Intel Secure Guard for Application Systems

Intel has been working on security extensions to their processors to help in the overall security solution for systems. The overall concept looks promising. Fortunately, they’ve been heavily involved in building better support for this in Linux. You can follow highlights here:

Meanwhile, there are ways to conceptualize an application design that applies the extensions. Essentially abstract system primitives at the level of an application. In the process have the ability to expand or contract application boundaries. What would have been two applications are now one physical boundary. Managed runtimes do this all the time, but here you can refine the implementation in a more direct way.

In terms of the overall concepts expressed in Intel SGX, an application may be designed with features that improve resilience to compromise. The following is a rough blueprint I drafted in 2012 that is in alignment with the concepts in SGX:


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.