论文信息 - On the Performance of Intel SGX

On the Performance of Intel SGX

As cloud computing is widely used in various fields, more and more individuals and organizations are considering outsourcing data to the public cloud. However, the security of the cloud data has become the most prominent concern of many customers, especially those who possess a large volume of valuable and sensitive data. Although some technologies like Homomorphic Encryption were proposed to solve the problem of secure data, the result is still not satisfying. With the advent of Intel SGX processor, which aims to thoroughly eliminate the security concern of cloud environment in a hardware-assisted approach, it brings us a number of questions on its features and its practicability for the current cloud platform. To evaluate the potential impact of Intel SGX, we analyzed the current SGX programming mode and inferred some possible factors that may arise the overhead. To verify our performance hypothesis, we conducted a systematic study on SGX performance by a series of benchmark experiments. After analyzing the experiment result, we performed a workload characterization to help programmer better exploit the current availability of Intel SGX and identify feasible research directions.

[1] Emmett Witchel,et al. InkTag: secure applications on an untrusted operating system , 2013, ASPLOS '13.

[2] Srinivas Devadas,et al. Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[3] Michael Stumm,et al. FlexSC: Flexible System Call Scheduling with Exception-Less System Calls , 2010, OSDI.

[4] Juan del Cuvillo,et al. Using innovative instructions to create trustworthy software solutions , 2013, HASP '13.

[5] Haibo Chen,et al. CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[6] John L. Henning. SPEC CPU suite growth: an historical perspective , 2007, CARN.

[7] Radu Sion,et al. TrustedDB: A Trusted Hardware-Based Database with Privacy and Data Confidentiality , 2011, IEEE Transactions on Knowledge and Data Engineering.

[8] V. Kavitha,et al. A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[9] Galen C. Hunt,et al. Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[10] Peter Kulchyski. and , 2015 .