PANOPLY provides middleware for SGX and Linux operating systems.

What

PANOPLY provides middleware for SGX and Linux operating systems which has low TCB and support all standard POSIX APIs.

Why

  • Enclaves have severely limited capabilities: no native access to system calls and standard OS abstractions.
  • Current systems have a large TCB which leads to too much overhead.
  • There are security risks in Multi-Enclave applications.

How

  • Using microns (micro-container) keep libc outside the enclave.
  • micron is a unit of application logic which runs on the Intel SGX hardware enclaves.

Some Detail
  • Evaluation on four real world software (Tor v0.2.5.11 , H2O v2.0.0 , OpenSSL v1.0.1m , FreeTDS v0.95.81 ):

    • Expressiveness & Security.
    • TCB -> How much TCB reduction achieve over Library OSes
    • Performance -> Perform compared to Library OSes

Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves的更多相关文章

  1. 24 MUST HAVE ESSENTIAL LINUX APPLICATIONS IN 2016

    Brief: Whare the must have applications for Linux? The answer is subjective and it depends on for wh ...

  2. 来聊一聊不low的Linux命令——find、grep、awk、sed

    前几天面试,被一位面试官嫌弃了"你的Linux命令有点low".被嫌弃也挺正常的,因为我的简历写的我自己都有点看不下去:了解Linux常用命令,如ls,tail -f等命令,基本满 ...

  3. Note: Eleos: ExitLess OS Services for SGX Enclaves

    Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system ca ...

  4. 一种比较low的linux的hung分析

    在调试一个功能的时候,发现了两种hung,以前认为的hung肯定是softlock导致的,后来才发现不一定要有lock这种结构,但是有类似于锁的功能的时候,也可能触发hung,为了避免大家走弯路,故记 ...

  5. 在RedHat 和 Ubuntu 中配置 Delphi 的Linux开发环境(转)

    原文地址:http://chapmanworld.com/2016/12/29/configure-delphi-and-redhat-or-ubuntu-for-linux-development/ ...

  6. Linux Delay Accounting

    https://andrestc.com/post/linux-delay-accounting/ Ever wondered how long is your program spending wh ...

  7. How to use, monitor, and disable transparent hugepages in Red Hat Enterprise Linux 6

    Resolution Note: Transparent Huge Pages are not available on the 32-bit version of RHEL 6. Transpare ...

  8. Linux kernel memory-faq.txt

    ## Linux kernel memory-faq.txt What is some existing documentation on Linux memory management? Ulric ...

  9. 路由器逆向分析------QEMU的下载和安装(Linux平台)

    本文博客地址:http://blog.csdn.net/qq1084283172/article/details/68953160 一.QEMU源码的下载和编译 QEMU源码的github下载地址:h ...

随机推荐

  1. JAVA发送手机短信

    <p><span>JAVA发送手机短信,流传有几种方法:(1)使用webservice接口发送手机短信,这个可以使用sina提供的webservice进行发送,但是需要进行注册 ...

  2. 分享知识-快乐自己:快速理解(Java内部类)

    1):成员内部类 什么是内部类?: 内部类就是在一个类中定义另一个类. 定义语法: 使用命令行查看编译 产生的文件: 如何生成内部类对象? 创建规则:内部类对象 需要先声明外部类对象. 内部类以及外部 ...

  3. 浏览器访问web站点原理图

    启动tomcat,在浏览器中输入http://localhost:8080/web_kevin/hello.html,发生的事情如下: 1.浏览器解析主机名,即解析localhost.浏览器首先会到本 ...

  4. ES doc_values介绍——本质是field value的列存储,做聚合分析用,ES默认开启,会占用存储空间(列存储压缩技巧,除公共除数或者同时减去最小数,字符串压缩的话,直接去重后用数字ID压缩)

    doc_values Doc values are the on-disk data structure, built at document index time, which makes this ...

  5. css 多行文本以...代替

    <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title> ...

  6. leetcode 6 ZigZag Conversion(水题)

    就是简单的模拟一下就可以了.但是我一开始是用一个二维char数组来存的,这样在最终扫全体时会扫很多空的位置,浪费了很多时间,所以就time limit error了. 所以改进一下就用string数组 ...

  7. Python解决中文字符的问题

    from __future__ import unicode_literals print(type("test")) #<type 'unicode'> Chinat ...

  8. vscode 小笔记

    用户设置: { "git.ignoreMissingGitWarning": true, "workbench.statusBar.feedback.visible&qu ...

  9. Java中的泛型、枚举和注解

    1.泛型: 一.为什么要有泛型(Generic)?1.解决元素存储的安全性问题任何类型都可以添加到集合中:类型不安全2.解决获取数据元素时,需要类型强转的问题读取出来的对象需要强转:繁琐可能有Clas ...

  10. PS 滤镜——(扭曲)逆球面化 (凹陷效果)

    %%% Inverse_Spherize %%% 逆球面化 clc; clear all; close all; addpath('E:\PhotoShop Algortihm\Image Proce ...