Hardware-aided Trusted Computing
AMENDMENT Demo: SGX-LKL
Running unmodified Linux applications inside Intel SGX's enclaves
SGX-LKL is a library OS designed to run unmodified Linux binaries inside SGX enclaves. It uses the Linux Kernel Library (LKL) and a modified version of musl to provide system support for complex applications within the enclave.
SGX-LKL has support for in-enclave user-level threading, signal handling, and paging. This demo presents an overview of SGX-LKL and demonstrates how popular applications can be ported and executed within SGX-LKL.
Please note that this talk was originally scheduled to begin at the later time of 14:10
Additional information
| Type | devroom |
|---|
More sessions
| 2/1/20 |
abstract
|
| 2/1/20 |
Intel Software Guard Extensions (SGX) makes software secure from the outside. Rust makes it secure from the inside. This workshop will introduce you to Rust and the Fortanix® Enclave Development Platform (EDP) for Rust: how it works, what you can do with it, and why Rust is such a good fit for SGX. Please note that this was previously scheduled for 11:15 and replaces the talk on "Introduction to the CoSMIX Compiler" by Yan Michalevsky.
|
| 2/1/20 |
The Confidential Consortium Framework is an open-source framework for building permissioned confidential multi-party services. It leverages hardware trusted execution environments to provide strong confidentiality, integrity, and high performance. CCF implements consortium-based programmable and auditable governance. Please note that this talk was originally scheduled to begin at the later time of 11:50.
|
| 2/1/20 |
In this talk I will present EActors, an actor framework that is tailored to SGX and offers a more seamless, flexible and efficient use of trusted execution – especially for applications demanding multiple enclaves. EActors disentangles the interaction with enclaves and, among them, from costly execution mode transitions. It features lightweight fine-grained parallelism based on the concept of actors, thereby avoiding costly SGX SDK provided synchronisation constructs. Finally, EActors offers a ...
|
| 2/1/20 |
This talk analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when interfacing a trusted enclave application with untrusted, potentially malicious code. Considerable research and industry effort has gone into developing TEE runtime libraries with the purpose of transparently shielding enclave application code from an adversarial environment. However, our analysis reveals that shielding requirements are generally not well-understood in real-world TEE runtime ...
|
| 2/1/20 |
OP-TEE is an open source implementation of the GPD TEE specifications. However deploying OP-TEE inside a real world product requires more than just the integration into the system, since the integrator needs to ensure that all security requirements are met. This talk will outline a common set of these requirements and show the necessary changes based on NXP i.MX6 platforms. Please note that this talk was originally scheduled to begin at the later time of 13:35
|
