schmittlauch/surveypaper-drm-tee
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

background: Intel SGX

Browse source
This commit is contained in:
Trolli Schmittlauch 2018-09-07 15:29:46 +02:00
parent e2c16a23b3
commit 99dd83b1aa
3 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
main.tex
View file

@ -163,12 +163,12 @@ Although Apple's own \acp{SoC} use the ARM architecture, the company has decided
\subsubsection{Intel SGX}\label{sec:SGX}
Intel's \acf{SGX} are a method to launch multiple trusted components into their own fully isolated \textit{enclaves} and thus, according to \cite{hartigLateralThinkingTrustworthy2017}, can be seen as a more advanced version of the late-launch approach (\ref{sec:TPM}).
Enclaves can be scheduled by the OS like normal processes, but code and memory of enclaves are only visible from the inside. Enclave memory resides in the common system's DRAM but is transparently encrypted. \\
Additionally, \ac{SGX} includes attestation of code running within an enclave similar to \ac{TPM}, but itself doesn't provide secure storage or other \ac{TPM} features. \\
As only userland code running in ring 3 can be run inside enclaves, relying on the \ac{OS} for scheduling and resource management, \ac{SGX} is vulnerable to side-channel attacks \cite{peinadom.ControlledChannelAttacksDeterministic2015}.
lockdown techniques: TPM, secure boot
TEEs: SGX, TrustZone
(InkTag?)
Android DRM, EME DRM arch, TBDRM (-> fTPM)