摘要 :
SAFETYTUBE SGX1000 (SGX1000) and the SAFETYTUBE SGX100 (SGX100) are the network components equipped with the security features of authentication between units and of encryption for the payload of the TCP layer, if the SGX1000 and ...
展开
SAFETYTUBE SGX1000 (SGX1000) and the SAFETYTUBE SGX100 (SGX100) are the network components equipped with the security features of authentication between units and of encryption for the payload of the TCP layer, if the SGX1000 and the SGX100 are installed at end-to-end connections of the network, it is possible to prevent information leakage, scams, and spoofing. In consideration of an application to the server side, the SGX1000 is designed for inside the Type 19-inch rack. The SGX100 is compact and light in mass in consideration of an application to the terminal equipment side. For better maintenance, both the SGX1000 and the SGX100 incorporate the browser-based interface.
收起
摘要 :
Encrypted database systems provide a great method for protecting sensitive data in untrusted infrastructures. These systems are built using either special-purpose cryptographic algorithms that support operations over encrypted dat...
展开
Encrypted database systems provide a great method for protecting sensitive data in untrusted infrastructures. These systems are built using either special-purpose cryptographic algorithms that support operations over encrypted data, or by leveraging trusted computing co-processors. Strong cryptographic algorithms (e.g., public-key encryptions, garbled circuits) usually result in high performance overheads, while weaker algorithms (e.g., order-preserving encryption) result in large leakage profiles. On the other hand, some encrypted database systems (e.g., Cipherbase, TrustedDB) leverage non-standard trusted computing devices, and are designed to work around the architectural limitations of the specific devices used.In this work we build StealthDB – an encrypted database system from Intel SGX. Our system can run on any newer generation Intel CPU. StealthDB has a very small trusted computing base, scales to large transactional workloads, requires minor DBMS changes, and provides a relatively strong security guarantees at steady state and during query execution. Our prototype on top of Postgres supports the full TPC-C benchmark with a 30% decrease in the average throughput over an unmodified version of Postgres operating on a 2GB unencrypted dataset.
收起
摘要 :
Software Guard eXtensions (SGX) is a hardware-based technology that introduces unobservable portions of memory, called enclaves, that physically screens software components from system tampering. Enclaves can be used to run arbitr...
展开
Software Guard eXtensions (SGX) is a hardware-based technology that introduces unobservable portions of memory, called enclaves, that physically screens software components from system tampering. Enclaves can be used to run arbitrary programs (including malicious code), but their actual impact on digital forensics and incident response remains unknown. In our work, we propose a methodical study of what information can be retrieved from an SGX machine and how to use this information to infer the enclaves interfaces and structure layout. We tested our techniques over a dataset of 45 SGX applications and we showed the practicality of our techniques in a real-product use-case and on two malware-enclaves. (c) 2021 Elsevier Ltd. All rights reserved.
收起
摘要 :
With response to the emerging virtualization trend, we focus on a Virtual Machine (VM) remote attestation process assuming that it is running in an uncontrolled and untrusted cloud infrastructure. We present a solution that is abl...
展开
With response to the emerging virtualization trend, we focus on a Virtual Machine (VM) remote attestation process assuming that it is running in an uncontrolled and untrusted cloud infrastructure. We present a solution that is able to establish a chain of trust in a cloud environment. Our solution is based on a set of CPU instructions and it does not need any additional components to track host modifications. Our solution enables integrity verification of a filesystem. Additionally, it ensures trust level assessment for remote VMs during their startup or while triggered manually at any point in time afterwards. We identify security properties for our solution and show how it meets them. The security analysis shows that with necessary countermeasures, the proposed model can ensure the required level of security. Additionally, We evaluate the performance impact of the prototype and virtualization overhead for a real-life scenario. Here, we assume that small configuration files, binaries, and executables are most critical. The results show that important filesystem components can be verified with a minimum impact on a startup time. This way, the whole proposal allows for making VM a part of a trusted compute resource pool.
收起
摘要 :
Through recent years, much research has been conducted into processing privacy policies and presenting them in ways that are easy for users to understand. However, understanding privacy policies has little utility if the website’...
展开
Through recent years, much research has been conducted into processing privacy policies and presenting them in ways that are easy for users to understand. However, understanding privacy policies has little utility if the website’s data processing code does not match the privacy policy. Although systems have been proposed to achieve compliance of internal software to access control policies, they assume a large trusted computing base and are not designed to provide a proof of compliance to an end user. We design Mitigator, a system to enforce compliance of a website’s source code with a privacy policy model that addresses these two drawbacks of previous work. We use trusted hardware platforms to provide a guarantee to an end user that their data is only handled by code that is compliant with the privacy policy. Such an end user only needs to trust a small module in the hardware of the remote back-end machine and related libraries but not the entire OS. We also provide a proof-of-concept implementation of Mitigator and evaluate it for its latency. We conclude that it incurs only a small overhead with respect to an unmodified system that does not provide a guarantee of privacy policy compliance to the end user.
收起
摘要 :
Oblivious RAM (ORAM) schemes exist in order to protect the access pattern of data in a data store. Under an ORAM algorithm, a client accesses a data store in such a way that does not reveal which item it is interested in. This is ...
展开
Oblivious RAM (ORAM) schemes exist in order to protect the access pattern of data in a data store. Under an ORAM algorithm, a client accesses a data store in such a way that does not reveal which item it is interested in. This is typically accomplished by accessing multiple items each access and periodically reshuffling some, or all, of the data in the data-store. While many recent schemes make the ORAM computation complexity feasible, the performance of practical implementations is still largely limited by computational and storage limitations of the client as well as the bandwidth available between the client and the data store. In a cloud computing environment, where it is commonly assumed that the client is underpowered and you must pay by the gigabyte for data transfer, traditional ORAM methods are not optimal. Intel's Software Guard Extensions (SGX) provide a new opportunity for ORAM implementations that can safely outsource the computational and bandwidth requirements along with the data itself, meaning that the client can be very limited and still attain high performance. In this work, we develop efficient techniques for constructing ORAMs that takes advantage of the SGX enclave technology. We demonstrate implementations of multiple ORAM schemes (linear, square root, and path ORAM) using Intel's SGX We discuss the limitations of SGX as they pertain to implementing ORAM, and discuss alterations to the standard algorithms to overcome these limitations. We then evaluate the performance of our techniques.
收起