Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Scalable Memory Protection in the PENGLAI Enclave

USENIX via YouTube

Overview

Explore a 14-minute conference talk from USENIX OSDI '21 that delves into scalable memory protection in the PENGLAI Enclave. Learn about innovative software-hardware co-design techniques addressing limitations in secure memory protection for cloud-based applications. Discover two new hardware primitives: Guarded Page Table (GPT) and Mountable Merkle Tree (MMT), which enable dynamic, fine-grained, and large-scale secure memory with fast initialization. Understand how these advancements support thousands of concurrent enclaves, improve resource utilization, and eliminate high-cost initialization using fork-style enclave creation. Examine the implementation results, including support for 1,000s of concurrent enclave instances, scalability up to 512GB secure memory, and significant performance improvements in memory initialization and real-world applications like MapReduce.

Syllabus

Intro
Enclave / TEE (Trusted Execution Environment)
Existing Enclaves and Usages in Cloud
Restrictions of Current Enclaves
Non-scalable Secure Memory Protection
Scalable Memory Protection: Overview
Non-scalable Memory Isolation
Fine-grained Flexible Memory Isolation
Guarded Page Table (GPT)
Non-scalable Integrity Protection
Scale the Traditional Merkle Tree
Mountable Merkle Tree (MMT)
Non-scalable Memory Initialization
Boost Secure Memory Initialization
Evaluation
Enclave Startup Latency
Conclusion

Taught by

USENIX

Reviews

Start your review of Scalable Memory Protection in the PENGLAI Enclave

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.