1 / 24

Trusted execution environment and software security

Trusted execution environment and software security. Peng Xu peng@sec.in.tum.de Lehrstuhl für IT -Security, Fakultät für Informatik , Technische Universität München 23.04.2019. Agenda. Problems and Solutions Problems Solutions Trusted Execution Environment Architecture Examples

idana
Télécharger la présentation

Trusted execution environment and software security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trusted execution environment and software security • Peng Xu • peng@sec.in.tum.de • Lehrstuhl für IT-Security, FakultätfürInformatik, • Technische Universität München • 23.04.2019

  2. Agenda • Problems and Solutions • Problems • Solutions • Trusted Execution Environment • Architecture • Examples • Courses • Content • Tasks and exercises • Requirements • Grading

  3. Problems? Peng Xu, I20, peng@sec.in.tum.de

  4. Problems? Peng Xu, I20, peng@sec.in.tum.de

  5. Problems? Peng Xu, I20, peng@sec.in.tum.de

  6. Problems? Peng Xu, I20, peng@sec.in.tum.de

  7. Solutions – Software fault isolation Peng Xu, I20, peng@sec.in.tum.de

  8. Solutions – Software fault isolation https://drive.google.com/file/d/0B5pbq4t2T2_fM2h1dnd3TFRud0E/view Peng Xu, I20, peng@sec.in.tum.de

  9. Solutions – Sandbox Peng Xu, I20, peng@sec.in.tum.de

  10. Solutions – Sandbox https://www.ghacks.net/2012/08/09/chromes-flash-sandbox-improves-with-better-security-less-crashes/ Peng Xu, I20, peng@sec.in.tum.de

  11. Solutions – Virtualization & Containers Peng Xu, I20, peng@sec.in.tum.de

  12. Solutions – Hardware isolation Peng Xu, I20, peng@sec.in.tum.de

  13. Problems and Solutions • Problems • Solutions

  14. TEE Architecture – Intel SGX Peng Xu, I20, peng@sec.in.tum.de

  15. TEE Architecture – Intel SGX Peng Xu, I20, peng@sec.in.tum.de

  16. TEE Architecture – ARM TrustZone Peng Xu, I20, peng@sec.in.tum.de

  17. https://medium.com/weeves-world/ethereum-wallet-in-a-trusted-execution-environment-secure-enclave-b200b4df9f5fhttps://medium.com/weeves-world/ethereum-wallet-in-a-trusted-execution-environment-secure-enclave-b200b4df9f5f Peng Xu, I20, peng@sec.in.tum.de

  18. https://slideplayer.com/slide/8844767/ Peng Xu, I20, peng@sec.in.tum.de

  19. https://www.microsoft.com/en-us/research/uploads/prod/2018/02/enclavedb.pdfhttps://www.microsoft.com/en-us/research/uploads/prod/2018/02/enclavedb.pdf Peng Xu, I20, peng@sec.in.tum.de

  20. https://twitter.com/rzshokri/status/985792775189757952 Peng Xu, I20, peng@sec.in.tum.de

  21. Problems and Solutions • Problems • Solutions • Trusted Execution Environment • Architecture • Examples

  22. Pre-knowledge • C/C++ programming  language • Basic knowledge of the operating system • Program analysis: static analysis and dynamic analysis • Knowledge of compiler is better (LLVM/GCC) • Sever access • Sshusername@praksrv.sec.in.tum.de • Username and passwd, I will send them by email • www.in.sec.in.tum.de

  23. Content and Tasks • Attestation(local/remote) • Sealed Data storage/Secure_storage • Encryption/decryption • Random • SGX performance analysis tool • Enclave_database • Enclave_ssl • Enclave_ledger • Automatic program slicing

  24. Grading • Homework • Attendance • Discussion

More Related