Результаты поиска: 200

Уточнить по

    Результаты для:

Intel® Software Guard Extensions

Последнее обновление: 25 июня 2019 г.Общая продолжительность: 20 мин

Intel® Software Guard Extensions

Последнее обновление: 25 июня 2019 г.Общая продолжительность: 20 мин

Узнайте, как использовать команды Intel® Software Guard Extensions для создания более безопасных приложений.

Videos in Series:

Code Sample: Gateway Key Provisioning and Secure Signing using Intel® Software Guard Extensions

Опубликовано: 21 июня 2019 г.

This application demonstrates the use of Intel® SGX to protect the private key of an asymmetric ECC 256 key pair.

AI & Security Innovations Help Developers Preserve Privacy While Delivering Insight

Опубликовано: 18 июня 2019 г.Автор: Jim Gordon

Homomorphic encryption opens up new possibilities by enabling computer calculations on encrypted information without decrypting it.

Getting Started with Intel® Software Guard Extensions (Intel® SGX) on the Intel VCA Card

Опубликовано: 7 июня 2019 г.Автор: John M.

This guide steps through the process of setting up the Intel SGX Card

Ecosystem Support for EEA* Trusted Compute Specification v1.0 Improves Blockchain Privacy and Scalability

Опубликовано: 13 мая 2019 г.Автор: Michael Reed

Developers can use the EEA* Trusted Compute Spec v1.0 to extend blockchain computational trust to off-chain compute capacity.

Secure Enterprise Blockchains (Infographic)

Последнее обновление: 8 мая 2019 г.

An infographic-based description of how Intel® Software Guard Extensions (Intel® SGX) could be implemented to improve the privacy, security, and scalability of enterprise blockchains.

Learn How to Protect Your Sensitive Data: Presentation

Последнее обновление: 8 мая 2019 г.

A self-paced webinar that will explain the constructs of an Intel® SGX application. You will become familiar with the structure of an Intel SGX application, what protections are offered for application components, and design considerations. This webinar also includes a demonstration that creates an actual application project.

Intel® Software Guard Extensions and the Development Flow: Infographic

Последнее обновление: 8 мая 2019 г.

Intel® Software Guard Extensions (Intel® SGX) at a glance. Check out a one-stop primer that will explain what Intel SGX can be used for, how it works, and a handy reference for application development.

Virtualizing Intel® Software Guard Extensions with KVM and QEMU

Опубликовано: 8 мая 2019 г.Автор: John M.

Use the Linux* kernel KVM virtualization module and the QEMU* VMM to virtualize Intel® SGX, then create a VM with access to Intel SGX in the guest OS.

Intel Integrated Performance Primitives in Intel® SGX Applications

Последнее обновление: 26 апреля 2019 г.

The Intel® Software Guard Extensions (Intel® SGX) SDK incorporates the Intel® Integrated Performance Primitives (Intel® IPP) Cryptography library. This article provides basic information on this Intel IPP Cryptography library and how to get set up to use it with Windows* Visual Studio* and the Linux* OS.

Hardware-Assisted Security for High-Value Information

Последнее обновление: 26 апреля 2019 г.

Recognizing the need for a new model that protects selected code and data from disclosure or modification, Intel designed Intel® Software Guard Extensions (Intel® SGX), a hardware-assisted trusted execution environment with the smallest possible attack surface. With Intel SGX, developers can partition their application into CPU-hardened “enclaves,” or protected areas of execution, that increase security even on compromised platforms.

Exception Handling in Intel® Software Guard Extensions Applications

Последнее обновление: 26 апреля 2019 г.

This article describes how HW exceptions are handled in Intel® Software Guard Extensions (SGX) enclaves.

Snort® Intrusion Detection System with Intel® Software Guard Extension

Последнее обновление: 26 апреля 2019 г.

In this paper, is described the experience with hardening the “king of middleboxes”– Intrusion Detection Systems (IDS) – using Intel® Software Guard Extensions (Intel® SGX) technology. The secured IDS using Intel® SGX, called SEC-IDS, is an unmodified Snort® 3 with a DPDK network layer that achieves 10Gbps line rate.

