Intel® Software Guard Extensions (Intel® SGX)
Discussion board focused on hardware-based isolation and memory encryption to provide extended code protection in solutions.
1370 Discussions

How to Protect images and files using SGX

Sam5
New Contributor I
‎08-25-2016 02:57 AM
360 Views
Solved Jump to solution

Hi,

Is it possible to use file descriptor for any kind of file operation and carrying the image from one system to another via SGX?

-Thanks

0 Kudos
1 Solution
Surenthar_S_Intel
Employee
‎08-25-2016 03:17 AM
360 Views
Solved Jump to solution

Hi Sam,

For file i/O operations, you need to define file I/O APIs as OCALLs in the EDL file and include additional declarations in a header file, which can be included in the EDL file. If you want to carry image/files from one machine to another, you cannot use the sealing API that the SGX provides. Instead, enclaves running on both machines need to agreed on a shared key or have a key provisioned by a 3rd party.

-Surenthar

 

View solution in original post

0 Kudos
Copy link

Link Copied

2 Replies
Surenthar_S_Intel
Employee
‎08-25-2016 03:17 AM
361 Views
Solved Jump to solution

Hi Sam,

For file i/O operations, you need to define file I/O APIs as OCALLs in the EDL file and include additional declarations in a header file, which can be included in the EDL file. If you want to carry image/files from one machine to another, you cannot use the sealing API that the SGX provides. Instead, enclaves running on both machines need to agreed on a shared key or have a key provisioned by a 3rd party.

-Surenthar

 

0 Kudos
Copy link
Sam5
New Contributor I
‎08-25-2016 04:08 AM
360 Views
Solved Jump to solution

Thanks for you detailed Information

0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.