Skip to content
Weijie Liu edited this page Nov 6, 2020 · 2 revisions

Welcome to the Deflection wiki!

Problem to solve:

How service providers build a Practical Privacy-preserving TEE that can ensure the privacy of both data providers and code providers, i.e., a solution that enables a user to verify whether a remote service (such as MLasS) has the properties of confidentiality (and integrity) without touching the binary/source code?

Goal(s):

Protecting data during it being processed by a code provider (maybe malicious) who does not want to disclose the details of the code.

Threat Model:

The client (data provider) uploads his/her sensitive data onto a Server (code provider) for data processing tasks.

  1. We believe in Intel SGX, which could be seen as a trusted third party.

  2. We assume that the data and the code can be both encrypted and intact before the bootstrap enclave running the data-processing application. And we assume that the Ecall(s)/Ocall(s) of the bootstrap enclave are public and can be audited/attested.

  3. The data provider is relatively benign and won't do something (such as DOP) to jeopardize the data privacy, e.g., sending some malicious input (triggering some unexpected attack behavior) into the code.

Clone this wiki locally