Data Center
Engage with our experts on Data Center topics
18 Discussions

Third SGX Community Day

2 0 3,021

3rd SGX Community Day Hybrid Event

(Teams meeting link will be provided to registered attendees)

July 26th, 8:00AM – 4:30PM PDT

Intel RA4/Gordon Moore Park

2501 NW 229th Ave, Hillsboro, Oregon, United States

We are happy to announce that Intel is hosting the third SGX Community Day Workshop on Tuesday, July 26th as a hybrid event. This will provide SGX researchers and practitioners a chance to interact and build connections with the Intel SGX team, and also give Intel engineers insight into research directions and use cases. If you are unable to join us in Hillsboro, we welcome virtual attendance as well.


Visit our SGX Community Day 2020 page for more information on past events. Suggestions, comments, or questions about the workshop are very welcome. Please e-mail Mona Vij ( and Emma Call ( Read on below for the schedule and presentation abstracts. 


Note: Unfortunately, Intel is unable to fund travel to the workshop.


Agenda Preview: 

This schedule is subect to change. All updates will be posted to this page.

  Topic: Speaker(s):
8:00-8:15 AM Welcome Mona Vij, Richard Chow, Emma Call, Intel
8:15-9:00 AM  Keynote Talk: Lastest Innovations in the Rapidly Evolving Confidential Computing Industry Vikas Bhatia, Head of Product, Azure Confidential Computing, Microsoft
9:00-9:25 AM A Hardware-Software Co-design for Efficient Intra-Enclave Isolation Jinyu Gu, Assistant Professor, Shanghai Jiao Tong University (SJTU)
9:25-9:50 AM Decentralized Search for. Web3 Mingyu Li, PhD Student, Shanghai Jio Tong University (SJTU)
9:50-10:00 AM Break  
10:00-10:25 AM Cosmian SGX Saas Solution Bruno Grieder, CTO and Co-founder, Cosmian 
10:25-10:50 AM Introduction to MarbleRun, the Control Plane for SGX Workloads Felix Schuster, CEO, Edgeless Stystems 
10:50-11:15 AM  Protecting Secrets in VNF and SW Integrity Assurance  Ben Smeets, Senior Expert Security, Ericsson
11:15-11:25 AM Break  
11:25-11:50 AM Enarx Update Nathaniel McCallum, CTO, Profian
11:50 AM - 12:15 PM  Why The Upcoming Occulum v1.0 Is Going To Be 10x Faster  Hongliang Tian, Ant Group
12:15-12:40 PM Gramine: Current State and Future Plans Dmitrii Kuvaiskii, Research Scientist, Intel Labs
12:40-1:30 PM Lunch  
1:25-1:55 PM Securing Distributed Transactions and Persistent Memory in TEEs

Dimitrios Stavrakakis, PhD Student, TU Munich and Universityof Edinburgh

Dimitria Giantsidi, PhD Student, University of Edinburgh

1:55-2:20 PM Towards a TEE-based V2V Protocol for Connected nd Autonomous Vehicles  Zhiqiang Lin, Professor, Ohio State
2:20-2:45 PM secFlink: A Secure Distributed Stream Processing System

Quoc Do Le, Senior Research Engineer, Huawei Munich Research Center

Lorenzo Affetti, Research Engineer, Huawei Munich Research Center

2:45-2:55 PM Break  
2:55-3:20 PM Microsoft Azure Attestation — A Unified Solution for Remotely Verifying Trustworthiness of Trusted Execution Environments (TEEs) Sindhuri Dittakavi, Production Manager, Microsoft
3:20-3:45 PM Advancing Trust in Confidential Computing — Introducing Project Amber Raghu Yeluri, Senior Principal Engineer, Intel
3:45-4:10 PM Learnings From Using Intel SGX to Enable Trustworthy Federated Learning Systems

Prakash Narayana Moorthy, Research Scientist, Intel Labs 

Shih-han Wang, Research Scientist, Intel Labs 

4:10-4:30 PM  Wrapup  




Lastest Innovations in the Rapidly Evolving Confidential Computing Industry - TBD 


