Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves

2022-10-30 14:46:01

PANOPLY provides middleware for SGX and Linux operating systems.

What

PANOPLY provides middleware for SGX and Linux operating systems which has low TCB and support all standard POSIX APIs.

Why

  • Enclaves have severely limited capabilities: no native access to system calls and standard OS abstractions.
  • Current systems have a large TCB which leads to too much overhead.
  • There are security risks in Multi-Enclave applications.

How

  • Using microns (micro-container) keep libc outside the enclave.
  • micron is a unit of application logic which runs on the Intel SGX hardware enclaves.

Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves

Some Detail
  • Evaluation on four real world software (Tor v0.2.5.11 , H2O v2.0.0 , OpenSSL v1.0.1m , FreeTDS v0.95.81 ):
    • Expressiveness & Security.
    • TCB -> How much TCB reduction achieve over Library OSes
    • Performance -> Perform compared to Library OSes
上一篇:消息队列


下一篇:commons-lang 包常用方法