Our architecture requires us to consider the threats that can arise from an altogether new mode of interaction: loading and running code on other users’ machines. We assume that users naturally have physical access to their machines, and can thus introspect on running processes. However, we also assume that some Bento middleboxes will have secure, trusted execution environments (TEEs), such as Intel SGX. We explicitly assume that these environments are safe; that is, for any code or data being executed or stored inside of a secure enclave, we assume that the attacker can- not introspect on either, despite having physical access to the machine.
In order to run Bento functions within SGX, we use Graphene.
Run Bento Server with SGX: In order to run Bento Server with SGX, use the command python3.6 runserver.py --sgx [true]. The --sgx parameter is set as false by default.