Microsoft Windows* 7/ 8.1/10 64-bit version.Provisioning (getting the SGX EPID key to the platform)Īttestation (Remote and Local Attestation (ensuring the enclave was correctly instantiated)) Platform Software (re-distributable component) Can be developed using standard development tools, thereby reducing the learning curve impact on application developers.Can work in concert with other enclaves owned or trusted by the parent application.Uses hardware-based mechanisms to respond to remote attestation challenges that validate its integrity.Benefits from memory protections that thwart memory bus snooping, memory tampering and “cold boot” attacks on images retained in RAM.
#Panoply sgx drivers#
#Panoply sgx driver#
SGX Enclaves can also be remotely provisioned and attested.SGX Enclaves are hardened by CPU-based security mechanisms.Enclaves protect code and data from disclosure or modification.Intel® SGX allows Applications to contain Enclaves.Intel® SGX Enhanced Application Code runs in Ring 3 only.SGX offers developers fine grain, CPU-based security controlsĬPU-based security is harder to compromise. The Intel SGX SDK is a collection of APIs, libraries, documentation, sample source code, and tools that allows software developers to create and debug Intel SGX enabled applications in C/C++.Īs platforms get hardened, attack surface moves to applications.Īpplication attacks typically do not cripple the entire application. Application code can be put into an enclave by special instructions and software made available to developers via the Intel® SGX SDK. Intel SGX makes such protections possible through the use of enclaves, which are protected areas of execution. Intel® Software Guard Extensions (Intel® SGX) is an Intel technology for application developers who are seeking to protect select code and data from disclosure or modification.
Intel® Software Guard Extensions (Intel® SGX):
0 kommentar(er)
