以太幣交易所 以太幣交易所
Ctrl+D 以太幣交易所
ads
首頁 > Luna > Info

英特爾SGX和區塊鏈安全:iExec的端到端解決方案_THE

Author:

Time:1900/1/1 0:00:00

點擊藍字關注我們

英特爾SGX和區塊鏈

iExec端到端解決方案

iExec很榮幸地宣布即將推出首個集成英特爾SGX的端到端解決方案,用于分布式計算的安全技術應用。在2018年10月30日布拉格Devcon4會議上,iExec和英特爾將宣布重大合作新聞。

張磊,iExec安全總監介紹了英特爾SGXEnclave技術,以及如何保證參與區塊鏈網絡的用戶和應用的安全問題,特別是基于區塊鏈的分布式云技術方面。

敬請關注!

正文相關鏈接

IntelSGX:https://software.intel.com/en-us/sgx

Thechallenge:Howcanweguaranteesecurityondecentralizedanddistributednetworks?

Blockchain-basedapplicationsandcomputingarenotownedorcontrolledbyonespecificentitybutratherpoweredbyadistributednetworkofmultiplemachinesor‘nodes’.Thedistributednatureofdecentralizedcloudcomputingnetworkspresentachallengetoguaranteesecurityasanyrootprivilegeusermayeasilyinspectthesensitivedataandtamperwiththeapplicationrunningonthedecentralizedhost.Fortraditionalcentralizedcloudcomputingproviders,itiseasiertoemployexistingsecuritymechanismsprotecttheinvolvedapplication.

Fordecentralizedblockchain-basedclouds,asilicon-basedsecuritysolution,called‘IntelSGX’,istheonlyefficientsolutiontoprotectusersandapplicationsinvolvedinBlockchain-baseddecentralizedcomputing.

IntelSGX(IntelSoftwareGuardExtensions),isasetofCPUinstructioncodesthatenabletheexecutionofselectpiecescodeanddatainprotectedareascalledenclaves.Basically,whileyouhaveanapplicationrunningonahostmachine,SGXenclavesessentiallyactasabubble,isolatingandprotectingtheapplicationfromthehostmachine,inthisway,eventherootprivilegeadministratorofthehostmachineisnotabletopenetratethisbubbletoaccessandtamperwiththeapplication.

英特爾計劃在2月底發布一款比特幣挖礦ASIC芯片:2月11日消息,芯片巨頭英特爾透露,他們將在2022年2月底舉行的國際固態電路會議(ISSCC) 全球論壇上推出一款用于比特幣挖礦的專用集成電路 (ASIC)芯片,英特爾還表示比特幣挖礦工作符合可持續發展目標。據悉,比特幣挖礦上市公司GRIID已經與英特爾簽署了一項比特幣挖礦 ASIC 硬件購買協議。另據Marathon Digital Holdings首席執行官Fred Thiel透露,目前至少有三家美國公司正在進行相關ASIC芯片設計,但他沒有透露具體公司名稱。[2022/2/11 9:46:01]

AnintroductiontoIntelSGXEnclaves-iExecSecurityR&D,LeiZhang

“WhatmakesIntelSGXcompellingisthatitprovidesahardwaretrustedexecutionenvironment(TEE),allowingbetterprotectionsfordatain-use,at-restandin-transit,built-inCPUinstructionsandplatformenhancementsprovidecryptographicassertionsforthecodethatispermittedtoaccessthedata.Ifthecodeisalteredortampered,thenaccessisdeniedandtheenvironmentdisabled.”

—RickEchevarria,VicepresidentofIntel’sSoftwareandServicesGroup.

