Intel Software Guard Extensions: Introduction and Open Research Challenges

Hardware-enhanced security is an important pillar of secure systems in general and software protection in particular. This presentation will survey the recently announced Intel Software Guard Extensions (Intel SGX) as well as innovative usages for building secure systems using security-enhanced hardware. Intel SGX is an Intel technology for application developers who are seeking to protect select code and data from disclosure or modification. Intel SGX makes such protections possible through the use of enclaves, which are protected areas of execution. Security critical application code can be put into an enclave by special instructions and is then hardware protected from attacks by other potentially malicious software. An enclave can therefore be shielded against attacks by untrusted application parts, by other applications, and also against attacks by a compromised operating system.