Add to ORKGHardware-based enclave protection mechanisms, such as Intel’s SGX, ARM’s TrustZone, and Apple’s Secure Enclave, can protect code and data from powerful low-level attackers. In this work, we use enclaves to enforce strong applicationspecific information security policies. We present IMPE, a novel calculus that captures the essence of SGX-like enclave mechanisms, and show that a security-type system for IMPE can enforce expressive confidentiality policies (including erasure policies and delimited release policies) against powerful low-level attackers, including attackers that can arbitrarily corrupt non-enclave code, and, under some circumstances, corrupt enclave code. We present a translation from an expressive securitytyped calculus (that i...
Computer systems often provide hardware support for isolation mechanisms like privilege levels, virt...
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, of...
Trusted execution support in modern CPUs, as offered by Intel SGX enclaves , can protect application...
Security-critical applications constantly face threats from exploits in lower computing layers such ...
Software guard extensions (SGX) allow an application to instantiate within memory a protected contai...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
Many applications are built upon private algorithms, and executing them in untrusted, remote enviro...
Secure enclave technology has during the last decade emerged as an important hardware security primi...
This paper analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when in...
Computer systems often provide hardware support for isolation mechanisms such as privilege levels, v...
Over the past few years, major hardware vendors have started offering processors that support Truste...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Intel Software Guard Extensions (SGX) is a recent technology from Intel that makes it possible to ex...
Application size and complexity are the underlying cause of numerous security vulnerabilities in cod...
Computer systems often provide hardware support for isolation mechanisms like privilege levels, virt...
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, of...
Trusted execution support in modern CPUs, as offered by Intel SGX enclaves , can protect application...
Security-critical applications constantly face threats from exploits in lower computing layers such ...
Software guard extensions (SGX) allow an application to instantiate within memory a protected contai...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
Many applications are built upon private algorithms, and executing them in untrusted, remote enviro...
Secure enclave technology has during the last decade emerged as an important hardware security primi...
This paper analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when in...
Computer systems often provide hardware support for isolation mechanisms such as privilege levels, v...
Over the past few years, major hardware vendors have started offering processors that support Truste...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Intel Software Guard Extensions (SGX) is a recent technology from Intel that makes it possible to ex...
Application size and complexity are the underlying cause of numerous security vulnerabilities in cod...
Computer systems often provide hardware support for isolation mechanisms like privilege levels, virt...
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, of...
Trusted execution support in modern CPUs, as offered by Intel SGX enclaves , can protect application...