Intel® Software Guard Extensions (Intel® SGX)
Use hardware-based isolation and memory encryption to provide more code protection in your solutions.

How to Protect images and files using SGX

Sam5
New Contributor I
226 Views

Hi,

Is it possible to use file descriptor for any kind of file operation and carrying the image from one system to another via SGX?

-Thanks

0 Kudos
1 Solution
Surenthar_S_Intel
226 Views

Hi Sam,

For file i/O operations, you need to define file I/O APIs as OCALLs in the EDL file and include additional declarations in a header file, which can be included in the EDL file. If you want to carry image/files from one machine to another, you cannot use the sealing API that the SGX provides. Instead, enclaves running on both machines need to agreed on a shared key or have a key provisioned by a 3rd party.

-Surenthar

 

View solution in original post

2 Replies
Surenthar_S_Intel
227 Views

Hi Sam,

For file i/O operations, you need to define file I/O APIs as OCALLs in the EDL file and include additional declarations in a header file, which can be included in the EDL file. If you want to carry image/files from one machine to another, you cannot use the sealing API that the SGX provides. Instead, enclaves running on both machines need to agreed on a shared key or have a key provisioned by a 3rd party.

-Surenthar

 

Sam5
New Contributor I
226 Views

Thanks for you detailed Information

Reply