Loading…
中国上海
2019 年 6 月 24–26 日
单击此处了解更多信息和注册

点击此处查看英文版日程表。
To view the English version of this schedule please go here.

我们将为所有主题演讲和分组会议提供同声传译服务。
Simultaneous translation will be provided for all keynote and breakout sessions.

场馆 + 赞助商展示区地图
Venue + Sponsor Showcase Map
Back To Schedule
Wednesday, June 26 • 11:20 - 11:55
使用 SGX 保护容器:保护云环境中的秘密 - Isaku Yamahata,英特尔;Xiaoning Li,阿里巴巴

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
容器广泛适用于云计算,但其隔离性较差。防范云服务提供商窃取秘密至关重要。Software Guard Extention (SGX) 提供只信任英特尔和 SGX 实施,连 OS / VMM / BIOS 都不信任的可信执行环境 (TEE)。它需要修改应用,但由于各种原因有时很难修改应用。理想情况下,未修改的用户二进制文件可以在 SGX 安全区中运行。

在本次演讲中,我们将介绍允许未修改的二进制文件在 SGX TEE 中运行的库操作系统。它通过替换共享库来挂钩系统调用。Go 是云原生应用的最流行语言,具有使用静态链接的独特能力。我们对 Graphene LibOS 进行了增强以支持 golang 二进制,并将其硬化以供生产使用。我们将分享我们为 Graphene-SGX LibOS 添加 golang 支持的经验以及我们未来的计划。
Speakers
avatar for Isaku Yamahata

Isaku Yamahata

Software engineer, Intel
Isaku Yamahata is a Software architect in the Open Source Technology Center, Intel. His main focus is virtualization technology, network virtualization as Software Defined Networking for multiple years. Isaku is an active on Graphene LibOS and OpenStack Neutron (networking) and has... Read More →
XL

Xiaoning Li

Chief Security Architect, Alibaba
Xiaoning Li is Chief Security Architect at Alibaba Cloud. Previously he was a Security Researcher and Architect at Intel Labs. Focused on analyzing/detecting/preventing 0 day/malware with existing/new processor features. For the past 10+ years, his work has been focusing on both hardware/software... Read More →

kubecon china 2019 graphene sgx golang final pdf
Wednesday June 26, 2019 11:20 - 11:55 CST
618
  KC+CNC - 安全 + 身份 + 策略