Secure enclave technology has during the last decade emerged as an important hardware security primitive in server computer cores, and increasingly also in chips intended for consumer devices like mobile phones and PCs. The Linux Confidential Compute Consortium has taken a leading role in defining the host APIs for enclave access (e.g. OpenEnclave APIs). Earlier solutions for security isolation in mobile phones relied on so called Trusted Execution Environments, which are similar in hardware isolation, but serve primarily OEM device security use-cases, and the environments are access controlled by remote trust roots (code signatures). This thesis examines the security requirements for enclaves, visible through APIs and SDKs. An augment...
Many applications are built upon private algorithms, and executing them in untrusted, remote enviro...
Hardware-based enclave protection mechanisms, such as Intel’s SGX, ARM’s TrustZone, and Apple’s Secu...
Over the past few years, major hardware vendors have started offering processors that support Truste...
Secure enclave technology has during the last decade emerged as an important hardware security primi...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
This paper analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when in...
In the last decade, security architectures became prominent which protect sensitive data in isolated...
Software guard extensions (SGX) allow an application to instantiate within memory a protected contai...
We present an integrated open-source framework to develop, deploy, and use event-driven distributed ...
Secure enclaves are commonly used for securing sensitive data and computation. However, an enclave c...
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, of...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized har...
The rapid expansion of the Internet means that users increasingly want to interact with each other. ...
Many applications are built upon private algorithms, and executing them in untrusted, remote enviro...
Hardware-based enclave protection mechanisms, such as Intel’s SGX, ARM’s TrustZone, and Apple’s Secu...
Over the past few years, major hardware vendors have started offering processors that support Truste...
Secure enclave technology has during the last decade emerged as an important hardware security primi...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
This paper analyzes the vulnerability space arising in Trusted Execution Environments (TEEs) when in...
In the last decade, security architectures became prominent which protect sensitive data in isolated...
Software guard extensions (SGX) allow an application to instantiate within memory a protected contai...
We present an integrated open-source framework to develop, deploy, and use event-driven distributed ...
Secure enclaves are commonly used for securing sensitive data and computation. However, an enclave c...
Recent proposals for trusted hardware platforms, such as Intel SGX and the MIT Sanctum processor, of...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized har...
The rapid expansion of the Internet means that users increasingly want to interact with each other. ...
Many applications are built upon private algorithms, and executing them in untrusted, remote enviro...
Hardware-based enclave protection mechanisms, such as Intel’s SGX, ARM’s TrustZone, and Apple’s Secu...
Over the past few years, major hardware vendors have started offering processors that support Truste...