1.TheiExecE2ESGXsolution

iExecispioneeringthebuildingofablockchain-enableddecentralizedanddistributedcloudnetwork.Theyhavenowprovidedthefirsteverfullandend-to-endsolutionintegratingSGXfortheblockchain-basedcloud.SomeofourinitialworkwithintelSGXcanbereadinthisblogpostandiscoveredinthisvideopresentation.iExecpresentedthefirstphaseofworkonSGXinMarch2018attheIBMThinkConferenceinLasVegasandco-presentedalongsideIntelinMay2018atConsensusinNewYork..Thisfirstphasefocusedontheprotectionofthesecretsbuiltindecentralizedapplications:althoughtheapplicationsrunsondecentralizednodes,theinvolvedsensitivedatacannotbeinspectedoralteredwithbymaliciousattackersonthenetwork.Howeverthefirststageofworkwasbasedonsomesophisticated(raw)frameworksandthefunctionalityofthesolutionwaslimitedtoonlyprotectnativesecretsoftheapplication,furthermorethesolutioncouldbecomplicatedforappdevelopersandusers,especiallyforthosewhoarenotinthefieldofITandcomputing.

英特爾首席執行官警告芯片短缺問題還將持續多年:5月3日,英特爾首席執行官Pat Gelsinger警告,已經在多個行業形成廣泛沖擊的全球半導體短缺問題可能會持續多年。Gelsinger在接受采訪時表示,英特爾正在對其部分工廠進行改造,以提高產量,應對汽車行業的芯片短缺問題。他補充說,可能至少需要幾個月的時間,供應緊張才會開始出現緩解。Gelsinger表示,要想滿足方方面面激增的需求,可能還需要幾年時間。[2021/5/3 21:19:00]

iExechastocontinuedtomakesignificantcontributions,workingdiligentlywithourpartners,topushforwardapowerfulanduser-friendlyend-to-endSGXsolution.Thissolutionisintendedtobeusedasanindustryreferencetoenhancetheoverallsecurityofdecentralizedcloudcomputing.ThisnewSGXsolution,combinedwithBlockchain,allowsforunmatchedleveloftrustforDecentralizedApplications(Dapps)andexecution/dataprocessingondecentralizednodes.TheiExecapproachspecificallyallowsBlockchaintoworkwithSGXinorderto:

ProtecttheDAppandprovidefulldataprotectionthatcannotbeaccessedbytheexecutionhost,especiallyforuser’sinputandoutputdata.

GuaranteetheintegrationoftheDapp/Data,makingsurethecorrectandexpectedDApporDataisrunningonthedecentralizednode.

Provideblockchain-basedvalidationforoff-chaincomputing,verifyingthattheDappiscorrectlyexecutedinanenclaveandisneithertamperednorinterruptedbythedecentralizednode.Asmart-contractsignatureissignedinsidethissecureenclavebeforetheverificationisdonebytheblockchainnetwork.

Nippon Express宣布與英特爾子公司合作 利用區塊鏈建立可追蹤物流:日本Nippon Express公司將與埃森哲和英特爾在日本的子公司合作,利用區塊鏈建立一個可以實時跟蹤的環境,以防止假冒藥品流入運輸網絡。(jp.cointelegraph)[2020/3/9]

MakesuretheexecutionandDAppresultisvalid,neithercopied,norfabricatedbymaliciousdecentralizednode.

Protecttheend-to-endprivacyofDAppresult,whichcanneverbeinspectedbyanyoneelsebuttheuser.

Afriendly-userinterface:significantsimplificationforuserstoencrypt/decrypttheinput/outputdataandtriggertheSGXapplicationexecution.

EasyusabilityisakeyelementofUserExperience;withthenewiExecE2ESGXsolution,useronlyneeds3simplestepstorunanE2ESGXapplicationandtoprovideafullprotectionofuser’sinputandoutputdata.

Let’sthinkaboutatypicalSGXapplication,sayforexampleaFinTechapplication.Theapplicationisfedbysomeuserinputdatawhichcontainssomeuser’spersonalandsensitivesecrets(e.g.bankaccountinformation,personalprivacy,etc…),theoutputresultsoftheapplicationalsocontainsomesensitivedataandareonlyintendedtouserwhotriggerstheapplication.Theinputdataandtheoutputresultsneedtobestrictlyprotectedduringthewholeprocedure.Thenon-encryptedsensitivedataneverleavesuserlocalscopeorhigh-securedtrustedexecutionenvironment:SXGenclave.Hereisagenericdescriptionofthe3simplestepsofiExec’sSGXsolution.

