Leveraging Intel SGX Technology to Protect Security Sensitive Applications

Abstract

This report explains the basic process by which Intel Software Guard Extensions (SGX) can be leveraged into an existing codebase to protect a security-sensitive application. Intel SGX provides user-level applications with hardware-enforced confidentiality and integrity protections. These protections apply to all three phases of the operational data lifecycle: at rest, in use, and in transit. SGX shrinks the trusted computing base (and therefore the attack surface) of the application to only the hardware on the CPU chip and the portion of the applications software that is executed within the protected enclave. The SGX SDK enables relatively straightforward integration into existing C/C++ codebases while still ensuring program support for legacy and non-Intel platforms.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 29, 2018
Accession Number
AD1054456

Entities

People

  • Dan M. Utin
  • Joseph M. Sobchuk
  • Roger I. Khazan
  • Sean R. O'melia

Organizations

  • Massachusetts Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Weapons Technologies

DTIC Thesaurus Topics

  • Abstracts
  • Air Force
  • Authentication
  • Boundaries
  • Compilers
  • Computer Programming
  • Computer Programs
  • Computers
  • Computing System Architectures
  • Cryptography
  • Data Storage Systems
  • Debugging
  • Environment
  • Firmware
  • Instructions
  • Materials
  • Microarchitecture
  • Operating Systems
  • Platforms
  • Prototypes
  • Reliability
  • Security
  • Simulations
  • Software Development
  • Trademarks

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Parallel and Distributed Computing.