Meta
Official Documents
Reviews
Attacks:
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes
- COIN Attacks: On Insecurity of Enclave Untrusted Interfaces in SGX
- Controlled-Channel Attacks: Deterministic SideChannels for Untrusted Operating Systems
- Emilia: Catching Iago in Legacy Code
- Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing
- Privado: Practical and Secure DNN Inference with Enclaves
- Software Grand Exposure: SGX Cache Attacks Are Practical
Defenses:
- A Design and Verification Methodology for Secure Isolated Regions
- Achieving Keyless CDNs with Conclaves
- BlackMirror: Preventing Wallhacks in 3D Online FPS Games
- CHANCEL: Efficient Multi-client Isolation Under Adversarial Programs
- Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX
- Opaque: An Oblivious and Encrypted Distributed Analytics Platform
- PRIDWEN: Universally Hardening SGX Programs via Load-Time Synthesis
- Privado: Practical and Secure DNN Inference with Enclaves
- See through Walls: Detecting Malware in SGX Enclaves with SGX-Bouncer
- SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients
- SinClave: Hardware-assisted Singletons for TEEs
- Varys: Protecting SGX Enclaves from Practical Side-Channel Attacks
Applications:
- Achieving Keyless CDNs with Conclaves
- DelegaTEE: Brokered Delegation Using Trusted Execution Environments
- S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX
- SENG, the SGX-Enforcing Network Gateway: Authorizing Communication from Shielded Clients
See also:
- A Formal Foundation for Secure Remote Execution of Enclaves
- AccTEE: A WebAssembly-based Two-way Sandbox for Trusted Resource Accounting
- An efficient and secure scheme of verifiable computation for Intel SGX
- BesFS: A POSIX Filesystem for Enclaves with a Mechanized Safety Proof
- Clemmys: Towards Secure Remote Execution in FaaS
- Dynamic Binary Translation for SGX Enclaves (Ratel)
- GrapheneSGX
- Machine Learning with Confidential Computing: A Systematization of Knowledge
- Sealed-Glass Proofs: Using Transparent Enclaves to Prove and Sell Knowledge
- Securing TEEs with Verifiable Execution Contracts
- SGX Posts
- SGXFUZZ: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing
- SoK: SGX.Fail: How Stuff Gets eXposed
- Towards Formal Verification of State Continuity for Enclave Programs
- Trust more, serverless
- Web Assembly+ SGX
Related materials other than paper
- Disk Encryption in CVMs
- FaaS Papers, mainly in TEE
- Graphene-SGX PF
- Graphene-SGX PF Callbacks
- Graphene-SGX PF Data Structure
- Graphene-SGX PF Implementation
- Graphene-SGX PF Internal
- Graphene-SGX PF User Interfaces
- Potential Threats of Memory Integrity on SEV(SNP), (Scalable) SGX2, and TDX
- SDK_PF_Close
- SDK_PF_DataNode
- SDK_PF_Flush
- SDK_PF_metadata
- SDK_PF_New
- SDK_PF_Write
- SDK_PFImplementations
- SDK_PFUserInterfaces
- SGX Application Papers
- SGX Documents
- SGX Middleware (Papers)
- SGX_PF_Class
- Side-Channel Meta
- Teaclave
- Teaclave Commands
- TEEPapers
- Trusted Computing Base TCB
- Virtualization in SGX
- WAMR Installation & run in SGX enclave
- WAMR+Teaclave