SMILE: Secure memory introspection for live enclave

SMILE: Secure memory introspection for live enclave

SGX enclaves prevent external software from accessing their memory. This feature conflicts with legitimate needs for enclave memory introspection, e.g., runtime stack collection on an enclave under a return-oriented-programming attack. We propose SMILE for enclave owners to acquire live enclave cont...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHOU, Lei, DING, Xuhua, ZHANG Fengwei
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2022
Subjects:
Data privacy
Runtime
Protocols
Prototypes
Software
Hardware
Encryption
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/7619
https://ink.library.smu.edu.sg/context/sis_research/article/8622/viewcontent/smile_sp22.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-8622
record_format dspace
spelling sg-smu-ink.sis_research-86222022-12-22T03:23:28Z SMILE: Secure memory introspection for live enclave ZHOU, Lei DING, Xuhua ZHANG Fengwei, SGX enclaves prevent external software from accessing their memory. This feature conflicts with legitimate needs for enclave memory introspection, e.g., runtime stack collection on an enclave under a return-oriented-programming attack. We propose SMILE for enclave owners to acquire live enclave contents with the assistance of a semi-trusted agent installed by the host platform’s vendor as a plug-in of the System Management Interrupt handler. SMILE authenticates the enclave under introspection without trusting the kernel nor depending on the SGX attestation facility. SMILE is enclave security preserving as breaking of SMILE does not undermine enclave security. It allows a cloud server to provide the enclave introspection service. We have implemented a SMILE prototype and run various experiments to read enclave code, heap, stack and SSA frames. The total cost for introspecting one page is less than 300 microseconds. 2022-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7619 info:doi/10.1109/SP46214.2022.9833714 https://ink.library.smu.edu.sg/context/sis_research/article/8622/viewcontent/smile_sp22.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Data privacy Runtime Protocols Prototypes Software Hardware Encryption Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Data privacy
Runtime
Protocols
Prototypes
Software
Hardware
Encryption
Information Security
spellingShingle Data privacy
Runtime
Protocols
Prototypes
Software
Hardware
Encryption
Information Security
ZHOU, Lei
DING, Xuhua
ZHANG Fengwei,
SMILE: Secure memory introspection for live enclave
description SGX enclaves prevent external software from accessing their memory. This feature conflicts with legitimate needs for enclave memory introspection, e.g., runtime stack collection on an enclave under a return-oriented-programming attack. We propose SMILE for enclave owners to acquire live enclave contents with the assistance of a semi-trusted agent installed by the host platform’s vendor as a plug-in of the System Management Interrupt handler. SMILE authenticates the enclave under introspection without trusting the kernel nor depending on the SGX attestation facility. SMILE is enclave security preserving as breaking of SMILE does not undermine enclave security. It allows a cloud server to provide the enclave introspection service. We have implemented a SMILE prototype and run various experiments to read enclave code, heap, stack and SSA frames. The total cost for introspecting one page is less than 300 microseconds.
format text
author ZHOU, Lei
DING, Xuhua
ZHANG Fengwei,
author_facet ZHOU, Lei
DING, Xuhua
ZHANG Fengwei,
author_sort ZHOU, Lei
title SMILE: Secure memory introspection for live enclave
title_short SMILE: Secure memory introspection for live enclave
title_full SMILE: Secure memory introspection for live enclave
title_fullStr SMILE: Secure memory introspection for live enclave
title_full_unstemmed SMILE: Secure memory introspection for live enclave
title_sort smile: secure memory introspection for live enclave
publisher Institutional Knowledge at Singapore Management University
publishDate 2022
url https://ink.library.smu.edu.sg/sis_research/7619
https://ink.library.smu.edu.sg/context/sis_research/article/8622/viewcontent/smile_sp22.pdf
_version_ 1770576395770003456

Similar Items