Sunday, December 25, 2016

Intel solves the verify problem

At its root, Intel® SGX is a set of new CPU instructions that can be used by applications to set aside private regions of code and data. But looking at the technology upward from the instructions is analogous to trying to describe an animal by examining its DNA chain.

In this short post I will try to uplevel things a bit by outlining the objectives that guided the design of Intel® SGX and provide some more detail on two of the objectives. In future posts, I will dive deeper into the remaining objectives and review some of our experiences using Intel® SGX to protect various software applications.

 Much of the motivation for Intel® SGX can be summarized in the following eight objectives:

  •  Allow application developers to protect sensitive data from unauthorized access or modification by rogue software running at higher privilege levels. 
  •  Enable applications to preserve the confidentiality and integrity of sensitive code and data without disrupting the ability of legitimate system software to schedule and manage the use of platform resources. 
  •  Enable consumers of computing devices to retain control of their platforms and the freedom to install and uninstall applications and services as they choose. 
  •  Enable the platform to measure an application’s trusted code and produce a signed attestation, rooted in the processor, that includes this measurement and other certification that the code has been correctly initialized in a trustable environment. 
  •  Enable the development of trusted applications using familiar tools and processes. Allow the performance of trusted applications to scale with the capabilities of the underlying application processor.
Available for Python platforms that meet trading pit security requirements. We do not need to extend bitcoin protocol, we need bitcoin holders to find secure pits and trade their coins.

No comments: