Securing Application with Software Partitioning: A Case Study Using SGX.

Application size and complexity are the underlying cause of numeroussecurity vulnerabilities in code. In order to mitigate the risks arisingfrom such vulnerabilities, various techniques have been proposed to isolate theexecution of sensitive code from the rest of the application and from other softwareon the platform (e.g. the operating system). However, even with thesepartitioning techniques, it is not immediately clear exactly how they can andshould be used to partition applications. What overall partitioning schemeshould be followed; what granularity of the partitions should be. To some extent,this is dependent on the capabilities and performance of the partitioningtechnology in use. For this work, we focus on the upcoming Intel SoftwareGuard Extensions (SGX) technology as the state-of-the-art in this field. SGXprovides a trusted execution environment, called an enclave, that protects theintegrity of the code and the confidentiality of the data inside it from othersoftware, including the operating system. We present a novel framework consistingof four possible schemes under which an application can be partitioned.These schemes range from coarse-grained partitioning, in which the full applicationis included in a single enclave, through ultra-fine partitioning, in whicheach application secret is protected in an individual enclave. We explain thespecific security benefits provided by each of the partitioning schemes and discusshow the performance of the application would be affected. To comparethe different partitioning schemes, we have partitioned OpenSSL using fourdifferent schemes. We discuss SGX properties together with the implicationsof our design choices in this paper