Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

EnclaveDB, The Proposition

July 10, 2018 by Marc Handelman in Database Security, DBMS Security, Information Security, Encryption, Enclaves, IACR

via Christian Priebe of Imperial College London, Manuel Costa and Kapil Vaswani both from Microsoft Research, comes a tour dé force of database security, ostensibly monikered EnclaveDB (published this past May 2018, in the Proceedings of the 39th IEEE Symposium on Security & Privacy, in co-operation with the International Association for Cryptologic Research). The interesting functionality descibed in the trio's paper - pursuant to a secure database (if there possibly could be such a thing) is not the security of data in-motion or at-rest, but the addition of encrypted in-memory data. More here...

July 10, 2018 /Marc Handelman
Database Security, DBMS Security, Information Security, Encryption, Enclaves, IACR

Looked it over, how shall I say, it's lacking a certain - competency?

Are Intel SGX Enclaves Secure? Nope, Not Really...

March 22, 2017 by Marc Handelman in All is Information, Alternate Attack Analysis, Enclaves, Information Security, Lack of Security Regimen

via Catalin Cimpanu, writing at BleepingComputer, comes this well-crafted piece on the folly of secure enclaves... In this case, Intel SGX Enclaves. Enjoy.

"More details on the attacks and proposed countermeasures are available in the research paper titled "Malware Guard Extension: Using SGX to Conceal Cache Attacks." via Catalin Cimpanu at BleepingComputer

March 22, 2017 /Marc Handelman
All is Information, Alternate Attack Analysis, Enclaves, Information Security, Lack of Security Regimen