Intel® SGX Enabled Key Manager Service with OpenStack Barbican

Последнее обновление: 26 апреля 2019 г.

We propose to build an Intel® Software Guard Extension (Intel® SGX) based software crypto plugin that offers security similar to an HSM with the low cost and scalability of a software based solution. We extend OpenStack Barbican API to support attestation of an Intel® SGX crypto plugin, to allow clients higher confidence in the software they are using for storing keys.

Using Intel® VTune™ Amplifier XE with Intel® SGX Enabled Applications on Linux*

Последнее обновление: 26 апреля 2019 г.

This paper describes how to use Intel® VTune™ Amplifier XE to gather and analyze performance data from Intel® Software Guard Extensions (Intel® SGX) enabled applications for the Linux* OS. Intel VTune Amplifier XE is an application for software performance analysis of 32- and 64-bit x86 based machines.

Using Intel® VTune™ Amplifier XE with Intel® SGX Enabled Applications on Microsoft* Windows*

Последнее обновление: 26 апреля 2019 г.

This paper describes how to use Intel® VTune™ Amplifier XE to gather and analyze performance data from Intel® Software Guard Extensions (Intel® SGX) enabled applications for Microsoft* Windows*. Intel VTune Amplifier XE is an application for software performance analysis of 32- and 64-bit x86 based machines.

VeriClouds CredVerify* Uses Intel® Software Guard Extensions: Credential Verification with Privacy By Design

Последнее обновление: 26 апреля 2019 г.

VeriClouds CredVerify uses Intel® Software Guard Extensions (Intel® SGX) to protect the sensitive credential verification process with hardware-based crypto built inside the CPU. The solution significantly advances the security of VeriClouds service.

Using the Intel® Software Guard Extensions SSL Library

Последнее обновление: 26 апреля 2019 г.

This paper describes how to use the Intel® Software Guard Extensions (Intel® SGX) SSL Library for Intel SGX enabled applications. The Intel SGX SSL enclave libraries are derived from OpenSSL* and can be used for secure communications (TLS) across the network and for cryptographic operations within an enclave. This paper covers applications targeting Microsoft* Windows*.

Power Transitions in Intel® Software Guard Extensions Applications for Windows*

Последнее обновление: 26 апреля 2019 г.

This article provides guidelines on handling power transitions for Intel® Software Guard Extension (Intel® SGX) enabled applications running on Microsoft Windows*.

Intel® Software Guard Extensions (Intel® SGX) Debug and Build Configurations

Последнее обновление: 23 апреля 2019 г.

This article explains the debug and build configurations used to develop Intel® Software Guard Extensions (Intel® SGX) enclaves. The goal is to give the Intel SGX application developer the information they need to choose the correct build configuration at each stage of the application’s development and release process. This article covers both the Intel SGX SDKs for Windows* and for Linux*. General information on Intel SGX is provided on the Intel SGX portal.

Enclave Signing Tool for Intel® Software Guard Extensions (Intel® SGX)

Последнее обновление: 23 апреля 2019 г.

The Intel® Software Guard Extensions (Intel® SGX) architecture performs checks at enclave load time to see:

  1. if the signed enclave has been altered
  2. if the enclave signer appears on the Intel SGX Whitelist

If any changes have been made, or if the enclave signer is not on the whitelist, the enclave load is aborted.

This paper explains how to use the Intel SGX signing tool, which signs enclave files and generates enclave whitelisting material. For an overview of the enclave signing and whitelisting flows, including business interaction with Intel, see this document.

Protected File System with Intel® Software Guard Extensions (Intel® SGX) on Windows*

Последнее обновление: 23 апреля 2019 г.

This article explains how to use the Protected File System library in Intel® Software Guard Extensions (Intel® SGX) enclaves on Windows*. General information on Intel SGX can be found on the Intel SGX portal.

C++11 Library Setup for Migrating Intel® Software Guard Extensions (Intel® SGX) Applications

Последнее обновление: 23 апреля 2019 г.

This paper describes the process for migrating an Intel® Software Guard Extensions (Intel® SGX) project created in Microsoft Visual Studio* 2013 that uses the (STLport based) trusted C++ Standard Library to Visual Studio 2015. General information on Intel SGX can be found on the Intel SGX portal.

