Übler, DavidGötzfried, JohannesMüller, TiloLangweg, HannoMeier, MichaelWitt, Bernhard C.Reinhardt, Delphine2018-03-222018-03-222018978-3-88579-675-6https://dl.gi.de/handle/20.500.12116/16281In this paper, we leverage SGX to provide a secure remote computation framework to be used in a cloud scenario. Our framework consists of two parts, a local part running on the user's machine and a remote part which is executed within the provider's environment. Users can connect and authenticate themselves to the remote side, verify the integrity of a newly spawned loading enclave, and deploy confidential code to the provider's machine. While we are not the first using SGX in a cloud scenario, we provide a full implementation considering all practical pitfalls, e.g., we use Intel's Attestation Services to prove the integrity of the loading enclave to our users. We also take care of establishing a secure bidirectional channel between the target enclave and the client running on the user's machine to send code, commands, and data. The performance overhead of CPU-bound applications using our framework is below 10% compared to remote computation without using SGX.enIntel SGXCloud ComputingIsolationText/Conference Paper10.18420/sicherheit2018_161617-5468