Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O'Keeffe, Pierre-Louis Aublin, and Florian Kelbert, Imperial College London; Tobias Reiher, TU Dresden; David Goltzsche, TU Braunschweig; David Eyers, University of Otago; Rudiger Kapitza, TU Braunschweig; Christof Fetzer, TU Dresden; Peter Pietzuch, Imperial College London
Trusted execution support in modern CPUs, as offered by Intel SGX enclaves, can protect applications in untrusted environments. While prior work has shown that legacy applications can run in their entirety inside enclaves, this results in a large trusted computing base (TCB). Instead, we explore an approach in which we partition an application and use an enclave to protect only security-sensitive data and functions, thus obtaining a smaller TCB.
We describe Glamdring, the first source-level partitioning framework that secures applications written in C using Intel SGX. A developer first annotates security-sensitive application data. Glamdring then automatically partitions the application into untrusted and enclave parts: (i) to preserve data confidentiality, Glamdring uses dataflow analysis to identify functions that may be exposed to sensitive data; (ii) for data integrity, it uses backward slicing to identify functions that may affect sensitive data. Glamdring then places security-sensitive functions inside the enclave, and adds runtime checks and cryptographic operations at the enclave boundary to protect it from attack. Our evaluation of Glamdring with the Memcached store, the LibreSSL library, and the Digital Bitbox bitcoin wallet shows that it achieves small TCB sizes and has acceptable performance overheads.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Joshua Lind and Christian Priebe and Divya Muthukumaran and Dan O{\textquoteright}Keeffe and Pierre-Louis Aublin and Florian Kelbert and Tobias Reiher and David Goltzsche and David Eyers and R{\"u}diger Kapitza and Christof Fetzer and Peter Pietzuch},
title = {Glamdring: Automatic Application Partitioning for Intel {SGX}},
booktitle = {2017 USENIX Annual Technical Conference (USENIX ATC 17)},
year = {2017},
isbn = {978-1-931971-38-6},
address = {Santa Clara, CA},
pages = {285--298},
url = {https://www.usenix.org/conference/atc17/technical-sessions/presentation/lind},
publisher = {USENIX Association},
month = jul
}