Student | (visible for staff only) |
Supervisor | Nico Weichbrodt |
Professor | Prof. Dr. Rüdiger Kapitza |
IBR Group | DS (Prof. Kapitza) |
Type | Bachelor Thesis |
Status | finished |
IntroductionIn the last years, a need for secure computing on untrusted host has come up. To achieve this, Intel developed Software Guard Extensions (SGX) [1,2] that allows developers to create secure compartments for their applications, called enclaves. Enclaves are a secure part of applications that can be entered to perform security critical computations while being guarded from an untrusted operating system and attackers by the processor itself. Enclaves operate in completely encrypted memory that only they can access. To ease development of enclaves, Intel released a Software Development Kit (SDK) [0]. Problem statementApplications inside enclaves are typically fixed, i.e., their code is one statically linked binary blob. This is fine for most applications, however, there are cases, where a plugin-architecture makes sense. In these cases, we would need an enclave, that can swap in and out parts of its code from trusted memory to make space for other parts or different implementations. Furthermore, the enclave should be capable of combining plugins Task descriptionTo increase flexibility, we want to develop a framework that allows an enclave to modify its own code in a plugin-like architectural way. Therefore the following tasks have to be worked on:
Prerequisites
Links[0] https://01.org/intel-softwareguard-extensions[1] https://software.intel.com/en-us/blogs/2013/09/26/protecting-application-secrets-with-intel-sgx [2] https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf |
Vacancies of TU Braunschweig
Career Service' Job Exchange
Merchandising
Term Dates
Courses
Degree Programmes
Information for Freshman
TUCard
Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig
P. O. Box: 38092 Braunschweig
GERMANY
Phone: +49 (0) 531 391-0