Description
Confidential Computing is a rising field in IT security. Applications and software often runs in
untrusted environments without mechanisms to secure them from malicious entities. The
goal of confidential computing is to protect the data in use by utilizing Trusted Execution
Environments (TEEs). One important concept to validate the authenticity and integrity of
these TEEs often run on remote systems, is called Remote Attestation. The Fraunhofer AISEC
Institute developed a Universal Remote Attestation Framework to provide remote
attestation for different confidential computing technologies as well as the establishment of
a secure channel between different TEEs. The goal of this work is to enhance the
functionality of the framework by integrating support for Intel SGX. A concept was designed
to enable integration within the framework and analyzed in terms of security. Furthermore,
specific drivers were implemented within the framework to generate and verify SGX
attestation reports.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching