[Seminar] Toward Secure Trusted Computing
■호스트: 김건희 교수 (x7300, 880-7300)
※문의: Vision and Learning Lab. (02-880-7289)
Intel SGX is new hardware-based trusted computing solutions that has recently become available. Running a program within a protective region, called an enclave, SGX guarantees confidentiality and integrity of the program against all hardware and software components except the CPU itself. This strong and unique security guarantee creates new security research perspectives and opportunities, especially for data protection techniques in an untrusted computing environments. In this talk, we present a set of new data protection solutions based on Intel SGX. First, the talk introduces SecureBooth, a system that provides confidentiality on user data. SecureBooth creates a software-enforced sandbox for a program running within an enclave, and it ensures that a program only outputs encrypted data only visible to a user. Next, the talk presents two work-in-progress projects, SecPassDB and OblivFS. SecPassDB is designed to thwart password bruteforce attacks. It encloses a password authentication service within an enclave, which throttles the computational power with respect to the password database. OblivFS secures file access patterns from an adversarial operating system, because the adversarial operating system can infer confidential file contents based on its access patterns. OblivFS designs an ORAM-based filesystem scheme for an enclave, which employs hierarchical data block managements with shuffling properties.
Byoungyoung Lee is an Assistant Professor in the Department of Computer Science at Purdue University. His research is in the general area of computer security and privacy. In particular, his focus is in systems security, designing and implementing secure systems through analyzing and eliminating vulnerabilities. His research identified and helped to fix more than 100 security vulnerabilities in the major software including the Linux Kernel, Chrome, Firefox, and Safari. He received the Internet Defense Prize by Facebook and USENIX and the best applied security research paper (the 3rd place) by CSAW.