Scaling Intel® Software Guard Extensions Applications with Intel® SGX Card

Cloud computing revolutionized the way internet-scale services are deployed and scaled. However, general security concerns and protecting business critical data are still major factors holding companies back from moving their IT infrastructure to the cloud. Intel (R) Software Guard Extensions (Intel (R) SGX) technology provides a hardware enforced trusted execution environment specifically developed to compute on confidential data in untrusted public clouds. To date, Intel SGX is available only on single-socket platforms and its secure memory limited to 128 MB. This paper describes how the Intel SGX Card makes the Intel SGX technology available on dual-socket server platforms today and easily integrated into existing data center infrastructure. Also, with software enabling, there is potential for applications to scale-out across the cards's three Intel (R) Xeon (R) E3 processors for additional secure memory. We propose four software architectures to efficiently utilize the card's resources and present use cases that benefit from Intel SGX card based deployments.