Performance Considerations for Intel® Software Guard Extensions (Intel® SGX) Applications

Последнее обновление: 23 апреля 2019 г.

This paper covers four areas with respect to Intel® Software Guard Extensions (Intel® SGX) enabled applications where, depending on how an application is designed/behaves, noticeable performance impacts can be experienced. The article explains the reasons behind these potential impacts and makes recommendations to minimize them. The article assumes a basic knowledge of Intel SGX. General information on Intel SGX is provided on the Intel SGX portal.

Self-Defending Key Management Service with Intel® Software Guard Extensions (Intel® SGX)

Последнее обновление: 23 апреля 2019 г.

The audience of this whitepaper includes security architects and technical security leaders considering new and better approaches to help secure their applications in public, hybrid, and multi-cloud deployments by ensuring that there is protection from malicious processes running with higher privileges.

Intel® Software Guard Extensions (Intel® SGX) enables a fundamental change to enterprise security providing hardware-level trustworthy execution of x86 applications. It allows enterprises to help secure sensitive applications independent of the overall security of the infrastructure.

This whitepaper describes a Fortanix* Runtime Encryption Capsule* (REC). REC is a trusted execution environment for workloads to use Intel SGX enclaves for their cryptographic protection from rouge insiders, compromised OS, malware, and other vulnerabilities.

Debugging Intel® Software Guard Extensions (Intel® SGX) Enclaves in Microsoft Windows*

Последнее обновление: 22 апреля 2019 г.

This paper describes the process for debugging Intel® Software Guard Extensions (Intel® SGX) enclaves for Microsoft Windows*. The paper covers prerequisites and typical steps to debug an enclave using Microsoft Visual Studio*, the Intel SGX Debugger, and the Intel SGX debug API. Also included are examples of common errors that can occur in enclave code. This paper assumes a basic understanding of Intel SGX application development. Information on Intel SGX can be found on the Intel SGX portal at: https://software.intel.com/sgx.

Integrating Remote Attestation with Transport Layer Security

Последнее обновление: 22 апреля 2019 г.

Intel® Software Guard Extensions (Intel® SGX) is a promising technology to securely process information in otherwise untrusted environments. An important aspect of Intel SGX is the ability to perform remote attestation to assess the endpoint’s trustworthiness. Ultimately, remote attestation will result in an attested secure channel to provision secrets to the enclave.

Input Types and Boundary Checking in Enclave-Definition Language (EDL) Files

Последнее обновление: 22 апреля 2019 г.

This paper explains the input types used in Intel® Software Guard Extensions (Intel® SGX) Enclave-Definition Language (EDL) files and describes the boundary conditions for each type. The paper also covers common build errors related to the definitions in an EDL file. The information in this paper applies to Intel SGX applications for both Microsoft* Windows* and for the Linux* operating system. The paper assumes a basic knowledge of Intel SGX. Information on Intel SGX can be found on the Intel SGX portal.

Overview on Signing and Whitelisting for Intel® Software Guard Extensions (Intel® SGX) Enclaves

Последнее обновление: 22 апреля 2019 г.

This paper provides an overview on signing and whitelisting for Intel® Software Guard Extension (Intel® SGX) enclaves for application release. The information presented here applies to Intel SGX enabled applications developed for the Microsoft* Windows* and Linux* operating system. The paper assumes a basic understanding of Intel SGX. General information on Intel SGX can be found on the Intel SGX portal at: https://software.intel.com/sgx.

Enclave-to-Enclave Communication in Intel® Software Guard Extensions (Intel® SGX) Applications

Последнее обновление: 22 апреля 2019 г.

This paper describes how two Intel® Software Guard Extensions (Intel® SGX) enclaves can securely communicate with each other when they are on the same platform (Local Attestation). This information applies to Intel SGX enabled applications for the Microsoft* Windows* and Linux* operating system. The paper assumes a basic knowledge of Intel SGX. Information on Intel SGX can be found on the Intel SGX portal.

Enclave Memory Measurement Tool for Intel® Software Guard Extensions (Intel® SGX) Enclaves

Последнее обновление: 22 апреля 2019 г.

