Back in January, Ollie Whitehouse wrote a very nice introduction to Intel SGX, with MANY links to related materials.
Intel SGX is a trusted execution environment which provides a reverse sandbox. It’s not yet available but those who have had access to the technology have shown some powerful applications in cloud use cases that on the face of it dramatically enhance security without the performance constraints of homomorphic encryption. However, there is enough small print to warrant both validation and defensive assessment activities when the technology becomes more generally available. There is a new set of features coming to Intel CPUs that have massive potential for cloud security and other applications such as DRM. However, as with all things that can be used for good there is also the potential for misuse. These features come in the guise of Software Guard Extensions (SGX). In this post we’ve collated what we know about the technology, what others have said about it and how it is being applied in real-world applications.
Firmware Security 