- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Suppose If I build my SGX application om my machine in RELEASE mode, can I execute the same binary on different machine running on Intel SGX?
How is this done usually? If I want my app to be deployed to a cloud, can I build it locally, sign it with the whitelist key and deploy to a cloud server?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>Suppose If I build my SGX application om my machine in RELEASE mode, can I execute the same binary on different machine running on Intel SGX?
Yes. ISVs will typically build their application, sign their enclave, and then create an installation package (for example, .exe or .msi for Windows).
They can then distribute their software to end-user systems and the end-user systems all receive the exact same signed enclave binary.
>How is this done usually? If I want my app to be deployed to a cloud, can I build it locally, sign it with the whitelist key and deploy to a cloud server?
It depends on what application you are trying to distribute, but in a general, big-picture sense, yes, you can do what you are suggesting.
You can offer your app to be downloaded by end-users directly from your website. If your app is offered by OEMs, you could provide it to the OEMs you work with and let them handle distribution. If it's a "Windows Store" app, then the "Windows Store" can handle distribution.
However you would solve this problem for non-SGX applications, you should be able to use the same solution to solve it for SGX applications.
Hope this helps.
Thanks,
Francisco
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
>Suppose If I build my SGX application om my machine in RELEASE mode, can I execute the same binary on different machine running on Intel SGX?
Yes. ISVs will typically build their application, sign their enclave, and then create an installation package (for example, .exe or .msi for Windows).
They can then distribute their software to end-user systems and the end-user systems all receive the exact same signed enclave binary.
>How is this done usually? If I want my app to be deployed to a cloud, can I build it locally, sign it with the whitelist key and deploy to a cloud server?
It depends on what application you are trying to distribute, but in a general, big-picture sense, yes, you can do what you are suggesting.
You can offer your app to be downloaded by end-users directly from your website. If your app is offered by OEMs, you could provide it to the OEMs you work with and let them handle distribution. If it's a "Windows Store" app, then the "Windows Store" can handle distribution.
However you would solve this problem for non-SGX applications, you should be able to use the same solution to solve it for SGX applications.
Hope this helps.
Thanks,
Francisco
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page