Skip to content

Why TEE

Jump to bottom
Titus Abele edited this page May 24, 2023 · 1 revision

The A and O

  • Eliminate the need to trust your PC and your Cloud provider
    • On an enclave you don't need to trust anyone
    • If everything outside of the CPU is encrypted, nothing is easily readable
  • The code does not let data escape outside of the enclave
    • This means no logging or snooping is possible

The Login process

  • Someone who has root access on a machine can see pretty much everything that is going on
  • TEE eliminates this because the code is running in an enclave
  • TEE additionally guarantees:
    • What code runs on the hardware
    • No one can look inside

Database

  • For this project, the decision was taken to use a simple file (on the enclave) as a DB
  • No outside communication is therefore necessary

Bachelor thesis: Privacy Preserving OAuth Service using TEEs
Titus Abele

Professor: Marcelo Pasin, HE-Arc NE
Collaboration: Thomas Niederberger, SCS AG ZH

drawing drawing
Clone this wiki locally