動態 | 企業以太坊聯盟推出由微軟和英特爾支持的獎勵代幣系統:周二在日本大阪舉行的年度以太坊開發者大會Devcon 5上,企業以太坊聯盟(EEA)展示了其創建的獎勵代幣系統,由微軟和英特爾支持。負責管理英特爾軟件和解決方案部門內區塊鏈計劃的Michael Reed表示,用于激勵參與聯盟的代幣有三種,分別為獎勵令牌、聲譽令牌和罰款令牌。該系統可應用于任何聯盟來激勵團隊合作。此次使用的示例是像EEA這樣的軟件開發聯盟。(coindesk)[2019/10/8]

Step1:Useronlyneedstorunonesimplecommandwhichallowstoautomatically:

Encryptuser’sinputdata

Pushtheencrypteddatatoaremotefilesystem(i.e.theremotefilesystemcanbeanypublicfilesharingserviceandenduserisfreetochoosehis/herpreferredone,pleasenotethatthisserviceisnotprovidedbyiExec)

Updaterelatedsessiondata(i.e.eachuser’striggeringoftheapplicationisasession)toaSGXbasedsecretmanagementservice.Secretmanagementservicecanbedeployedinaflexibleway:itcanbeatuser’sside,orscheduler’sside(i.e.SGXworkpool).

Step2:UsertriggersthetargetapplicationviasimpleclicksfromtheiExecDappstoreandmarketplaceviaauser-friendlyUIinterface.

OncethetargetapplicationistriggeredatremoteSGXdecentralizednode,theapplicationwillfirstlyautomaticallypulltheencrypteduserinputdatafromremotefilesystem(i.e.pushedinstep1);retrievethesecretkeyviasecuredSGXprovisionchannel,whichisthenusedtodecrypttheuserinputdata,thedecryptionisdoneonlyinsidethehigh-securedtrustedenvironment—SGXenclave;thedecrypteddatacanthenbeusedtofeedtheapplicationexecution,assoonastheapplicationresultisavailable,asignatureisprecededbasedontheprivatekeyprotectedinsidetheSGXenclave,whichcannotbeinspectedbytheoutsideworld.TheapplicationresultisfinallyencryptedandthentheiExec’sverificationprocedure(i.e.ProofofContribution)istriggered.EverythingissecurelyhappenedinsidetheIntelSGXenclaveensuredbyIntelhardwareCPUandnosecretisabletorevealedtotheoutsideworld.

英特爾廢棄芯片工廠被收購用于采礦:據bitcoinist消息,位于美國加利福尼亞州的3G Venture II公司表示,將在科羅拉多斯普林斯收購一些廢棄的英特爾芯片工廠,以用于挖掘比特幣。[2018/6/23]

Thesignatureisfinallytransferredtoon-chainnetworkandverifiedbyon-chainsmartcontractviatheregisteredcorrespondingpublickey.Ifthesignatureverificationpassesandapplicationresult’strustlevelachievesagiventhreshold.Theuserwillbeinformedtodownloadtheencryptedresult.

Thewholeprocedureisdoneautomaticallyinahighsecureway,andthisprocedureistriggeredbyonlysomesimpleclicksfromuserviathefriendlyUIinterface.

Fig.1iExec’sE2ESGXworkflow

Step3:Usercandownloadtheencryptedresultpackage,andusercanjustrunonesimplecommandtodecrypttheresult.Pleasenotethatonlytheuserwhotriggersthetask(i.e.SGXapplication)isabletodownloadtheencryptedresult,andonlytheuserownsthekeytodecrypttheapplicationresult.

Pleasenotethattheprocedureisplatformindependent,andthereforeiscompatiblewithdifferentoperatingsystems:Windows,Linux,MacOS.

Inthenearfuture,wewillfurthersimplifyuser’sprocedure—allthethreestepswillbeintegratedintoonesimplestep,andcanbedonebyseveralsimpleclicksfromuserviauserfriendlyuserinterface—https://market.iex.ec/.

