Secure Remote Computation using Intel SGX

In this paper, we leverage SGX to provide a secure remote computation framework to be used in a cloud scenario. Our framework consists of two parts, a local part running on the user's machine and a remote part which is executed within the provider's environment. Users can connect and authenticate themselves to the remote side, verify the integrity of a newly spawned loading enclave, and deploy confidential code to the provider's machine. While we are not the first using SGX in a cloud scenario, we provide a full implementation considering all practical pitfalls, e.g., we use Intel's Attestation Services to prove the integrity of the loading enclave to our users. We also take care of establishing a secure bidirectional channel between the target enclave and the client running on the user's machine to send code, commands, and data. The performance overhead of CPU-bound applications using our framework is below 10% compared to remote computation without using SGX.

Übler, David; Götzfried, Johannes; Müller, Tilo (2018): Secure Remote Computation using Intel SGX. SICHERHEIT 2018. DOI: 10.18420/sicherheit2018_16. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 978-3-88579-675-6. pp. 209-219. Wissenschaftliche Beiträge. Konstanz, Germany. 25.-27. April 2018

Schlagwörter

Intel SGX , Cloud Computing , Isolation

DOI

10.18420/sicherheit2018_16

Sammlungen

P281 - Sicherheit 2018 - Sicherheit, Schutz und Zuverlässigkeit

Komplettanzeige

Secure Remote Computation using Intel SGX

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen