针对SGX的攻击与防御综述  被引量:2

Survey of Attacks and Defenses against SGX

在线阅读下载全文

作  者:张亚晖 赵敏 韩欢 ZHANG Ya-hui;ZHAO Min;HAN Huan(Army Engineering University of PLA,Chongqing 400035,China;Army Engineering University of PLA,Nanjing 210007,China)

机构地区:[1]陆军工程大学,重庆400035 [2]陆军工程大学,江苏南京210007

出  处:《计算机技术与发展》2020年第11期104-110,共7页Computer Technology and Development

基  金:江苏省自然科学基金(BK20180080)。

摘  要:如何防止恶意攻击者窃取用户数据或隐私,是当前信息安全领域研究的热难点问题。2013年,Intel公司在HASP会议上提出了新的处理器安全技术SGX(software guard extensions,软件保护扩展),能够在计算平台上提供一个可信的隔离空间enclave,用于保障用户代码和数据的机密性和完整性。SGX是信息安全领域突破性的研究成果,对于个人用户和云计算平台用户都具有重大意义。但同时针对SGX的攻击的威胁模型非常强大,SGX的攻击面不断地被发掘,其防御技术也不断更新。为更好地研究针对SGX的攻击与防御技术,介绍了针对SGX攻击的威胁模型,总结归纳了针对SGX的攻击类型,分析了针对SGX攻击的防御措施,并对未来可能的针对SGX的攻击与防御技术进行了探讨。How to deal with the increasingly severe information security situation and prevent malicious attackers from stealing user data or privacy is a hot and difficult problem in the current information security field.In 2013,a new processor security technology SGX(software guard extensions)is proposed by Intel at the HASP conference,which can provide a trusted zone named enclave on the computing platform to protect the confidentiality and integrity of user code and data.SGX is a breakthrough research achievement in the field of information security,which is of great significance to individual users and tenants of cloud computing platforms.However,the threat model of SGX is quite strong,the attack surface against SGX is constantly being explored,and its defense technology is constantly updated.For in-depth research on SGX attack and defense technologies,we introduce the threat model of SGX,summarize the attack types against SGX,analyze the defense measures against SGX attacks,and discuss future possible attack and defense techniques against SGX.

关 键 词:SGX 威胁模型 可信计算基 攻击类型 防御措施 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象