2.TheiExecSolutionisSGXVendorAgnostic

TheiExecplatformisopentodifferentSGXsolutionvendors.Specifically,iExechasbeencollaboratingwithSCONEandFortanixtointegratetheirSGXframeworksintoiExec’sE2ESGXsolution.WearealsointhephaseofevaluatingIntel’sPDOframework.Inthefuture,wewillalsoconsidertheSGXframeworkofGraphene/Graphene-ng.AllthemainstreamSGXsolutionswillbe100%compatiblewithiExec’splatform,andwewillleaveiExecDappdevelopersanduserstofreelychoosetheirpreferredSGXframeworks.OurobjectistopromotetheemergenceofanecosystemwhichprovidestrustedexecutionforBlockchainbasedcomputing,andthesetrustedservicecanbemonetizedviaiExec’smarketplace.

3.iExecContributionstowardsIndustryStandardization

iExecarepioneersinthefieldofblockchain-basedTrustComputing,andisveryactiveinleadingandpushingforwardtheindustrialstandardizationforinthiscontextforBlockchaintechnology.

Especially:

iExecisveryactiveinEEA(EnterpriseEthereumAlliance):iExecischairingtheTrustedComputeWorkGroup,andkeepscontributingandpushingforwardtheEEAspecifications,especiallytheOff-chainTrustedComputeSpecificationwhichistobepubliclyreleasedsoon.

iExecisactiveinIEEEaswell.iExecismemberofIEEEP2418,andisinvolvedinIEEEstandardprojectonDLT-basedFederatedIdentity,CredentialandTrustManagement.iExecleadsthestandardizationworkinseveralBlockchainbaseddomains,especiallythesecurityandTEE(TrustedExecutionEnvironment)

iExeciscollaboratingwithhardwaretrustedexecutionvendorstomoveforwardthishardwarebasedsecuritysolution(SGX)tobefullystandard-compliant,staytunedforthecomingupdatesduringDevcon4.

iExecisalsocollaboratingwithourpartnerstomoveforwardthestandardizationforBlockchainbasedFogComputinginthecontextofOpenFogconsortium.SomeresultofthefirststagecollaborationwithourpartnersonFogComputingwillbereleasedsoon,pleasestaytunedinthefollowingdays.

長按掃碼關注公眾號

點“閱讀原文”了解更多

Tags:THEIONANDINGEtherInc CoinCorionXLionIsland Inutking幣哪里可以買

Luna
關于新增BHPC/USDT交易對的通知_INE

親愛的用戶, 根據實際運營需要,我們將于2018年10月10日15:00點(GMT8)新增BHPC/USDT交易對.

1900/1/1 0:00:00
“IDAX交易爭霸賽 登榜豪贏Tesla”活動獎勵公示_區塊鏈

親愛的用戶: ?“IDAX交易爭霸賽登榜豪贏Tesla”活動已結束,獲獎名單如下: 排行 用戶賬號 交易量 活動獎勵 1 mo**** 271 TeslaModelX100D2 xi**** 2.

1900/1/1 0:00:00
Bit-Z 開放 PAX 充、提幣服務_BIT

親愛的Bit-Z用戶: Bit-Z將于香港時間2018年10月17日15:00開放PAX充、提幣服務。交易開放時間請留意官方最新公告.

1900/1/1 0:00:00
微學堂∣NULS智能合約-從開發到使用_NULS

NULS智能合約采用模塊化設計,是圖靈完備的,兼容UTXO模型,基于JVM實現,內置NVM模塊,NULS智能合約解釋器將無縫支持JVM體系編程語言,并將陸續支持其他主流編程語言.

1900/1/1 0:00:00
幣神之戰:誰是百萬BNB得主?_BNB

活動時間:2018年10月18日上午8:00至2018年11月1日上午8:00 活動規則: 凡在Binance官網參與任何交易對交易的用戶,按交易競賽收益率排名.

1900/1/1 0:00:00
比原項目周報(2018.10.22更新)_TOM

點擊藍字關注比原鏈公眾號 開發進展 Bytomcore: 調研了selectUTXO算法的參數化.

1900/1/1 0:00:00
ads