Presentation: Towards Memory Safety in Intel SGX Enclave

Track: Security: Attacking and Defending

Location: Bayview AB

Duration: 4:10pm - 5:00pm

Day of week: Wednesday

Level: Intermediate - Advanced

Persona: Architect, Backend Developer, Developer

What You’ll Learn

  • Hear about Intel SGX, what it is and how it helps with memory safety.
  • Find out about memory safety, ownership, enclaves, and how to use those with Rust SGX SDK.
  • Learn why Rust is a better security choice than Go or Swift for programming on Intel SGX.

Abstract

Intel SGX is the next-generation trusted computing infrastructure. Rust programming language is an ideal choice for system programming and it guarantees memory safety. In this talk, we show Rust SGX SDK, which combines Intel SGX together with Rust. Developer could write memory-safe SGX enclave easily, eliminating the possibility of being pwned intrinsically.

Speaker: Dr. Yu Ding

Security Scientist @Baidu X-Lab

Yu Ding is a senior security scientist at Baidu X-Lab. His research interest is security issues around Intel SGX and security protocol analysis.

Find Dr. Yu Ding at

Similar Talks

Graphics Programmer & Academy Award Winning Computer Graphics Researcher
Product Management and Marketing @Datacoral
Vice President of Devops and Digital Practices @SJTechnologies

.

Tracks

  • 21st Century Languages

    Compile to Native, Microservices, Machine learning... tailor-made languages solving modern challenges, featuring use cases around Go, Rust, C#, and Elm.

  • Architectures You've Always Wondered About

    Architectural practices from the world's most well-known properties, featuring startups, massive scale, evolving architectures, and software tools used by nearly all of us.

  • Beyond Being an Individual Contributor

    Beyond being an individual contributor. Building and Evolving managers and tech leadership.

  • DevOps: You Build It, You Run It

    Pushing DevOps beyond adoption into cultural change. Hear about designing resilience, managing alerting, CI/CD lessons, & security. Features lessons from open source, Linkedin, Netflix, Financial Times, & more. 

  • Performance Mythbusting

    Real world, applied performance proofs across stacks. Hear performance consideratiosn for .NET, Python, & Java. Learn performance use cases with OpenJ9, Instagram, and Netflix. 

  • The Practice & Frontiers of AI

    Learn about machine learning in practice and on the horizon. Learn about ML at Quora, Uber's Michelangelo, ML workflow with Netflix Meson and topics on Bots, Conversational interfaces, automation, and deployment practices in the space.

  • Going Serverless

    Learn about the state of Serverless & how to successfully leverage it! Lessons learned in the track hit on security, scalability, IoT, and offer warnings to watch out for.

  • Microservices: Patterns and Practices

    Stories of success and failure building modern Microservices, including event sourcing, reactive, decomposition, & more.

  • Evolving Java

    Java continues to evolve & change. Track covers Spring 5, async, Kotlin, serverless, the 6-month cadence plans, & AI/ML use cases.

  • The Art of Chaos Engineering

    Failure is going to happen - Are you ready? Chaos engineering is an emerging discipline - What is the state of the art?

  • Security: Attacking and Defending

    Offense and defensive security evolution that application developers should know about including SGX Enclaves, effects of AI, software exploitation techniques, & crowd defense

  • Stream Processing In The Modern Age

    Compelling applications of stream processing using Flink, Beam, Spark, Strymon & recent advances in the field, including Custom Windowing, Stateful Streaming, SQL over Streams.  

Conference for Professional Software Developers