Abstract—
This paper investigates the problem of ensuring secure input/output operations in the Intel SGX technology. The problem is extremely urgent, and its solution will make it possible to protect confidential user data from attacks from different malicious software while finding data outside the enclave. The authors present different methods for solving the posed problem developed by them. The complexity of the practical application of these methods as well as their main disadvantages and advantages are analyzed. The most preferred method which ensures secure storage and processing of data outside the enclave is also chosen.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
REFERENCES
Intel® 64 and IA-32 Architectures Software Developer’s Manual Volume 3 (3A, 3B, 3C & 3D). https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-system-programming-manual-325384.pdf.
Overview of Intel Software Guard Extensions Instructions and Data Structures. https://software.intel.com/en-us/ blogs/2016/06/10/overview-of-intel-software-guard-extensions-instructions-and-data-structures.
Intel SGX Explained. https://eprint.iacr.org/2016/086.pdf.
Shay Gueron, A Memory Encryption Engine Suitable for General Purpose Processors. https://eprint.iacr.org/ 2016/204.pdf.
Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Ensuring confidentiality of data of users of cloud systems using the Intel SGX technology, Sbornik materialov 15-i mezhdunarodnoi konferentsii Regional’naya informatika (RI 2016) (Proc. 15th Int. Conf. Reg. Inf. (RI 2016)), 2016.
Zegzhda, D.P., Usov, E.S., Nikol’skii, A.V., and Pavlenko, E.Yu., Use of Intel SGX to ensure the confidentiality of data of cloud users, Autom. Control Comput. Sci., 2017, vol. 51, no. 8, pp. 848–854.
Usov, E.S., Nikol’skii, A.V., Pavlenko, E.Yu., and Zegzhda, D.P., Organization of secure cloud computing using Intel SGX, Sbornik materialov 25-i nauchno-tekhnicheskoi konferentsii Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informatsii (Proc. 25th Sci.-Tech. Conf. Methods and Technical Means for Ensuring Information Security), 2016.
Usov, E.S., Nikol’skii, A.V., and Zegzhda, D.P., Ensuring safe data input/output operations for SGX Enclave, Sbornik materialov 26-i nauchno-tekhnicheskoi konferentsii Metody i tekhnicheskie sredstva obespecheniya bezopasnosti informatsii (Proc. 26th Sci. Tech. Conf. Methods and Technical Means for Ensuring Information Security), 2017.
Xiaoyu Ruan, Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine, 2014.
Khalid Maklai, Intel® Identity Protection Technology (Intel® IPT) with PKI and Protected Transaction Display. https://software.intel.com/sites/default/files/managed/5f/4e/IPTwithPKI_ProtTransDisplay.pdf.
Intel® Software Guard Extensions SDK for Windows* OS. https://software.intel.com/sites/default/files/managed/41/58/sgx-sdk-developer-reference-for-windows.pdf.
Author information
Authors and Affiliations
Corresponding authors
Additional information
Translated by O. Pismenov
About this article
Cite this article
Zegzhda, D.P., Usov, E.S., Nikol’skii, A.V. et al. Ensuring Secure Data Input/Output Operations for SGX ENCLAVE. Aut. Control Comp. Sci. 52, 1036–1041 (2018). https://doi.org/10.3103/S0146411618080321
Received:
Published:
Issue Date:
DOI: https://doi.org/10.3103/S0146411618080321