A Hardware-Software Co-design for Efficient Intra-Enclave Isolation

The monolithic programming model has been favored for high compatibility and easing the programming for SGX enclaves, i.e., running the secure code with all dependent libraries or even library OSes (LibOSes). Yet, it inevitably bloats the trusted computing base (TCB) and thus deviates from the goal of high security. Introducing fine-grained isolation can effectively mitigate TCB bloating while existing solutions face performance issues. We observe that the off-the-shelf Intel MPK is a perfect match for efficient intra-enclave isolation. Nonetheless, the trust models between MPK and SGX are incompatible by design. We hence propose LIGHTENCLAVE, which embraces non-intrusive extensions on existing SGX hardware to incorporate MPK securely and allows multiple light-enclaves isolated within one enclave.


Decentralized Search for Web3

This talk addresses a key missing piece in the current ecosystem of decentralized services and blockchain apps: the lack of decentralized, verifiable, and private search. Existing decentralized systems like Steemit, OpenBazaar, and the growing number of blockchain apps provide alternatives to existing services. And yet, they continue to rely on centralized search engines and indexers to help users access the content they seek and navigate the apps. Such centralized engines are in a perfect position to censor content and violate users’ privacy, undermining some of the key tenets behind decentralization.

To remedy this, we introduce DeSearch, the first decentralized search engine that guarantees the integrity and privacy of search results for decentralized services and blockchain apps. DeSearch uses trusted hardware to build a network of workers that execute a pipeline of small search engine tasks (crawl, index, aggregate, rank, query). DeSearch then introduces a witness mechanism to make sure the completed tasks can be reused across different pipelines, and to make the final search results verifiable by end users. We implement DeSearch for two existing decentralized services that handle over 80 million records and 240 GBs of data, and show that DeSearch can scale horizontally with the number of workers and can process 128 million search queries per day.


Cosmian SGX SaaS Solution - TBD 


Introduction to MarbleRun, the Control Plane for SGX Workloads

The management, orchestration, and scaling of SGX-based services comes with unique challenges. How to ensure that each service was launched with the right parameters? How to set up secure connections between services? How to manage shared secrets? How to update code? How to map the concept of remote attestation to a microservice architecture? How to do it all on Kubernetes? The open source MarbleRun project addresses all of these. We’ll give an overview of the philosophy and design of MarbleRun and give hands-on examples for creating end-to-end confidential cloud-native apps with it.


Protecting Secrets in VNF and SW Integrity Assurance - TBD 


Enarx Update - TBD 


Why The Upcoming Occulum v1.0 Is Going To Be 10x Faster - TBD 

Occlum ( is an open-source library OS for Intel SGX. After going through three years of development and 40+ releases, Occlum is finally approaching the first stable version of v1.0 this year! One thing that takes us so long to reach v1.0 is pulling off a series of 10X speedups in various aspects, including thread scheduling, system time, network I/O, and file I/O. This talk sheds some light on how we achieve these speedups.

Gramine: Current State and Future Plans 

Gramine (formerly called "Graphene") is a lightweight library OS, designed to run a single Linux application in an isolated environment -- in particular, inside an Intel SGX enclave on a Linux host. Several major events happened to the Gramine project in the first half of 2022: we released v1.2, added support for Musl C, rewrote the sockets and FS subsystems, improved support for Golang and Rust, and many more. This talk will discuss these recent changes, as well as the project's future plans.


Securing Distributed Transactions and Persistent Memory in TEEs 

While users of online services expect their data stored in the third-party cloud-infrastructure to remain confidential and private, powerful adversaries can compromise their security properties.
Our work attacks this problem and focuses on the design of high-performance data management systems and architectures that aim to offer strong security properties: confidentiality, integrity,
and freshness.

