TU BRAUNSCHWEIG
| Carl-Friedrich-Gauß-Fakultät | Informatik
Informatikzentrum

Untersützung für Intel SGX v2 im SGX SDK

Bearbeiter(anonym, Login erforderlich)
BetreuerNico Weichbrodt
ProfessorProf. Dr. Rüdiger Kapitza
IBR GruppeDS (Prof. Kapitza)
ArtBachelorarbeit
Statusabgeschlossen

Introduction

In the last years, a need for secure computing on untrusted host has come up. To achieve this, Intel developed Software Guard Extensions (SGX) [1,2] that allows developers to create secure compartments for their applications, called enclaves. Enclaves are a secure part of applications that can be entered to perform security critical computations while being guarded from an untrusted operating system and attackers by the processor itself. Enclaves operate in completely encrypted memory that only they can access. To ease development of enclaves, Intel released a Software Development Kit (SDK) [0].

Problem statement

Adapt the SDK to enable use of SGXv2 features

Task description

...

  • Implement sgx_alloc_pages and sgx_free_pages using EACCEPT
  • Implement sgx_mprotect using EMODP/EMODT

Prerequisites

  • Basic knowledge of Linux systems as we work with SGX exclusively on Linux
  • Good knowledge of C/C++
  • Knowledge of x86-64 assembler is of advantage

Links

[0] https://01.org/intel-softwareguard-extensions
[1] https://software.intel.com/en-us/blogs/2013/09/26/protecting-application-secrets-with-intel-sgx
[2] https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf



aktualisiert am 05.02.2019, 14:52 von Nico Weichbrodt
printemailtop