Intel SGX

E163103

Intel SGX is a hardware-based security technology that enables the creation of protected enclaves in memory to run sensitive code and data in isolation from the rest of the system.

Try in SPARQL Jump to: Surface forms Statements Referenced by

All labels observed (7)

Statements (80)

Predicate Object
instanceOf Hardware-based security technology
Trusted execution environment
abbreviation Intel SGX self-linksurface differs
surface form: SGX
architecture Intel 64
attestationType Local attestation
Remote attestation
developer Intel Corporation
surface form: Intel
documentation Intel SGX self-linksurface differs
surface form: Intel SGX Developer Guide

Intel Architecture Software Developer’s Manual
surface form: Intel Software Developer’s Manual
featureOf Intel Core processor family
surface form: Intel Core processors

Intel Xeon
surface form: Intel Xeon processors
fullName Intel SGX self-linksurface differs
surface form: Intel Software Guard Extensions
includesInstruction ECREATE
EENTER
EEXIT
EGETKEY
EINIT
EREMOVE
EREPORT
instructionSetExtensionOf Intel x86 ISA
introducedBy Intel Skylake microarchitecture
keyConcept Enclave
Isolated execution
Memory encryption
Remote attestation
Sealing
marketStatus Supported on selected Intel client CPUs
Supported on selected Intel server CPUs
memoryRegion Enclave Page Cache
memoryRegionAbbreviation EPC
notDesignedToProtectAgainst Denial-of-service attacks
Side-channel attacks by co-resident processes
platform x86
provides Confidentiality for enclave memory
Integrity protection for enclave memory
Remote attestation capability
purpose Enable secure computation on untrusted platforms
Protect sensitive code and data in memory
Provide isolated execution environments
relatedConcept AMD SEV
TrustZone security extension
surface form: ARM TrustZone

Trusted Execution Environment
surface form: Confidential computing

Trusted Platform Module 2.0
surface form: Trusted Platform Module
remoteAttestationUses EPID group signatures
Quoting enclave
requires BIOS or firmware enabling SGX
CPU with SGX support
Operating system support for SGX
sealingDefinition Encrypting enclave data to persistent storage
sealingKeyScope CPU-specific sealing keys
Enclave-specific sealing keys
securityBoundary CPU package
securityProperty Protects against a compromised hypervisor
Protects against a compromised operating system
Protects against some physical attacks on memory
softwareSupport Graphene-SGX
Intel SGX self-linksurface differs
surface form: Intel SGX Platform Software

Intel SGX self-linksurface differs
surface form: Intel SGX SDK

Open Enclave SDK
SCONE
standardType Instruction set extension
supports Multiple enclaves per process
User-mode enclaves
threatModel Malicious BIOS or firmware
Malicious OS
Malicious hypervisor
useCase Blockchain and trusted oracles
Confidential cloud computing
Digital rights management
Secure key management
Secure multi-party computation
Trusted analytics on sensitive data
uses Access control checks on enclave memory
CPU-based memory encryption engine
vulnerableTo Branch prediction side-channel attacks
Cache side-channel attacks
Foreshadow (L1TF) attack
Plundervolt attack
SGAxe attack
Speculative execution attacks

Referenced by (10)

Full triples — surface form annotated when it differs from this entity's canonical label.

Intel Xeon supportsFeature Intel SGX
Goldmont supports Intel SGX
this entity surface form: Intel SGX (select SKUs)
Goldmont Plus supports Intel SGX
Tremont supports Intel SGX
Intel SGX fullName Intel SGX self-linksurface differs
this entity surface form: Intel Software Guard Extensions
Intel SGX abbreviation Intel SGX self-linksurface differs
this entity surface form: SGX
Intel SGX softwareSupport Intel SGX self-linksurface differs
this entity surface form: Intel SGX SDK
Intel SGX softwareSupport Intel SGX self-linksurface differs
this entity surface form: Intel SGX Platform Software
Intel SGX documentation Intel SGX self-linksurface differs
this entity surface form: Intel SGX Developer Guide