kryptoguard.com
  • Home
  • What We Do
  • What We Think
    • KryptoGuard™ Blog
    • KryptoGuard™ Developer Zone Blog
  • Who We Are
  • KryptoGuard™ Technology Initiative
    • What is it?
    • Do I Qualify?
  • KryptoGuard™ Technology Services
    • What is it?
    • Can you help?

What We Think​

Intel® SGX - Data Loss Prevention

1/17/2018

0 Comments

 
Leveraging Intel® SGX towards Data Loss Prevention
Data Loss Prevention software have a lot to gain from creatively and innovatively leveraging hardware technologies.  Intel® SGX is one such technology in Intel's hardware enabled security product line.

What is Intel® SGX?
Intel® SGX provides a hardware assisted trusted execution environment, an enclave, within which select code and data can run in a secure way.  It provides the smallest possible attack surface, the CPU boundary.

Widely Covered Usecase:
There has been much talk about leveraging Intel® SGX in secure remote computation wherein a remote entity, possibly in the cloud, establishes a trusted computing environment, in this case by leveraging Intel® SGX.  It then establishes an identity for the trusted environment.  Once that identity is attested, this remote entity becomes eligible to receive secrets from its owner.  The provisioned secret is then ready for secure processing in the remote environment but within a trusted enclave. 

Intel® SGX for Data Loss Prevention:
​Because of currently prevalent cloud services, remote secure computation use case has gained significant focus, with Intel® itself possibly having designed several aspects of SGX with that in mind.  This sole focus however, overlooks a wealth of creative ways in which the SGX CPU feature set extensions itself could be leveraged, DLP software being one such area. 
It's core feature, to earmark select code and data for execution in a hardened environment were access control checks enforced at hardware level prevents those earmarked resources from being accessed by other layers of software, however privileged it be, makes for a perfect fit for DLP software.
Watch out for further discussion, proof of concept and more to demonstrate successful use of Intel® SGX towards DLP.
0 Comments



Leave a Reply.

    Author

    Founder of KryptoGuard™ technology initiative, product and services.

    Archives

    June 2020
    May 2020
    April 2020
    July 2019
    May 2019
    June 2018
    May 2018
    January 2018
    December 2016

    Categories

    All
    Code Injection
    Credential Guard
    DLP
    Hardware Virtualization
    Intel® SGX
    KryptoGuard™
    MimiKatz
    Patch Management
    PCI-DSS
    SQLite
    SSP
    Trusted Execution

    RSS Feed

Site powered by Weebly. Managed by SiteGround
Photo used under Creative Commons from toptenalternatives
  • Home
  • What We Do
  • What We Think
    • KryptoGuard™ Blog
    • KryptoGuard™ Developer Zone Blog
  • Who We Are
  • KryptoGuard™ Technology Initiative
    • What is it?
    • Do I Qualify?
  • KryptoGuard™ Technology Services
    • What is it?
    • Can you help?