Location
Hilton Hawaiian Village, Honolulu, Hawaii
Event Website
https://hicss.hawaii.edu/
Start Date
3-1-2024 12:00 AM
End Date
6-1-2024 12:00 AM
Description
User input plays an essential role in computer security because it can control system behavior and make security decisions. Output from the system to users is also important because it often contains security-critical information that must be protected in terms of its integrity and confidentiality, such as passwords and user’s private data. Despite the importance of user input and output (I/O), modern computer systems often fail to provide necessary security guarantees for them, which could result in serious security breaches. To establish trust in the user I/O in a commodity computer system, we present SGX-USB, which combines three essential security properties: confidentiality, integrity, and authenticity, to ensure the assurance of user I/O. SGX-USB establishes a trusted communication channel between the USB controller and an enclave instance of Intel SGX. The implemented system supports common user input devices, such as keyboards and mice, over the trusted channel, ensuring the integrity of user input.
Recommended Citation
Jang, Yeongjin and Keem, Sejin, "SGX-USB: Secure USB I/O Path for Secure Enclaves" (2024). Hawaii International Conference on System Sciences 2024 (HICSS-57). 5.
https://aisel.aisnet.org/hicss-57/st/cybersecurity_and_sw_assurance/5
SGX-USB: Secure USB I/O Path for Secure Enclaves
Hilton Hawaiian Village, Honolulu, Hawaii
User input plays an essential role in computer security because it can control system behavior and make security decisions. Output from the system to users is also important because it often contains security-critical information that must be protected in terms of its integrity and confidentiality, such as passwords and user’s private data. Despite the importance of user input and output (I/O), modern computer systems often fail to provide necessary security guarantees for them, which could result in serious security breaches. To establish trust in the user I/O in a commodity computer system, we present SGX-USB, which combines three essential security properties: confidentiality, integrity, and authenticity, to ensure the assurance of user I/O. SGX-USB establishes a trusted communication channel between the USB controller and an enclave instance of Intel SGX. The implemented system supports common user input devices, such as keyboards and mice, over the trusted channel, ensuring the integrity of user input.
https://aisel.aisnet.org/hicss-57/st/cybersecurity_and_sw_assurance/5