Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SGX-Bundler: speeding up enclave transitions for IO-intensive applications
KTH Royal Institute of Technology, Sweden.
Lund University, Sweden; CanaryBit AB, Sweden.ORCID iD: 0000-0003-0132-857x
RISE Research Institutes of Sweden.
2022 (English)In: Proceedings - 22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022, Institute of Electrical and Electronics Engineers Inc. , 2022, p. 269-278Conference paper, Published paper (Refereed)
Abstract [en]

Process-based confidential computing enclaves such as Intel SGX can be used to protect the confidentiality and integrity of workloads, without the overhead of virtualisation. However, they introduce a notable performance overhead, especially when it comes to transitions in and out of the enclave context. Such overhead makes the use of enclaves impractical for running IO-intensive applications, such as network packet processing or biological sequence analysis. We build on earlier approaches to improve the IO performance of work-loads in Intel SGX enclaves and propose the SGX-Bundler library, which helps reduce the cost of both individual single enclave transitions well as of the total number of enclave transitions in trusted applications running in Intel SGX enclaves. We describe the implementation of the SGX-Bundler library, evaluate its performance and demonstrate its practicality using the case study of Open vSwitch, a widely used software switch implementation. 

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers Inc. , 2022. p. 269-278
Keywords [en]
Hardware security, Open vSwitch, Performance optimization, SGX, Biological sequence analysis, Network packets, Packet processing, Performance, Performance optimizations, Process-based, Virtualizations, Work loads
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-60063DOI: 10.1109/CCGrid54584.2022.00036Scopus ID: 2-s2.0-85135761247ISBN: 9781665499569 (electronic)OAI: oai:DiVA.org:ri-60063DiVA, id: diva2:1702110
Conference
22nd IEEE/ACM International Symposium on Cluster, Cloud and Internet Computing, CCGrid 2022, 16 May 2022 through 19 May 2022
Note

Funding details: Stiftelsen för Strategisk Forskning, SSF, RIT17-0035; Funding text 1: This paper was partially supported by the Swedish Foundation for Strategic Research, grant RIT17-0035.

Available from: 2022-10-10 Created: 2022-10-10 Last updated: 2022-10-10Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Paladi, Nicolae

Search in DiVA

By author/editor
Paladi, Nicolae
By organisation
RISE Research Institutes of Sweden
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 17 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf