SecureExecutor: An Automated Way to Leverage SCONE to Enhance Application Security
- 1. School of Electrical and Computer Engineering Technical University of Crete Chania, Greece
- 2. School of Electrical and Computer Engineering, Technical University of Crete, Chania, Greece
Description
Providing security guarantees when executing application code in untrusted environments is vital, especially when handling sensitive data. To address this task, Trusted Execution Environments (TEEs) such as Intel’s Software Guard eXtension (SGX), which implement hardware-based techniques by silicon manufacturers, have been introduced to provide confidentiality and integrity in remote execution. Library OS technologies, e.g., SCONE, aim to facilitate the adoption of TEEs in software development. Despite their essential help, these technologies still require significant effort from developers. In this paper, we introduce SECUREEXECUTOR, a Linux utility that aims to simplify and automate leveraging SCONE in SGX enclaves, i.e., isolated
memory areas. We analyze the design and the internal schema that SECUREEXECUTOR follows, outlining the steps of its usage.
We further apply it to three real-world open-source projects, validating its application and providing important insights.
Files
preprint-SecureExecutor_ An Automated Way to Leverage SCONE to Enhance Application Security.pdf
Files
(478.4 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:5e0ee591708679a4fc95419adb0b8ff5
|
478.4 kB | Preview Download |