“Performance Evaluation of the Gramine Library OS,” Project, A. Heß (Supervisor), F. J. Hauck (Examiner), Inst. of Distr. Sys., Ulm Univ., 2024 –
Open.
Intel SGX is a technology that allows to launch tamper-proof enclaves in main memory, which isolate parts of applications that deal with sensitive data. There is a broad spectrum of application scenarios, ranging from fault-tolerant systems to privacy-preserving machine learning approaches. Intel provides a native SDK that can be used to derive low-level wrapper functions from a function definitions provided in a DSL, which are then used to interact with the protected parts of the application applications. However, the SDK requires special care during the design process as well as C/C++ programming skills, in order to create a bulletproof interface to the enclave. The Gramine project promises to simplify the SGX application development process by providing functionality to wrap unmodified linux applications in Intel SGX enclaves. Since this approach trades in performance for usability, the goal of this project is to conduct a performance evaluation for different applications launched natively and wrapped with Gramine.