TU BRAUNSCHWEIG
| Carl-Friedrich-Gauß-Fakultät | Department Informatik
Informatikzentrum

Intel Visual Compute Accelerator and Intel SGX

Bearbeiter(anonym, Login erforderlich)
BetreuerNico Weichbrodt
ProfessorProf. Dr. Rüdiger Kapitza
IBR GruppeDS (Prof. Kapitza)
ArtMasterarbeit
Statusoffen

Introduction

In the last years, a need for secure computing on untrusted host has come up. To achieve this, Intel developed Software Guard Extensions (SGX) [1,2] that allows developers to create secure compartments for their applications, called enclaves. Enclaves are a secure part of applications that can be entered to perform security critical computations while being guarded from an untrusted operating system and attackers by the processor itself. Enclaves operate in completely encrypted memory that only they can access. To ease development of enclaves, Intel released a Software Development Kit (SDK) [0].

SGX is normally only available on Desktop and Mobile-class CPUs. However, there is a special PCIe-card called the Intel Visual Compute Accelerator (VCA). [4] This card contains three Intel Xeon E3 processors that have SGX support. We have such a card and can utilise SGX on it.

Problem statement

The nodes on the card talk with each other and with the host over TCP/IP via a kind-of virtual network interface on top of PCIe. We want to increase performance by removing the TCP/IP stack and doing something RDMA-like.

Task description

Build a framework that alows the use of RDMA-like communication via PCIe between the nodes and the host.

Prerequisites

  • Basic knowledge of Linux systems as we work with SGX exclusively on Linux
  • Good knowledge of C/C++
  • Knowledge of Linux Kernel modules and custom modules
  • Knowledge of x86-64 assembler is of advantage

Links

[0] https://01.org/intel-softwareguard-extensions
[1] https://software.intel.com/en-us/blogs/2013/09/26/protecting-application-secrets-with-intel-sgx
[2] https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf
[4] Intel VCA




aktualisiert am 21.01.2019, 13:31 von Nico Weichbrodt
printemailtop