HTML conversions sometimes display errors due to content that did not convert correctly from the source. This paper uses the following packages that are not yet supported by the HTML conversion tool. Feedback on these issues are not necessary; they are known and are being worked on.
Trusted execution environments like Intel SGX provide enclaves , which offer strong security guarantees for applications. Running entire applications inside enclaves is possible, but this approach leads to a large trusted computing base TCB. As such, various tools have been developed to partition programs written in languages such as C or Java into trusted and untrusted parts, which are run in and out of enclaves respectively.
However, those tools depend on language-specific taint-analysis and partitioning techniques. They cannot be reused for other languages and there is thus a need for tools that transcend this language barrier. We address this challenge by proposing a multi-language technique to specify sensitive code or data, as well as a multi-language tool to analyse and partition the resulting programs for trusted execution environments like Intel SGX.
Our technique includes a multi-language dynamic taint tracking tool to analyse and partition applications based on our generic secure nodes. Our extensive evaluation with micro- and macro-benchmarks shows that we can use our technique for two languages Javascript and Python , and that partitioned programs can obtain up to Trusted execution environments TEE use hardware cryptography to enforce confidentiality, authenticity and integrity of a memory zone called an enclave.
Adding such a large code base inside a TEE increases the size and the attack surface of the TCB to an unacceptable degree. To minimise the TCB size of applications written in managed languages, the code and the data of the application and the runtime must be partitioned into trusted parts and untrusted parts, which run inside and outside of the enclave, respectively.
