Title:

A dedicated introduction to Software Guard eXtension and a gaze at its security challenges.

Name:

Flavio Toffalini, PhD

Abstract:

Security in cloud environments is a crucial asset for successful application on the Internet. However, the infrastructure host can easily have access to the guest virtual machines, exfiltrate data, or tamper with the process execution. To cope with these issues, Intel proposes an advanced technology, called Software Guard eXtension (SGX), that allows one to shield applications modules, called enclaves, and effectively avoid host attacks.

SGX combines hardware features, whose integrity can be remotely proved, and an alternative programming pattern to isolate the enclaves.

In this talk, we first walk through an introduction to SGX. We discuss its main features and their implementation. Moreover, we focus on the integration of this technology into known projects.

The second part revolves around the SGX security aspects. We discuss possible limitations of SGX, how the research is helping in understanding the extension of its limits, and their implication in the cyber security domain.

Short bio:

Flavio Toffalini is a PostDoc in the HexHive group at EPFL. He works on system security in the context of trusted applications. Specifically, he studies threats and mitigation for SGX and similar technologies, and works on remote attestation protocols. His background ranges from software engineering to mitigation and bugs found. He also belongs to conference committees such as DIMVA.

Time and date:

16:10, April 25th, 2022

Location: TM 724-3024-5155