SILVA, M. S. L.; SILVA, Matheus Sthefano Leite da.
Resumen:
Intel SGX has been the subject of numerous research and development
projects. Moreover, this technology has been considered
a robust option to secure the data being processed in cloud environments.
Despite this, configuring SGX-based applications in
complex and dynamic scenarios such as microservice architectures
is still a challenge. The process of configuring such applications
must guarantee the trustworthiness of the services, and must be
simple and efficient.We then propose a solution for configuring and
provisioning secrets to SGX-based applications made with help of
the Intel SGX SDK. We present a simple solution that can be easily
validated and hardened. Also, the solution is pluggable and can be
extended to fit specific requirements or leverage other tools (e.g.,
for data persistence). In addition to describing our proposal, we also
provide an evaluation that shows low overhead to the initialization
and configuration time of SGX microservices deployed on Kubernetes.
This work contributes to the state-of-the-art of research on
using trusted execution environments in cloud computing.