This paper describes how to use the Enclave Memory Measurement Tool (EMTT) to help tune the memory footprint of Intel® Software Guard Extensions (Intel® SGX) enclaves. Both Microsoft* Windows* and the Linux* operating systems are covered. The paper assumes an understanding of Intel SGX. General information on Intel SGX can be found on the Intel SGX portal.

Intel® Software Guard Extensions (SGX) SW Development Guidance for Potential Edger8r Generated CodeSide Channel Exploits

Последнее обновление: 19 апреля 2019 г.

In this document we will identify changes that have been made to the Intel® SGX SDK Edger8r Tool EDL Grammar and provide clarifying guidance on what the Intel® SGX developer needs to do to adapt their interface code to the updated EDL grammar.

Intel® Software Guard Extensions (Intel® SGX) Architecture for Oversubscription of Secure Memory in a Virtualized Environment

Последнее обновление: 19 апреля 2019 г.

As workloads and data move to the cloud, it is essential that software writers are able to protect their applications from untrusted hardware, systems software, and co-tenants. Intel® Software Guard Extensions (SGX) enables a new mode of execution that is protected from attacks in such an environment with strong confidentiality, integrity, and replay protection guarantees. Though SGX supports memory oversubscription via paging, virtualizing the protected memory presents a significant challenge to Virtual Machine Monitor (VMM) writers and comes with a high performance overhead. This paper introduces SGX Oversubscription Extensions that add additional instructions and virtualization support to the SGX architecture so that cloud service providers can oversubscribe secure memory in a less complex and more performant manner.

Intel® Software Guard Extensions (Intel® SGX) Support for Dynamic Memory Management Inside an Enclave

Последнее обновление: 19 апреля 2019 г.

We introduce Intel® Software Guard Extensions (Intel® SGX) SGX2 which extends the SGX instruction set to include dynamic memory management support for enclaves. Intel® SGX is a subset of the Intel Architecture Instruction Set. SGX1 allows an application developer to build a trusted environment and execute inside that space. However SGX1 imposes limitations regarding memory commitment and reuse of enclave memory. The software developer is required to allocate all memory at enclave instantiation. This paper describes new instructions and programming models to extend support for dynamic memory management inside an enclave.

Microsoft Visual Studio* 2015 and Microsoft* Universal C Run Time with Intel® Software Guard Extensions (Intel® SGX) Applications

Последнее обновление: 19 апреля 2019 г.

This paper explains how to use the Microsoft* Universal C Run Time (CRT) library with Intel® SGX-enabled applications and Microsoft Visual Studio* 2015, including building with and deploying the right CRT libraries. This paperis provided as background information so developers can plan deployment of their Intel SGX enabled applications to ensure the Microsoft* Universal CRT is available when their applications run. General information on Intel SGX is provided on the Intel SGX portal at: https://software.intel.com/en-us/sgx.

Trusted Time and Monotonic Counters with Intel® Software Guard Extensions Platform Services

Последнее обновление: 19 апреля 2019 г.

Intel® Software Guard Extensions (Intel® SGX) is an Intel® CPU based Trusted Execution Environment (TEE) technology. It consists of a set of processor extensions that allow a user-space application to create a Trusted Computing Base (TCB) called an enclave in its address space. An enclave has the CPU package boundary as its security perimeter and provides confidentiality and integrity protection, even in the presence of privileged malware or external memory bus snoops. Intel SGX provides support of enclave attestation to a 3rd party service, so the latter can verify the security properties of the Intel CPU and the enclave software before provisioning secrets. Intel SGX allows an enclave to seal its secrets using a hardware-derived sealing key that is unique to the CPU and the enclave identities.

Supporting Third Party Attestation for Intel® Software Guard Extensions Data Center Attestation Primitives

Последнее обновление: 19 апреля 2019 г.

Intel® Software Guard Extensions (SGX) has an attestation and sealing capability that can be used to remotely provision secrets and secure secrets to an enclave. Intel describes how Intel® Enhanced Privacy Identifier (EPID) based attestation keys are provisioned and describes the Intel provided online services to support this architecture. This paper describes additional services and primitives available to allow 3rd parties to build their own attestation infrastructure, using classical public key algorithms such as ECDSA or RSA. This paper also describes an example deployment pipeline with important trade-offs to be considered when deploying Intel® SGX at scale using these new elements.

