Abstract
Confidentiality in the storage and handling of sensitive data is a central concern in computing security; one of the most sensitive data in computer systems is users' credentials. To ensure the confidentiality and integrity of sensitive data, developers can use a Trusted Execution Environment (TEE). One of such TEE is Intel Software Guard Extensions (SGX), which reduces the trusted computing base to a hardware/software concept called enclave. However, using SGX enclaves usually incurs in a performance impact in the application execution. In this paper we propose an enclave sharing approach to reduce the performance overhead in scenarios where multiple enclaves handle the same data. To evaluate this approach, we implemented a SGX-secured OS authentication service. Three prototypes were built, considering distinct concerns about security and performance. Results show that this approach can be used in high demand environments, presenting a small overhead.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
