Software Guard Extensions

http://dbpedia.org/resource/Software_Guard_Extensions

Intel Software Guard Extensions (SGX) è un insieme di codici di istruzioni dell'unità di elaborazione centrale (CPU) di Intel che consente al codice a livello utente di allocare regioni private di memoria, chiamate enclave, che sono protette da processi in esecuzione a livelli di privilegio più elevati. Intel ha progettato SGX per essere utile nell'implementare il calcolo remoto sicuro, la navigazione web sicura e la gestione dei diritti digitali (DRM). rdf:langString
英特尔软件防护扩展(英語:Intel Software Guard Extensions,SGX)是一组,它被内置于一些现代Intel 中央处理器(CPU)中。它们允许用户态及内核态代码定义将特定内存区域,设置为私有区域,此区域也被称作飞地(Enclaves)。其内容受到保护,不能被本身以外的任何进程存取,包括以更高权限级别运行的进程。 CPU对受SGX保护的内存进行加密处理。受保护区域的代码和数据的加解密操作在CPU内部动态(on the fly)完成。因此,处理器可以保护代码不被其他代码窥视或检查。SGX使用的威胁模型如下:Enclaves是可信的,但Enclaves之外的任何进程都不可信(包括操作系统本身和任何虚拟化管理程序),所有这些不可信的主体都被视为有存在恶意行为的风险。Enclaves之外代码的任何代码读取受保护区域,只能得到加密后的内容。由于SGX不能防止针对运行时间等侧信道信息的测量和观察,在SGX内部运行的程序本身必须能抵抗侧信道攻击。 SGX被设计用于实现安全远程计算、安全网页浏览和数字版权管理(DRM)。其他应用也包括保护专有算法和加密密钥。 rdf:langString
Die Software Guard Extensions (Intel SGX) sind eine Erweiterung der x86-Architektur, um sichere Enklaven zu erstellen. Diese sind Bereiche im Adressraum eines Prozesses, die speziell durch die CPU geschützt werden und für die alle direkten Zugriffe, auch von privilegierten Prozessen, durch die CPU kontrolliert bzw. verhindert werden. Der Schutz des SGX-Speichers umfasst unter anderem transparente Speicherverschlüsselung mit Integritätsschutz. In den skalierbaren Xeon-Prozessoren der 3. Generation (Ice Lake SP) sind die SGX weiterhin vorhanden. rdf:langString
Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected private regions of memory, called enclaves. SGX is designed to be useful for implementing secure , secure web browsing, and digital rights management (DRM). Other applications include concealment of proprietary algorithms and of encryption keys. rdf:langString
O SGX ( Software Security Guard Extensions ) da Intel é um conjunto de códigos de instruções relacionados à segurança incorporados em algumas unidades de processamento central (CPUs) modernas da Intel . Eles permitem que o código do sistema operacional e do usuário definam regiões privadas da memória, denominadas enclaves, cujo conteúdo é protegido e não pode ser lido ou salvo por qualquer processo fora do próprio enclave, incluindo processos executados em níveis de privilégios mais altos . O SGX está desativado por padrão e deve ser aceito pelo usuário por meio de suas configurações de BIOS em um sistema suportado. rdf:langString
Расширения Intel Software Guard Extensions (Intel SGX) — набор инструкций центрального процессора, предоставляющих возможность приложению создавать анклавы — области в виртуальном адресном пространстве, защищённые от чтения и записи извне этой области другими процессами, включая ядро операционной системы. Intel SGX обеспечивают целостность и конфиденциальность вычислений с повышенными требованиями к безопасности, производимыми на системах, где привилегированные процессы (ядро операционной системы, гипервизор, и т. д.) считаются ненадёжными. rdf:langString
rdf:langString Software Guard Extensions
rdf:langString Software Guard Extensions
rdf:langString Software Guard Extensions
rdf:langString Software Guard Extensions
rdf:langString Расширения Intel SGX
rdf:langString 英特尔软件防护扩展
xsd:integer 46464527
xsd:integer 1116648869