Intel® Software Guard Extensions (Intel® SGX) Trusted Computing Base (TCB) Recovery

Последнее обновление: 19 апреля 2019 г.

We designed Intel® Software Guard Extensions (Intel® SGX) with the ability to update it in order to address any issues that might arise in the future. Merely providing this update mechanism, however, is not sufficient for a secure service infrastructure: if a client’s update is voluntary, then the remote service could be communicating with a client that is out of date and subject to security vulnerabilities. To address this issue, Intel SGX was also given the means to cryptographically prove, via remote attestation, that the client update has taken place. The mechanics of this process have been outlined in the whitepaper titled “Intel® Software Guard Extensions: EPID Attestation and Services”.

Debugging Intel® Software Guard Extensions (Intel® SGX) Enclaves for Linux* Operating System

Последнее обновление: 19 апреля 2019 г.

This paper describes the process for debugging an Intel® Software Guard Extensions (Intel® SGX) enclave for the Linux* operating system using the GDB debugger. The paper covers prerequisites and typical steps to debug an enclave using the GDB debugger with the Intel SGX GDB “plugin” from the Intel SGX SDK for Linux. Also included are descriptions of common errors that can occur in enclave code. This paper assumes a basic understanding of Intel SGX. Information on Intel SGX can be found on the Intel SGX portal at: https://software.intel.com/sgx.

Trusted CPU Feature Detection Library for Intel® Software Guard Extensions (Intel® SGX)

Опубликовано: 9 апреля 2019 г.Автор: John M.

A means of probing for selected CPU features without exiting an Intel SGX enclave.

Intel® Software Guard Extensions (Intel® SGX) - Fortanix* Testimonial

Последнее обновление: 19 марта 2019 г.

Fortanix* talks about their implementation of Intel® SGX and how they use it in their portfolio of products and services.

Page icon

Can a Blockchain-Controlled Robot Change the Future?

Опубликовано: 22 февраля 2019 г.Автор: Michael Reed

Imagine a world in which your drone or robot malfunctions and is lost in the wilderness, but you can summon a rescue robot to retrieve it.

still from security focused animation

Intel® Software Guard Extensions (Intel® SGX) Animation

Последнее обновление: 21 февраля 2019 г.Время видео: 2 мин

Intel® Software Guard Extensions (Intel® SGX) helps developers create a trusted space where new CPU instructions provide higher security access controls that help safeguard select information and code while in use

A Mutually-Trusted Enclave Inspection

Последнее обновление: 12 февраля 2019 г.

Hardware protects enclave contents in the cloud, resulting with providers being unable to enforce policy compliance. Use the EnGarde system to ensure compliance.

Page icon

Get Started with Microsoft Azure* Confidential Computing

Опубликовано: 27 декабря 2018 г.Автор: Dan Zimmerman

Scope

This paper helps developers get started with Microsoft Azure* Confidential Computing (ACC) using the Open Enclave software development kit (SDK). Topics include the scope of support for the ACC public preview, step-...

Building the GNU* Multiple Precision* library for Intel® Software Guard Extensions

Опубликовано: 3 октября 2018 г.Автор: John M.

How to adapt the GNU Multiple Precision Arithmetic Library (GMP) to work in Intel SGX enclaves.

Secure Genome Analysis

Последнее обновление: 2 октября 2018 г.

This video is about Secure Genome Analysis with Intel® SGX Data Privacy.

Resolve the Privacy and Trust Quagmire

Последнее обновление: 2 октября 2018 г.

Describe how trustworthy hardware such as Intel® SGX can be used client-side in contrast to much recent work exploring Intel® SGX in cloud services to realize the Glimmer architecture, and demonstrate how this realization is able to resolve the tension between privacy and trust in a variety of...

Use Oblivious Multiparty Machine Learning on Trusted Processors

Последнее обновление: 2 октября 2018 г.

Guaranteeing the privacy of individual datasets requires a careful use of machine learning algorithms. Learn about a recommended algorithm and where to use it.

Страницы