PANOPLY provides middleware for SGX and Linux operating systems.

What

PANOPLY provides middleware for SGX and Linux operating systems which has low TCB and support all standard POSIX APIs.

Why

  • Enclaves have severely limited capabilities: no native access to system calls and standard OS abstractions.
  • Current systems have a large TCB which leads to too much overhead.
  • There are security risks in Multi-Enclave applications.

How

  • Using microns (micro-container) keep libc outside the enclave.
  • micron is a unit of application logic which runs on the Intel SGX hardware enclaves.

Some Detail
  • Evaluation on four real world software (Tor v0.2.5.11 , H2O v2.0.0 , OpenSSL v1.0.1m , FreeTDS v0.95.81 ):

    • Expressiveness & Security.
    • TCB -> How much TCB reduction achieve over Library OSes
    • Performance -> Perform compared to Library OSes

Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves的更多相关文章

  1. 24 MUST HAVE ESSENTIAL LINUX APPLICATIONS IN 2016

    Brief: Whare the must have applications for Linux? The answer is subjective and it depends on for wh ...

  2. 来聊一聊不low的Linux命令——find、grep、awk、sed

    前几天面试,被一位面试官嫌弃了"你的Linux命令有点low".被嫌弃也挺正常的,因为我的简历写的我自己都有点看不下去:了解Linux常用命令,如ls,tail -f等命令,基本满 ...

  3. Note: Eleos: ExitLess OS Services for SGX Enclaves

    Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system ca ...

  4. 一种比较low的linux的hung分析

    在调试一个功能的时候,发现了两种hung,以前认为的hung肯定是softlock导致的,后来才发现不一定要有lock这种结构,但是有类似于锁的功能的时候,也可能触发hung,为了避免大家走弯路,故记 ...

  5. 在RedHat 和 Ubuntu 中配置 Delphi 的Linux开发环境(转)

    原文地址:http://chapmanworld.com/2016/12/29/configure-delphi-and-redhat-or-ubuntu-for-linux-development/ ...

  6. Linux Delay Accounting

    https://andrestc.com/post/linux-delay-accounting/ Ever wondered how long is your program spending wh ...

  7. How to use, monitor, and disable transparent hugepages in Red Hat Enterprise Linux 6

    Resolution Note: Transparent Huge Pages are not available on the 32-bit version of RHEL 6. Transpare ...

  8. Linux kernel memory-faq.txt

    ## Linux kernel memory-faq.txt What is some existing documentation on Linux memory management? Ulric ...

  9. 路由器逆向分析------QEMU的下载和安装(Linux平台)

    本文博客地址:http://blog.csdn.net/qq1084283172/article/details/68953160 一.QEMU源码的下载和编译 QEMU源码的github下载地址:h ...

随机推荐

  1. TortoiseGit做push时提示Disconnected: No supported authentication methods available (server sent: publickey)错误

    通过Git从远程服务器上获得到自己的项目,但是通过TortoiseGit做push时提示Disconnected: No supported authentication methods availa ...

  2. Codeforces 876C Classroom Watch:枚举

    题目链接:http://codeforces.com/contest/876/problem/C 题意: 定义函数:f(x) = x + 十进制下x各位上的数字之和 给你f(x)的值(f(x) < ...

  3. php: 0跟字符串做比较永远是true。 php大bug。

    php: 0跟字符串做比较永远是true. php大bug. 如: $a = 0; if( $a == 'excel') { echo "yes"; }else{ echo &qu ...

  4. Selenium-鼠标操作

    有些特殊的系统可能需要模拟键盘或者鼠标的操作才可以 鼠标的操作不仅仅是click()单击操作,还有很多包含在ActionChains类中 context_click(elem) 右击鼠标点击元素ele ...

  5. mfc创建文档视图过程

    一.如何创建文档视图界面: 创建新的文档视图界面,只需要调用CDocTemplate::OpenDocumentFile(strpath)即可.(strpath为要打开的文档路径,如果是NULL,则生 ...

  6. 【二叉树的递归】04找出二叉树中路径和等于给定值的所有路径【Path Sum II】

    ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 给定一个二叉树和一个和,判断这个树 ...

  7. 【IPC通信】key_t键和ftok函数

    System V IPC分为三种: System V消息队列 System V信号量 System V共享内存区 这三种类型的IPC使用key_t值做为它们的名字. key_t这个数据类型在<s ...

  8. 表达式计算-----------eval()运算符

    1.java的eval()方法(或称之为运算符)可以将字符串解析成可以运行的javaScript代码,例如 eval()只有一个参数.如果传入的参数不是一个字符串,那么它会直接返回这个参数.如果传入的 ...

  9. ORACLE 强制索引

    在一些场景下,可能ORACLE不会自动走索引,这时候,如果对业务清晰,可以尝试使用强制索引. 使用强制索引,在SELECT 后面加上/*.......*/ 中间加上索引的属性,代码如下: SELECT ...

  10. 使用IronPython集成Python和.NET

    本文由 伯乐在线 - 艾凌风 翻译,Daetalus 校稿.未经许可,禁止转载!英文出处:www.informit.com.欢迎加入翻译组. 从两个优秀的世界各取所需,更高效的复用代码.想想就醉了,. ...