P281 - Sicherheit 2018 - Sicherheit, Schutz und Zuverlässigkeit

Auflistung nach:

1 - 1 von 1

Konferenzbeitrag
Secure Remote Computation using Intel SGX
(SICHERHEIT 2018, 2018) Übler, David; Götzfried, Johannes; Müller, Tilo
In this paper, we leverage SGX to provide a secure remote computation framework to be used in a cloud scenario. Our framework consists of two parts, a local part running on the user's machine and a remote part which is executed within the provider's environment. Users can connect and authenticate themselves to the remote side, verify the integrity of a newly spawned loading enclave, and deploy confidential code to the provider's machine. While we are not the first using SGX in a cloud scenario, we provide a full implementation considering all practical pitfalls, e.g., we use Intel's Attestation Services to prove the integrity of the loading enclave to our users. We also take care of establishing a secure bidirectional channel between the target enclave and the client running on the user's machine to send code, commands, and data. The performance overhead of CPU-bound applications using our framework is below 10% compared to remote computation without using SGX.