Top

Automatic Control and Computer Sciences

Published in:

01-12-2018

Ensuring Secure Data Input/Output Operations for SGX ENCLAVE

Authors: D. P. Zegzhda, E. S. Usov, A. V. Nikol’skii, E. Yu. Pavlenko

Published in: Automatic Control and Computer Sciences | Issue 8/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract—

This paper investigates the problem of ensuring secure input/output operations in the Intel SGX technology. The problem is extremely urgent, and its solution will make it possible to protect confidential user data from attacks from different malicious software while finding data outside the enclave. The authors present different methods for solving the posed problem developed by them. The complexity of the practical application of these methods as well as their main disadvantages and advantages are analyzed. The most preferred method which ensures secure storage and processing of data outside the enclave is also chosen.

previous article Modeling the Dissemination of Information Threats in Social Media

next article Security Provision in Wireless Sensor Networks on the Basis of the Trust Model

Intel® 64 and IA-32 Architectures Software Developer’s Manual Volume 3 (3A, 3B, 3C & 3D). https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-system-programming-manual-325384.pdf.

Overview of Intel Software Guard Extensions Instructions and Data Structures. https://software.intel.com/en-us/ blogs/2016/06/10/overview-of-intel-software-guard-extensions-instructions-and-data-structures.

Intel SGX Explained. https://eprint.iacr.org/2016/086.pdf.

Shay Gueron, A Memory Encryption Engine Suitable for General Purpose Processors. https://eprint.iacr.org/ 2016/204.pdf.

Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Ensuring confidentiality of data of users of cloud systems using the Intel SGX technology, Sbornik materialov 15-i mezhdunarodnoi konferentsii Regional’naya informatika (RI 2016) (Proc. 15th Int. Conf. Reg. Inf. (RI 2016)), 2016.

Zegzhda, D.P., Usov, E.S., Nikol’skii, A.V., and Pavlenko, E.Yu., Use of Intel SGX to ensure the confidentiality of data of cloud users, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 848–854.CrossRef

Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Organization of secure cloud computing using Intel SGX, Sbornik materialov 25-i nauchno-tekhnicheskoi konferentsii Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informatsii (Proc. 25th Sci.-Tech. Conf. Methods and Technical Means for Ensuring Information Security), 2016.

Usov, E.S., Nikol’skii, A.V., and Zegzhda, D.P., Ensuring safe data input/output operations for SGX Enclave, Sbornik materialov 26-i nauchno-tekhnicheskoi konferentsii Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informatsii (Proc. 26th Sci. Tech. Conf. Methods and Technical Means for Ensuring Information Security), 2017.

Xiaoyu Ruan, Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine, 2014.

10.

Khalid Maklai, Intel® Identity Protection Technology (Intel® IPT) with PKI and Protected Transaction Display. https://software.intel.com/sites/default/files/managed/5f/4e/IPTwithPKI_ProtTransDisplay.pdf.

11.

Intel® Software Guard Extensions SDK for Windows* OS. https://software.intel.com/sites/default/files/managed/41/58/sgx-sdk-developer-reference-for-windows.pdf.

Title: Ensuring Secure Data Input/Output Operations for SGX ENCLAVE
Authors: D. P. Zegzhda
E. S. Usov
A. V. Nikol’skii
E. Yu. Pavlenko
Publication date: 01-12-2018
Publisher: Pleiades Publishing
Published in: Automatic Control and Computer Sciences / Issue 8/2018
Print ISSN: 0146-4116
Electronic ISSN: 1558-108X
DOI: https://doi.org/10.3103/S0146411618080321

Springer Professional

Abstract—

Please log in to get access to your license.

Other articles of this Issue 8/2018

Development of a Heuristic Mechanism for Detection of Malware Programs Based on Hidden Markov Models

Application of Systems Theory Laws for Investigating Information Security Problems

Security Provision in Wireless Sensor Networks on the Basis of the Trust Model

A Use Case Analysis of Heterogeneous Semistructured Objects in Information Security Problems

Noise Immunity of Noncoherent Reception under Complex Interference Effect on Communication and Monitoring Channels of Automated Information Systems of River Transport on Inland Waterways of the Russian Federation

Implementation of Mandatory Access Control in Distributed Systems