rdf:langString Die Software Guard Extensions (Intel SGX) sind eine Erweiterung der x86-Architektur, um sichere Enklaven zu erstellen. Diese sind Bereiche im Adressraum eines Prozesses, die speziell durch die CPU geschützt werden und für die alle direkten Zugriffe, auch von privilegierten Prozessen, durch die CPU kontrolliert bzw. verhindert werden. Der Schutz des SGX-Speichers umfasst unter anderem transparente Speicherverschlüsselung mit Integritätsschutz. SGX wurde von Intel mit Mikroprozessoren der sechsten Generation (Skylake-Mikroarchitektur) im Jahre 2015 eingeführt. In welchem Umfang eine CPU die SGX-Befehlssatzerweiterungen unterstützt, kann mit der CPUID-Instruktion abgefragt werden (CPUID „Structured Extended Feature Leaf“, EBX-Bit 02), aber seine Verfügbarkeit für Anwendungen erfordert ebenso Firmware-Unterstützung (BIOS oder UEFI) und Opt-in-Aktivierung, was sich nicht in CPUID-Bits widerspiegelt und die Merkmalserkennungslogik für Anwendungen verkompliziert. In einer experimentellen Version des QEMU-Systememulators wurde 2014 die Emulation von SGX hinzugefügt. 2015 veröffentlichten Forscher des Georgia Institute of Technology den Open-Source-Simulator „OpenSGX“. 2022 ist aufgefallen, dass in Intel-Prozessoren der Core-i-Serien -11000 (11. Generation, Rocket Lake) und -12000 (12. Generation, Adler Lake) SGX nicht mehr in Hardware vorhanden ist. Intel führt SGX in den Datenblättern der Prozessoren als „veraltet“ an. Bei der Tiger-Lake-Mikroarchitektur, die beispielsweise als Basis der Prozessoren Core-i-1100G, -11000H oder Xeon W-11000 dient, ist zwar SGX noch in Hardware vorhanden, wird von Intel aber deaktiviert. Die Wiedergabe von Ultra HD Blu-rays auf PCs setzt außer High-bandwidth Digital Content Protection (HDCP) 2.2 ab HDMI 2.0 und dem Kopierschutz Advanced Access Content System (AACS) 2.0 auch SGX voraus. In den skalierbaren Xeon-Prozessoren der 3. Generation (Ice Lake SP) sind die SGX weiterhin vorhanden.
rdf:langString Intel Software Guard Extensions (SGX) is a set of security-related instruction codes that are built into some Intel central processing units (CPUs). They allow user-level and operating system code to define protected private regions of memory, called enclaves. SGX is designed to be useful for implementing secure , secure web browsing, and digital rights management (DRM). Other applications include concealment of proprietary algorithms and of encryption keys. SGX involves encryption by the CPU of a portion of memory (the enclave). Data and code originating in the enclave are decrypted on the fly within the CPU, protecting them from being examined or read by other code, including code running at higher privilege levels such the operating system and any underlying hypervisors. While this can mitigate many kinds of attacks, it does not protect against side-channel attacks. A pivot by Intel in 2021 resulted in the deprecation of SGX from the 11th and 12th generation Intel Core Processors, but development continues on Intel Xeon for cloud and enterprise use.
rdf:langString Intel Software Guard Extensions (SGX) è un insieme di codici di istruzioni dell'unità di elaborazione centrale (CPU) di Intel che consente al codice a livello utente di allocare regioni private di memoria, chiamate enclave, che sono protette da processi in esecuzione a livelli di privilegio più elevati. Intel ha progettato SGX per essere utile nell'implementare il calcolo remoto sicuro, la navigazione web sicura e la gestione dei diritti digitali (DRM).
