Paper Info
Title
Running Language Interpreters Inside SGX - A Lightweight, Legacy-Compatible Script Code Hardening Approach.
Abstract
Recent advances in trusted execution environments, specifically with Intel's introduction of SGX on consumer processors, have provided unprecedented opportunities to create secure applications with a small TCB. While a large number of SGX solutions have been proposed, nearly all of them focus on protecting native code applications, leaving scripting languages unprotected. To fill this gap, this paper presents SCRIPTSHIELD, a framework capable of running legacy script code while simultaneously providing confidentiality and integrity for scripting code and data. In contrast to the existing schemes that either require tedious and time-consuming re-development or result in a large TCB by importing an entire library OS or container, SCRIPTSHIELD keeps the TCB small and provides backwards compatibility (i.e., no changes needed to the scripting code itself). The core idea is to customize the script interpreter to run inside an SGX enclave and pass scripts to it. We have implemented SCRIPTSHIELD and tested with three popular scripting languages: Lua, JavaScript, and Squirrel. Our experimental results show that SCRIPTSHIELD does not cause noticeable overhead. The source code of SCRIPTSHIELD has been made publicly available as an open source project.
Year
DOI
Venue
2019
10.1145/3321705.3329848
AsiaCCS
Keywords
Field
DocType
SGX, Scripting Language, Confidentiality, Integrity
Confidentiality,Compatibility (mechanics),Source code,Computer science,Computer security,Machine code,Interpreter,Backward compatibility,Operating system,Scripting language,JavaScript
Conference
ISBN
Citations 
PageRank 
978-1-4503-6752-3
0
0.34
References 
Authors
10
6
Name
Order
Citations
PageRank
Huibo Wang192.89
Erick Bauman2493.70
Vishal Karande300.34
Zhiqiang Lin4108264.49
Yueqiang Cheng516212.03
Yinqian Zhang694548.00