Supporting Intel(r) SGX on Multi-Package Platforms

Simon Johnson; Raghunandan Makaram; Amy Santoni; Vinnie Scarlata

arXiv:2507.08190·cs.DC·July 14, 2025

Supporting Intel(r) SGX on Multi-Package Platforms

Simon Johnson, Raghunandan Makaram, Amy Santoni, Vinnie Scarlata

PDF

TL;DR

This paper discusses necessary platform enhancements to support Intel SGX on multi-package cloud platforms, enabling scalable, performant, and secure trusted execution environments for cloud computing.

Contribution

It introduces new platform modifications to extend Intel SGX support to multi-package systems, facilitating confidential cloud computing at scale.

Findings

01

Proposes platform enhancements for multi-package SGX support

02

Demonstrates improved scalability and security in cloud environments

03

Enables user-programmable trusted execution environments

Abstract

Intel(r) Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this capability in the cloud has been tested. Various Cloud Service Providers (CSPs) are demonstrating the value of using SGX based Trusted Execution Environments (TEE) to create a new paradigm of Confidential Cloud Computing. This paper describes the additional platform enhancements we believe are necessary to deliver a user programmable Trusted Execution Environment that scales to cloud usages, performs and is secure on multi-package platforms.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.