Hints for Memory Optimization of Asylo-based SGX Enclave Applications

2020 International Conference on Information and Communication Technology Convergence (ICTC) Pub Date : 2020-10-21 DOI:10.1109/ICTC49870.2020.9289344

Hocheol Nam, Jaewon Park, Seunggyun Lee, Seunghyun Yeo, See-hwan Yoo

{"title":"Hints for Memory Optimization of Asylo-based SGX Enclave Applications","authors":"Hocheol Nam, Jaewon Park, Seunggyun Lee, Seunghyun Yeo, See-hwan Yoo","doi":"10.1109/ICTC49870.2020.9289344","DOIUrl":null,"url":null,"abstract":"Intel SGX is a technology for providing the hardware-based trusted execution environment, that is available on the 6th generation Intel CPUs and above. Despite the strong security model, SGX has a fundamental limitation in its memory capacity. An SGX-enabled processor has 128 MB of the trusted memory region, called enclave page cache. Due to the limited EPC size, loading and running memory-intensive secure applications is limited. We can use SGX paging, adjusting heap sizes to accommodate secure applications in SGX enclaves. However, the performance impact of memory pressure has not been thoroughly investigated. In this paper, we analyze the relationship between the memory footprint of the secure application with the performance. According to our analysis, we show that the memory footprint of the enclave heap could negatively affect the performance of the latency-sensitive application. Besides, we show that we can effectively mitigate performance degradation by adjusting the maximum heap size.","PeriodicalId":282243,"journal":{"name":"2020 International Conference on Information and Communication Technology Convergence (ICTC)","volume":"98 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Information and Communication Technology Convergence (ICTC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICTC49870.2020.9289344","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Intel SGX is a technology for providing the hardware-based trusted execution environment, that is available on the 6th generation Intel CPUs and above. Despite the strong security model, SGX has a fundamental limitation in its memory capacity. An SGX-enabled processor has 128 MB of the trusted memory region, called enclave page cache. Due to the limited EPC size, loading and running memory-intensive secure applications is limited. We can use SGX paging, adjusting heap sizes to accommodate secure applications in SGX enclaves. However, the performance impact of memory pressure has not been thoroughly investigated. In this paper, we analyze the relationship between the memory footprint of the secure application with the performance. According to our analysis, we show that the memory footprint of the enclave heap could negatively affect the performance of the latency-sensitive application. Besides, we show that we can effectively mitigate performance degradation by adjusting the maximum heap size.

查看原文本刊更多论文

基于异步的SGX Enclave应用程序内存优化提示

英特尔SGX是一种提供基于硬件的可信执行环境的技术，可用于第6代英特尔cpu及以上版本。尽管有强大的安全模型，但SGX在内存容量方面有一个根本性的限制。支持sgx的处理器具有128 MB的可信内存区域，称为enclave页缓存。由于EPC大小有限，加载和运行内存密集型安全应用程序受到限制。我们可以使用SGX分页，调整堆大小以适应SGX包围中的安全应用程序。然而，内存压力对性能的影响还没有得到彻底的研究。本文分析了安全应用程序的内存占用与性能之间的关系。根据我们的分析，我们发现enclave堆的内存占用可能会对延迟敏感型应用程序的性能产生负面影响。此外，我们还展示了通过调整最大堆大小可以有效地缓解性能下降。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 International Conference on Information and Communication Technology Convergence (ICTC)

自引率

0.00%

发文量