rdf:langString O SGX ( Software Security Guard Extensions ) da Intel é um conjunto de códigos de instruções relacionados à segurança incorporados em algumas unidades de processamento central (CPUs) modernas da Intel . Eles permitem que o código do sistema operacional e do usuário definam regiões privadas da memória, denominadas enclaves, cujo conteúdo é protegido e não pode ser lido ou salvo por qualquer processo fora do próprio enclave, incluindo processos executados em níveis de privilégios mais altos . O SGX está desativado por padrão e deve ser aceito pelo usuário por meio de suas configurações de BIOS em um sistema suportado. O SGX envolve criptografia pela CPU de uma parte da memória. O enclave é descriptografado em tempo real apenas dentro da própria CPU e, mesmo assim, apenas para código e dados em execução dentro do próprio enclave. O processador, portanto, protege o código de ser "espiado" ou examinado por outro código. O código e os dados no enclave utilizam um modelo de ameaça no qual o enclave é confiável, mas nenhum processo fora dele (incluindo o próprio sistema operacional e qualquer hypervisor ) pode ser confiável e todos são tratados como potencialmente hostis. O conteúdo do enclave não pode ser lido por nenhum código fora do enclave, exceto em sua forma criptografada. O SGX foi projetado para ser útil do desenvolvimento de computação remota segura, navegação segura na Web e gerenciamento de direitos digitais (DRM). Outras aplicações incluem a ocultação de algoritmos proprietários e de chaves de criptografia .
rdf:langString Расширения Intel Software Guard Extensions (Intel SGX) — набор инструкций центрального процессора, предоставляющих возможность приложению создавать анклавы — области в виртуальном адресном пространстве, защищённые от чтения и записи извне этой области другими процессами, включая ядро операционной системы. Intel SGX обеспечивают целостность и конфиденциальность вычислений с повышенными требованиями к безопасности, производимыми на системах, где привилегированные процессы (ядро операционной системы, гипервизор, и т. д.) считаются ненадёжными. Intel SGX создан для применения в безопасных удалённых вычислениях, безопасного просмотра веб страниц и защиты авторских прав. Другие практические применения данной технологии включают обеспечение конфиденциальности проприетарных алгоритмов и ключей шифрования.
rdf:langString 英特尔软件防护扩展(英語:Intel Software Guard Extensions,SGX)是一组,它被内置于一些现代Intel 中央处理器(CPU)中。它们允许用户态及内核态代码定义将特定内存区域,设置为私有区域,此区域也被称作飞地(Enclaves)。其内容受到保护,不能被本身以外的任何进程存取,包括以更高权限级别运行的进程。 CPU对受SGX保护的内存进行加密处理。受保护区域的代码和数据的加解密操作在CPU内部动态(on the fly)完成。因此,处理器可以保护代码不被其他代码窥视或检查。SGX使用的威胁模型如下:Enclaves是可信的,但Enclaves之外的任何进程都不可信(包括操作系统本身和任何虚拟化管理程序),所有这些不可信的主体都被视为有存在恶意行为的风险。Enclaves之外代码的任何代码读取受保护区域,只能得到加密后的内容。由于SGX不能防止针对运行时间等侧信道信息的测量和观察,在SGX内部运行的程序本身必须能抵抗侧信道攻击。 SGX被设计用于实现安全远程计算、安全网页浏览和数字版权管理(DRM)。其他应用也包括保护专有算法和加密密钥。
xsd:nonNegativeInteger 20334
dbpedia:Category:Intel
dbpedia:Category:X86_instructions
dbpedia:Category:Computer_security
dbpedia:QEMU
dbpedia:Rocket_Lake
dbpedia:Encryption
dbpedia:Decryption
dbpedia:Intel_MPX
dbpedia:Proprietary_software
dbpedia:Computer_security
dbpedia:Goldmont_Plus
dbpedia:Graz_University_of_Technology
dbpedia:Antivirus_software
dbpedia:Cache_(computing)
dbpedia:Skylake_(microarchitecture)
dbpedia:Microarchitecture
