Intel Secure Guard for Application Systems

Intel has been working on security extensions to their processors to help in the overall security solution for systems. The overall concept looks promising. Fortunately, they’ve been heavily involved in building better support for this in Linux. You can follow highlights here:  http://phoronix.com/scan.php?page=news_item&px=Intel-SGX-Secure-Guard-Linux

Meanwhile, there are ways to conceptualize an application design that applies the extensions. Essentially abstract system primitives at the level of an application. In the process have the ability to expand or contract application boundaries. What would have been two applications are now one physical boundary. Managed runtimes do this all the time, but here you can refine the implementation in a more direct way.

In terms of the overall concepts expressed in Intel SGX, an application may be designed with features that improve resilience to compromise. The following is a rough blueprint I drafted in 2012 that is in alignment with the concepts in SGX:  http://wp.me/p2RO6W-q

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s