vSGX: Virtualizing SGX Enclaves on AMD SEV
Offered By: IEEE via YouTube
Course Description
Overview
Explore a 20-minute IEEE conference talk on virtualizing Intel SGX enclaves on AMD SEV platforms. Delve into the challenges of vendor lock-in in Trusted Execution Environments (TEEs) and discover a novel approach to decoupling TEEs from hardware. Learn about software-defined TEEs, their design goals, and the challenges faced in implementation. Examine the prototype's capabilities, including instruction emulation, memory access, cross-VM communication, and control flow transferring. Analyze performance metrics for instructions, BYTEmark, and Graphene, gaining insights into the potential of this innovative solution for enhancing hardware-independent trusted computing environments.
Syllabus
Intro
Trusted Execution Environment
A problem of Intel SGX... Vendor lock-in
Decoupling TEES from hardware
Software-defined TEE
What our solution is
Design goals
Challenges
Instruction emulation
Memory access
Cross-VM communication
Control flow transferring
Prototype
Capability tested
Performance - Instructions
Performance - BYTEmark
Performance - Graphene
Conclusion
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Securing Linux VM Boot with AMD SEV MeasurementLinux Foundation via YouTube Improving Bootup Performance of Containers with Overlay Images in TEE Environments
Linux Foundation via YouTube Protected KVM on Arm64: A Technical Deep Dive
Linux Foundation via YouTube No More Turtles: The SecondaryVM Framework - An Alternative to Nested Virtualization
Linux Foundation via YouTube The Five Big Problems with Confidential Containers
Linux Foundation via YouTube