If you ask Clement, it was quite a challenge to run one of the small JVM
variant within the enclave. We would need a specific support at the VM
level to do some piece of code within the enclave while others are not.
On Thu 18-07-05 10:51, Sebastian Laskawiec wrote:
>Just stumbled upon:
Just stumbled upon:
https://blog.acolyer.org/2018/07/05/enclavedb-a-secure-database-using-sgx/
Perhaps using enclaves could be a way to secure in-memory data (especially
having in mind that we can use off-heap). Adding mandatory TLS +
Authentication would make Infinispan very secure.
On Tue, Nov
With your explanation I think I get it now...
So from my point of view, I would assume that we *can't* trust the servers.
But with TLS we *can* trust the communication channel.
Does this makes sense now?
On Mon, Nov 28, 2016 at 4:07 PM, Sanne Grinovero
wrote:
> On 28
Hey Sanne!
Comments inlined.
Thanks
Sebastian
On Fri, Nov 25, 2016 at 2:55 PM, Sanne Grinovero
wrote:
> Hi Sebastian,
> you're opening a very complex (but interesting!) topic.
>
> As the paper you linked to also reminds, it's extremely hard to
> implement such a thing
Hi Sebastian,
you're opening a very complex (but interesting!) topic.
As the paper you linked to also reminds, it's extremely hard to
implement such a thing without "giving away" lots of useful metadata
to a potential attacker. It's an interesting paper as they propose a
technique to maintain
Hey!
A while ago I stumbled upon [1]. The article talks about encrypting data
before they reach the server, so that the server doesn't know how to
decrypt it. This makes the data more secure.
The idea is definitely not new and I have been asked about something
similar several times during local