dbpedia:Speculative_execution
dbpedia:USENIX
dbpedia:Joanna_Rutkowska
dbpedia:Alder_Lake_(microprocessor)
dbpedia:DRAM
dbpedia:Central_processing_unit
dbpedia:Digital_rights_management
dbpedia:Georgia_Institute_of_Technology
dbpedia:Hypervisor
dbpedia:Category:Intel
dbpedia:Category:X86_instructions
dbpedia:Category:Computer_security
dbpedia:Advanced_Programmable_Interrupt_Controller
dbpedia:Trusted_execution_environment
dbpedia:BIOS
dbpedia:CPUID
dbpedia:Spectre_(security_vulnerability)
dbpedia:Encryption_key
dbpedia:Intel
dbpedia:Intel_Core
dbpedia:Operating_system
dbpedia:RSA_(cryptosystem)
dbpedia:Cache_memory
dbpedia:WolfSSL
dbpedia:X86
dbpedia:Side-channel_attack
dbpedia:Privilege_level
dbpedia:Spectre-NG
dbpedia:On_the_fly
dbpedia:Instruction_code
dbpedia:Unified_Extensible_Firmware_Interface
dbpedia:Web_browsing
dbpedia:Foreshadow_(security_vulnerability)
dbpedia:Remote_computing
dbpedia:User-level
<http://theinvisiblethings.blogspot.ru/2013/08/thoughts-on-intels-upcoming-software.html>
<https://fortanix.com/blog/2020/03/intel-sgx-technology-and-the-impact-of-processor-side-channel-attacks/>
<https://www.linkedin.com/pulse/introduction-intel-software-guard-extensions-esmond-dsouza/>
<https://cdn2.hubspot.net/hubfs/1761386/security-of-intelsgx-key-protection-data-privacy-apps.pdf>
<https://www.idc.ac.il/en/schools/cs/research/documents/jackson-msc-thesis.pdf>
<https://www.intel.co.uk/content/dam/www/public/emea/uk/en/documents/a1152798-confidential-computing-delivers-personal-shopping.pdf>
<http://web.cs.wpi.edu/~guttman/cs557_website/papers/trusted_computing/sgx1.pdf>
<https://www.virusbtn.com/virusbulletin/archive/2014/01/vb201401-SGX>
<https://github.com/chip-red-pill/MicrocodeDecryptor>
<https://github.com/wolfSSL/wolfssl>
<https://software.intel.com/en-us/isa-extensions/intel-sgx>
<https://software.intel.com/sites/default/files/332680-002.pdf>
<https://software.intel.com/sites/default/files/managed/3e/b9/SF15_ISGC003_81_SGX_DL_100_small.pdf>
<https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf>
<https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/secure-coding/xucode-implementing-complex-instruction-flows.html>
<https://eprint.iacr.org/2016/086.pdf>
<https://www.hackreports.com/sgaxe-crosstalk-attacks-intel-sgx-vulnerability/>
<https://eya.global/case-studies/realising-the-potential-of-data-whilst-reserving-privacy-with-eya-and>
<http://rdf.freebase.com/ns/m.0134lgv2>
<http://yago-knowledge.org/resource/Software_Guard_Extensions>
<http://www.wikidata.org/entity/Q19842961>
<http://de.dbpedia.org/resource/Software_Guard_Extensions>
<http://fa.dbpedia.org/resource/نرم‌افزارهای_افزودنی_نگهبان_اینتل>
<http://it.dbpedia.org/resource/Software_Guard_Extensions>
<http://pt.dbpedia.org/resource/Software_Guard_Extensions>
<http://ru.dbpedia.org/resource/Расширения_Intel_SGX>
<http://zh.dbpedia.org/resource/英特尔软件防护扩展>
<https://global.dbpedia.org/id/tmg6>
dbpedia:Template:CPU_technologies
dbpedia:Template:Main
dbpedia:Template:Missing_information
dbpedia:Template:Reflist
dbpedia:Template:Short_description
dbpedia:Template:Intel
dbpedia:Template:Multimedia_extensions
dbpedia:Set
<http://en.wikipedia.org/wiki/Software_Guard_Extensions?oldid=1116648869&ns=0>
<http://en.wikipedia.org/wiki/Software_Guard_Extensions>

data from the linked data cloud