guard Extensions Research

Last updated: September 27, 2018

Get an overview on research with the OpenSGX platform.

Code Samples: An Open Platform for Intel® Software Guard Extensions Research

Last updated: September 27, 2018

OpenSGX emulates hardware components at the instruction level. It provides new system software components that are required for full trusted execution environment (TEE) exploration.

Establish Mutually Trusted Channels for Remote Sensing Devices

Last updated: September 26, 2018

Remote and unattended sensing devices are rapidly deployed in sensitive environments. Features in trusted execution environments (TEE), such as Intel® Software Guard Extensions, provide trusted mechanisms for data.

Build Critical Applications Using Microservices

Last updated: September 26, 2018

Learn formal methods that ensure the foundation (a microkernel-based system) for critical applications is correct.

A Practical & Secure Index with Intel® Software Guard Extensions

Last updated: September 26, 2018

Software that searches over encrypted data either lacks low-leakage encryption or runs slowly. Learn how to use HardIDX to conduct this search.

Manage Sensitive Data with SecureKeeper

Last updated: September 26, 2018

Cloud computing has trust issues for applications that manage sensitive data. Learn how to use an enhanced version of Apache ZooKeeper* to shield them from untrusted software.

Protect Password Databases Using Trusted Hardware

Last updated: September 26, 2018

A human-chosen password is relatively easy to guess and is frequently reused. Increase security by generating a random salt value for each user, and then concatenate it with the password before hashing.

Mitigate Password Database Breaches

Last updated: September 26, 2018

It is now more feasible to attack hardware by guessing the passwords (even when they are made more secure). Provide stronger protection by adding keys to passwords before they are hashed.

A Case for Protecting Computer Games

Last updated: September 26, 2018

Intel® Software Guard Extensions provides new security guarantees that prevent players from cheating and getting unlicensed copies. 

Isolate Operating System Components

Last updated: September 26, 2018

Intel® Software Guard Extensions was not designed to work in kernel mode. But, Linux* kernel functionality can be wrapped within its enclaves by moving parts to a user space.

Achieve Improved Performance with Exitless Services

Last updated: September 26, 2018

Running I/O-intensive, memory-demanding server applications in enclaves leads to significant performance problems. Resolve the issues with exitless system calls and paging in enclaves.

Run a Trusted Client-Side JavaScript*

Last updated: September 26, 2018

JavaScript* improves the user experience and reduces the server load for web applications but has unreliable confidentiality and integrity. To resolve this issue, use TrustJS to partition the code.

Avoid Leaks & Synchronization Attacks with Enclave-Side Preemption Control

Last updated: September 26, 2018

Vulnerabilities allow untrusted operating systems to extract secret information from enclaves by exploiting concurrency bugs. Learn tactics to overcome this issue.

Use Lightweight Collective Memory to Detect Rollback and Forking Attacks

Last updated: September 26, 2018

Detect integrity and consistency violations with a lightweight protocol that establishes a collective memory among all remote application clients.

A Cloud-Based, Secure Logger for Medical Use

Last updated: September 26, 2018

Learn about a time-synchronized, tamper-evident design that tracks medical device and patient information.

Test Scalable Private Membership Using Trusted Hardware

Last updated: September 26, 2018

Address privacy concerns through a test that circles the entire dictionary through trusted hardware on the cloud server.

Fault Tolerance for a High-Performance Byzantine Replication Protocol

Last updated: September 26, 2018

Replication protocols based on hybrid fault models can tolerate arbitrary faults and reduce costs. But, they are unprepared for fault models in multicore processors. Learn how Hybster can make a hybrid state-machine replication a better option.

Functional Encryption with Intel® Software Guard Extensions

Last updated: September 26, 2018

This powerful cryptographic mechanism lets an authorized entity compute on encrypted data and learn from the results. Leverage this resource with Iron, a practical and usable functional encryption system that's built into the software.

Detect Privileged Side-Channel Attacks in a Shielded Program

Last updated: September 26, 2018

Protect an unprivileged program that runs inside a secure enclave from a privileged attacker with full control of the operating system.

Challenges for Developing Secure Enclaves

Last updated: September 26, 2018

The combination of different vulnerabilities resulted in developing protected-module architectures with a strong isolation. Learn how to write these modules.

A Study of Robust Synchronous Peer-to-Peer Primitives That Use Enclaves

Last updated: September 25, 2018

BitTorrent* and Bitcoin* are susceptible to attacks from byzantine nodes that join as peers. Learn how to protect them with a synchronous network where peer nodes have CPUs equipped with Intel® Software Guard Extensions.

Panoply: Low-TCB Linux* Applications with Intel® SGX Enclaves (Project Site)

Last updated: April 15, 2018

We present a new system called Panoply which bridges the gap between the Intel® Software Guard Extensions (Intel® SGX)-native abstractions and the standard OS abstractions which feature-rich, commodity Linux* applications require.

...

A Practical Library Operating System for Unmodified Applications

Last updated: July 17, 2017

This paper disproves assumptions that unmodified applications can cause poor performance and a larger trusted computing base while running on Intel® Software Guard Extensions.

An Optimized Library Operating System for Intel® Software Guard Extensions

Last updated: May 17, 2017

Revisit the porting approach for a library operating system. The results show that SGXKernel significantly outperforms a library operating system in Intel Software Guard Extensions.

Panoply: Low-Trusted Computing Base (TCB) Linux* Applications with Intel® SGX Enclaves (PDF)

Last updated: February 26, 2017

In this paper, we present a new system called Panoply which bridges the gap between the Intel® Software Guard Extensions (Intel® SGX)-native abstractions and the standard OS abstractions which feature-rich, commodity Linux* applications require...

Secure Linux* Containers Managed By Docker*

Last updated: November 4, 2016

The Secure Linux* Container Environment (SCONE) is a mechanism for Docker* that uses the Intel® Software Guard Extensions trusted execution to protect container processes from outside attacks.

Shield Applications from an Untrusted Cloud

Last updated: October 8, 2014

The Haven prototype provides shielded execution for unmodified legacy applications (such as Microsoft SQL Server* and Apache*) and their data.

Pages