PANOPLY provides middleware for SGX and Linux operating systems.

What

PANOPLY provides middleware for SGX and Linux operating systems which has low TCB and support all standard POSIX APIs.

Why

  • Enclaves have severely limited capabilities: no native access to system calls and standard OS abstractions.
  • Current systems have a large TCB which leads to too much overhead.
  • There are security risks in Multi-Enclave applications.

How

  • Using microns (micro-container) keep libc outside the enclave.
  • micron is a unit of application logic which runs on the Intel SGX hardware enclaves.

Some Detail
  • Evaluation on four real world software (Tor v0.2.5.11 , H2O v2.0.0 , OpenSSL v1.0.1m , FreeTDS v0.95.81 ):

    • Expressiveness & Security.
    • TCB -> How much TCB reduction achieve over Library OSes
    • Performance -> Perform compared to Library OSes

Note: PANOPLY: Low-TCB Linux Applications with SGX Enclaves的更多相关文章

  1. 24 MUST HAVE ESSENTIAL LINUX APPLICATIONS IN 2016

    Brief: Whare the must have applications for Linux? The answer is subjective and it depends on for wh ...

  2. 来聊一聊不low的Linux命令——find、grep、awk、sed

    前几天面试,被一位面试官嫌弃了"你的Linux命令有点low".被嫌弃也挺正常的,因为我的简历写的我自己都有点看不下去:了解Linux常用命令,如ls,tail -f等命令,基本满 ...

  3. Note: Eleos: ExitLess OS Services for SGX Enclaves

    Eleos increased I/O and memory intensive SGX program execution performance with In-enclave system ca ...

  4. 一种比较low的linux的hung分析

    在调试一个功能的时候,发现了两种hung,以前认为的hung肯定是softlock导致的,后来才发现不一定要有lock这种结构,但是有类似于锁的功能的时候,也可能触发hung,为了避免大家走弯路,故记 ...

  5. 在RedHat 和 Ubuntu 中配置 Delphi 的Linux开发环境(转)

    原文地址:http://chapmanworld.com/2016/12/29/configure-delphi-and-redhat-or-ubuntu-for-linux-development/ ...

  6. Linux Delay Accounting

    https://andrestc.com/post/linux-delay-accounting/ Ever wondered how long is your program spending wh ...

  7. How to use, monitor, and disable transparent hugepages in Red Hat Enterprise Linux 6

    Resolution Note: Transparent Huge Pages are not available on the 32-bit version of RHEL 6. Transpare ...

  8. Linux kernel memory-faq.txt

    ## Linux kernel memory-faq.txt What is some existing documentation on Linux memory management? Ulric ...

  9. 路由器逆向分析------QEMU的下载和安装(Linux平台)

    本文博客地址:http://blog.csdn.net/qq1084283172/article/details/68953160 一.QEMU源码的下载和编译 QEMU源码的github下载地址:h ...

随机推荐

  1. ZSetOperations

    有序集合,默认按照score升序排列,存储格式K(1)==V(n),V(1)=S(1)(K=key,V=value,S=score) 1.add(K,V,S):添加 2.count(K,Smin,Sm ...

  2. MVC中URL传多个参数

    1.mvc中url传递多个参数不能直接使用&,会报错(从客户端(&)中检测到有潜在危险的 Request.Path 值) 方法①:使用?---/Home/Index/?id=xxx&a ...

  3. getline()函数详解 (2013-03-26 17:19:58)

     学习C++的同学可能都会遇到一个getline()函数,譬如在C++premer中,标准string类型第二小节就是“用getline读取整行文本”.书上给的程序如下: int main() {   ...

  4. Android之ExpandableList扩展用法(基于BaseExpandableListAdapter)

    1.简介 基于基于BaseExpandableListAdapter扩展的ExpandableList用法,现在网上流行的主要有两种:第一种是向BaseExpandableListAdapter传入两 ...

  5. C++ template 声明与定义

    今天编码的时候,发现了一个错误,就是模板代码在链接的时候找不到方法. 情况大概如下: 在 "Manager.h" 中 class Manager { public: templat ...

  6. 标准模板库(STL)学习指南之set集合

    set是关联容器.其键值就是实值,实值就是键值,不可以有重复,所以我们不能通过set的迭代器来改变set的元素的值,set拥有和list相同的特性:当对他进行插入和删除操作的时候,操作之前的迭代器依然 ...

  7. tx1 高温不启动问题解决办法

    执行: vim /boot/extlinux/extlinux.conf 修改为下面红框标注的样式: 拷贝此文件下所有内容到/boot目录下. 检查是否成功:

  8. JAVAset容器基本知识

    import java.io.PrintWriter; import java.util.HashSet; import java.util.Scanner; import java.util.Ite ...

  9. live555源代码分析

    live555源代码下载(VC6工程):http://download.csdn.net/detail/leixiaohua1020/6374387 liveMedia 项目(http://www.l ...

  10. 微服务理论之五:微服务架构 vs. SOA架构

    一.面向服务的架构SOA 面向服务的架构是一种软件体系结构,应用程序的不同组件通过网络上的通信协议向其他组件提供服务.通信可以是简单的数据传递,也可以是两个或多个服务彼此协调连接.这些独特的服务执行一 ...