TU Darmstadt / ULB / TUbiblio

Enclave-Based Secure Programming with JE

Oak, Aditya ; Ahmadian, Amir M. ; Balliu, Musard ; Salvaneschi, Guido (2021):
Enclave-Based Secure Programming with JE.
In: Proceedings: 2021 IEEE Secure Development Conference, pp. 71-78,
IEEE, 6th IEEE Secure Development Conference (SecDev 2021), virtual Conference, 18.-20.10.2021, ISBN 978-1-6654-3170-5,
DOI: 10.1109/SecDev51306.2021.00026,
[Conference or Workshop Item]

Abstract

Over the past few years, major hardware vendors have started offering processors that support Trusted Execution Environments (TEEs) allowing confidential computations over sensitive data on untrusted hosts. Unfortunately, developing applications that use TEEs remains challenging. Current solutions require using low-level languages (e.g., C/C++) to handle the TEE management process manually – a complex and error-prone task. Worse, the separation of the application into components that run inside and outside the TEE may lead to information leaks. In summary, TEEs are a powerful means to design secure applications, but there is still a long way to building secure software with TEEs alone.In this work, we present J E, a programming model for developing TEE-enabled applications where developers only need to annotate Java programs to define application-level security policies and run them securely inside enclaves.

Item Type: Conference or Workshop Item
Erschienen: 2021
Creators: Oak, Aditya ; Ahmadian, Amir M. ; Balliu, Musard ; Salvaneschi, Guido
Title: Enclave-Based Secure Programming with JE
Language: English
Abstract:

Over the past few years, major hardware vendors have started offering processors that support Trusted Execution Environments (TEEs) allowing confidential computations over sensitive data on untrusted hosts. Unfortunately, developing applications that use TEEs remains challenging. Current solutions require using low-level languages (e.g., C/C++) to handle the TEE management process manually – a complex and error-prone task. Worse, the separation of the application into components that run inside and outside the TEE may lead to information leaks. In summary, TEEs are a powerful means to design secure applications, but there is still a long way to building secure software with TEEs alone.In this work, we present J E, a programming model for developing TEE-enabled applications where developers only need to annotate Java programs to define application-level security policies and run them securely inside enclaves.

Book Title: Proceedings: 2021 IEEE Secure Development Conference
Publisher: IEEE
ISBN: 978-1-6654-3170-5
Divisions: 20 Department of Computer Science
20 Department of Computer Science > Software Technology
DFG-Collaborative Research Centres (incl. Transregio)
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres
DFG-Collaborative Research Centres (incl. Transregio) > Collaborative Research Centres > CRC 1119: CROSSING – Cryptography-Based Security Solutions: Enabling Trust in New and Next Generation Computing Environments
Event Title: 6th IEEE Secure Development Conference (SecDev 2021)
Event Location: virtual Conference
Event Dates: 18.-20.10.2021
Date Deposited: 11 May 2022 08:07
DOI: 10.1109/SecDev51306.2021.00026
Additional Information:

, SecDev 2021, , October 18-20, 2021

PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details