SGXIO: Generic Trusted I/O Path for Intel SGX

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Application security traditionally strongly relies upon security of the underlying operating system.
However, operating systems often fall victim to software attacks, compromising security of applications as well.
To overcome this dependency, Intel SGX allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave.
However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices.

This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices.
To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures.
Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves.
SGXIO surpasses traditional use cases in cloud computing and digital rights management and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise.
It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box.
Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.
Original languageEnglish
Title of host publicationProceedings of the Seventh ACM Conference on Data and Application Security and Privacy
Pages261-268
DOIs
Publication statusPublished - 2017
Event7th ACM Conference on Data and Application Security and Privacy - Scottsdale, Arizona, United States
Duration: 22 Mar 201724 Mar 2017
http://www.codaspy.org/

Conference

Conference7th ACM Conference on Data and Application Security and Privacy
Abbreviated titleCODASPY 2017
CountryUnited States
CityScottsdale, Arizona
Period22/03/1724/03/17
Internet address

Fingerprint

Cloud computing
Hardware
Malware

Cite this

Weiser, S., & Werner, M. (2017). SGXIO: Generic Trusted I/O Path for Intel SGX. In Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy (pp. 261-268) https://doi.org/10.1145/3029806.3029822

SGXIO: Generic Trusted I/O Path for Intel SGX. / Weiser, Samuel; Werner, Mario.

Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy. 2017. p. 261-268.

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Weiser, S & Werner, M 2017, SGXIO: Generic Trusted I/O Path for Intel SGX. in Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy. pp. 261-268, 7th ACM Conference on Data and Application Security and Privacy, Scottsdale, Arizona, United States, 22/03/17. https://doi.org/10.1145/3029806.3029822
Weiser S, Werner M. SGXIO: Generic Trusted I/O Path for Intel SGX. In Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy. 2017. p. 261-268 https://doi.org/10.1145/3029806.3029822
Weiser, Samuel ; Werner, Mario. / SGXIO: Generic Trusted I/O Path for Intel SGX. Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy. 2017. pp. 261-268
@inproceedings{04f276fab3264d7c8e863834b08e5304,
title = "SGXIO: Generic Trusted I/O Path for Intel SGX",
abstract = "Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel SGX allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and digital rights management and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.",
author = "Samuel Weiser and Mario Werner",
year = "2017",
doi = "10.1145/3029806.3029822",
language = "English",
pages = "261--268",
booktitle = "Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy",

}

TY - GEN

T1 - SGXIO: Generic Trusted I/O Path for Intel SGX

AU - Weiser, Samuel

AU - Werner, Mario

PY - 2017

Y1 - 2017

N2 - Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel SGX allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and digital rights management and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.

AB - Application security traditionally strongly relies upon security of the underlying operating system. However, operating systems often fall victim to software attacks, compromising security of applications as well. To overcome this dependency, Intel SGX allows to protect application code against a subverted or malicious OS by running it in a hardware-protected enclave. However, SGX lacks support for generic trusted I/O paths to protect user input and output between enclaves and I/O devices. This work presents SGXIO, a generic trusted path architecture for SGX, allowing user applications to run securely on top of an untrusted OS, while at the same time supporting trusted paths to generic I/O devices. To achieve this, SGXIO combines the benefits of SGX's easy programming model with traditional hypervisor-based trusted path architectures. Moreover, SGXIO can tweak insecure debug enclaves to behave like secure production enclaves. SGXIO surpasses traditional use cases in cloud computing and digital rights management and makes SGX technology usable for protecting user-centric, local applications against kernel-level keyloggers and likewise. It is compatible to unmodified operating systems and works on a modern commodity notebook out of the box. Hence, SGXIO is particularly promising for the broad x86 community to which SGX is readily available.

U2 - 10.1145/3029806.3029822

DO - 10.1145/3029806.3029822

M3 - Conference contribution

SP - 261

EP - 268

BT - Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy

ER -