In this talk, we introduce two systems: a secure distributed transactional KV with serializable distributed Txs (Treaty) and a secure persistent memory architecture (ShieldPM). 
Treaty and ShieldPM target strong security properties, confidentiality, integrity, and freshness, under the presence of powerful adversary that can gain control and compromise the entire software system stack while they offer programmability and efficiency. Treaty leverages Trusted Execution Environments (TEEs) to bootstrap its security properties, but it extends the trust provided by the limited enclave (volatile) memory region within a single node to build a secure (stateful) distributed transactional KV store over the untrusted storage, network and machines. To achieve this, Treaty embodies a secure two-phase commit protocol co-designed with a high-performance network library for TEEs. Further, Treaty ensures secure and crash-consistent persistency of committed transactions using a stabilization protocol. ShieldPM goes one step further. We design a secure persistent memory architecture; the perfect foundation for building secure systems for ground-up such as datastores. We exposes APIs for secure data management within the realms of the established PM programming model while ensuring performance and crash consistency. ShieldPM is the first system that is co-designed based on three hardware technologies: TEE, PM and kernel-bypass networking.


Towards A TEE-based V2V Protocol For Connected And Autonomous Vehicles 

Being safer, cleaner, and more efficient, connected and autonomous vehicles (CAVs) are expected to be the dominant vehicles of future transportation systems. However, there are enormous security and privacy challenges while also considering the efficiency and and scalability. One key challenge is how to efficiently authenticate a vehicle in the ad-hoc CAV network and ensure its tamper-resistance, accountability, and non-repudiation. In this paper, we present the design and implementation of Vehicleto-Vehicle (V2V) protocol by leveraging trusted execution environment (TEE), and show how this TEE-based protocol achieves the objective of authentication, privacy, accountability and revocation as well as the scalability and efficiency. We hope that our TEE-based V2V protocol can inspire further research into CAV security and privacy, particularly how to leverage TEE to solve some of the hard problems and make CAV closer to practice.


secFlink: A Secure Distributed Stream Processing System 

Stream processing systems are a critical part of modern online services to transform continuously arriving raw data streams into useful information. This large amount of streaming data may contain private, personal, and sensitive information related, for example, to personal finances or healthcare records. Recently, we have seen regulators’ attention increase on issues regarding how personal data is handled and processed e.g, EU’s GDPR. Thus, the confidentiality and integrity for stream data processing cannot be neglected, especially when the stream processing systems are deployed in public clouds.In this talk, we present secFlink- a secure distributed stream processing framework that supports (i) end-to-end security properties for both input stream data and code, (ii) transparent/automatic remote attestation, and (iii) secure check-pointing. secFlink relies on a trusted execution environment (TEE) such as Intel SGX to provide secure data processing over private and sensitive input data streams. Our evaluation using micro- and macro-benchmarks shows that secFlink can provide strong security guarantees for stream processing with an acceptable overhead.


Microsoft Azure Attestation — A Unified Solution for Remotely Verifying Trustworthiness of Trusted Execution Environments (TEEs)

Microsoft Azure Attestation enables customers to remotely verify that hardware and software on which their workloads run are trustworthy, before allowing access to their confidential data. Azure Attestation supports attestation of multiple Trusted Execution Environment (TEE) types and offers confidentiality promises by running inside an Intel® Software Guard Extensions (SGX) enclave. The talk summarizes service overview, common use cases, benefits and future roadmap. 

Advancing Trust in Confidential Computing — Introducing Project Amber - TBD 


Learnings From Using Intel SGX to Enable Trustworthy Federated Learning Systems - TBD

About the Author
Mona Vij is a Principal Engineer and Cloud and Data Center Security Research Manager at Intel Labs, where she focuses on Pervasive Confidential Computing for end-to-end Cloud to Edge security. Mona received her Master’s degree in Computer Science from University of Delhi, India. Mona leads the research engagements on Trusted execution with several universities. Her research has been featured in journals and conferences including USNIX OSDI, USENIX ATC and ACM ASPLOS, among others. Mona's research interests primarily include confidential computing, memory safety, virtualization, device drivers and operating systems.