eMotion: An SGX extension for migrating enclaves

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 116
  • Download : 0
Software Guard Extensions (SGX) is a good candidate to address sensitive information disclosure in cloud computing because SGX creates enclaves for applications that protect security sensitive code and data from malicious access. However, existing SGX-enabled Virtual Machine Managers (VMMs) do not provide live migration of SGX-enabled Virtual Machines (VMs). This management operation is impossible because the VMM cannot directly access the Enclave Page Cache (EPC) pages where the VM’s enclaves reside. SGX supports the EPC page swapping mechanism that evicts the EPC pages into the untrusted memory which the VMM can access. However, this mechanism has the limitations to be applied to enclave migration. In this paper, we propose an SGX extension for migrating enclaves called eMotion that adds additional instructions and migration support to the SGX architecture for enabling the secure managed migration of running enclaves. eMotion allows that the participating hosts establish a key used in enclave migration and the VMMs in the hosts migrate running enclaves using the established key. We implement a prototype on top of OpenSGX, an open source SGX emulator, to demonstrate the operations of eMotion and to estimate the impact on enclave migration.
Publisher
ELSEVIER ADVANCED TECHNOLOGY
Issue Date
2019-01
Language
English
Article Type
Article
Citation

COMPUTERS & SECURITY, v.80, pp.173 - 185

ISSN
0167-4048
DOI
10.1016/j.cose.2018.09.008
URI
http://hdl.handle.net/10203/248664
Appears in Collection
CS-Journal Papers(저널논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0