Date of Award

Spring 5-2020

Author's School

McKelvey School of Engineering

Author's Department

Computer Science & Engineering

Degree Name

Master of Science (MS)

Degree Type

Thesis

Abstract

Intel Software Guard Extensions (SGX) is a novel hardware-assisted security technology introduced by Intel Corporation. The ambition of Intel SGX is to provide an isolated and secure execution environment for user-space applications. Even if the BIOS is compromised, the protected applications remains secure. The isolated execution environment is located in a special memory region called the enclave. Promoting and using a novel technology requires a good understanding of it. This thesis first contains a systematization of knowledge of the hardware-assisted security technologies, trusted computing and the Intel SGX. What is more, to have the best practice of using Intel SGX, we must understand its advantages and limitations, especially the performance issue. This thesis then has a discussion of where the performance overhead of Intel SGX comes from and how to evaluate and avoid them. In the final chapter of the thesis, we demonstrate how to secure a non-trivial application using Intel SGX and we have a performance analysis of the protected application.

Language

English (en)

Chair

Ning Zhang

Committee Members

Jonathan Shidal Stephen Cole

Included in

Engineering Commons

Share

COinS