|
|
@@ -1,25 +1,28 @@
|
|
|
# MITIGATOR
|
|
|
|
|
|
-This repository contains Docker files for reproducing the implementation of the server-side code for the following paper:
|
|
|
+This repository contains Docker files for reproducing the implementation of the server-side code for the paper:
|
|
|
|
|
|
-Miti Mazmudar, Ian Goldberg. "Mitigator: Privacy policy compliance using trusted hardware"
|
|
|
+Miti Mazmudar, Ian Goldberg. "Mitigator: Privacy policy compliance using trusted hardware".
|
|
|
Proceedings on Privacy Enhancing Technologies. Vol. 2020, No. 3. 18 pages. July 2020.
|
|
|
|
|
|
-*Note:* This system requires a machine with Intel Software Guard Extension (SGX) to be built and to function correctly.
|
|
|
+*Note:* This system requires a machine with Intel Software Guard Extension (SGX) in order to be built and to function correctly.
|
|
|
|
|
|
-This system consists of three enclaves: a decryptor, a verifier and a target enclave. The target enclave is a PHP server which obtains user data through forms and we wish to ensure compliance of the webserver with its privacy policy. The Linux SGX driver and Linux SGX SDK are required to run the decryptor enclave. The Linux SGX SDK is also required for the enclaves to attest to each other and to seal secrets to disk. We use the Graphene-SGX library to support running a proof-of-concept verifier and the target application. The target application is an Apache server with a PHP extension to interface with the decryptor enclave. The Graphene-SGX driver is also required to run any applications within Graphene.
|
|
|
+This system consists of three enclaves: a decryptor, a verifier and a target enclave. The target enclave is a PHP-enabled apache web server, which obtains user data through forms and we wish to ensure compliance of the webserver with its privacy policy. The Linux SGX driver and Linux SGX SDK are required to run the decryptor enclave. The Linux SGX SDK is also required for the enclaves to attest to each other and to seal secrets to disk. We use the Graphene-SGX library to support running a proof-of-concept verifier and the target application. The target application also contains a PHP extension to interface with the decryptor enclave. The Graphene-SGX driver is required to run any applications within Graphene.
|
|
|
|
|
|
-We use Docker scripts to reproduce our setup for our paper. Two of our scripts setup drivers and the others setup, launch a docker container for running the three enclaves.
|
|
|
+We use Docker scripts to reproduce our setup for our paper. Two of our scripts set up drivers and the others set up and launch a docker container for running the three enclaves.
|
|
|
* `build-driver`: builds specific versions of the Linux SGX and the Graphene-SGX drivers as kernel modules.
|
|
|
* `install-driver`: installs the kernel modules generated by the build-driver script onto the machine.
|
|
|
-* `build-mitigator`: builds three docker images, one for each of the Dockerfiles in the sgx/, graphene/ and docker/ folders respectively. The first docker image contains the SGX SDK and PSW setup. The second docker image adds the Graphene-SGX setup onto the first one. The last docker image is formed by downloading the source-code for our enclaves, including any dependencies, and generating the three enclaves.
|
|
|
-* `run-mitigator`: creates a *detached* the docker container with the image initialized in the build-mitigator script. Re-run this script after any changes to the `build-mitigator` script to recreate a docker container with the new docker image.
|
|
|
+* `build-mitigator`: builds three docker images, one for each of the Dockerfiles in the sgx-docker/, graphene-docker/, and docker/ folders respectively. The first docker image contains the SGX SDK and PSW setup. The second docker image adds the Graphene-SGX setup onto the first one. The last docker image is formed by downloading the source code for our enclaves, including any dependencies, and generating the three enclaves.
|
|
|
+* `run-mitigator`: creates a *detached* docker container with the image initialized in the build-mitigator script. Re-run this script after any changes to the `build-mitigator` script to recreate a docker container with the new docker image.
|
|
|
* `attach-mitigator`: attaches to the container created by the `run-mitigator` script. This lets you interact with the docker container through the terminal.
|
|
|
* `stop-mitigator`: stops the container created by the `run-mitigator` script. This needs to be run before re-creating a container with a new image through `run-mitigator`.
|
|
|
|
|
|
-## Build steps ##
|
|
|
+## Build steps
|
|
|
+
|
|
|
1. On an SGX-supporting machine with sudo privileges, run the `build-driver` script and then the `install-driver` script. This step requires having sudo privileges in order to insert kernel drivers into the machine.
|
|
|
-2. On the same machine, run the `build-mitigator` script to build the docker images. Enter the docker container by running `run-mitigator` and then `attach-mitigator`. After entering the docker container, run the `deploy_enclaves` script to create the three enclaves. The decryptor enclave is created first, followed by the verifier and then the Apache server, each in a different tmux session. To restart the Apache server after stopping it, you need to stop the decryptor and then run the deploy_enclaves script. This restarts the decryptor, verifier and the Apache server in that order.
|
|
|
+2. On the same machine, run the `build-mitigator` script to build the docker images. Enter the docker container by running `run-mitigator` and then `attach-mitigator`. After entering the docker container, run the `deploy_enclaves` script to create the three enclaves. The decryptor enclave is created first, followed by the verifier and then the Apache server, each in a different tmux session. To restart the Apache server after stopping it, you need to stop the decryptor and then run the `deploy_enclaves` script. This restarts the decryptor, verifier and the Apache server in that order.
|
|
|
+
|
|
|
+## Testing
|
|
|
|
|
|
-*Test:* We require a client to install [our Firefox browser extension](https://git-crysp.uwaterloo.ca/miti/browser-extension) to test our server-side setup. The last script opens up the port on which the Mitigator server is running within the docker container (port 8001). Obtain the ip address of the docker container by running the `find_docker_ip` script within the container. The server form page can be retrieved on the server machine by accessing `docker_url:8001/index.php`. The browser extension will automatically encrypt all form fields to the decryptor enclave when the submit button is pressed.
|
|
|
+We require a client to install [our Firefox browser extension](https://git-crysp.uwaterloo.ca/miti/browser-extension) to test our server-side setup. The last script opens up the port on which the Mitigator server is running within the docker container (port 8001). Obtain the ip address of the docker container by running the `find_docker_ip` script within the container. The server form page can be retrieved on the server machine by accessing `docker_url:8001/index.php`. The browser extension will automatically encrypt all form fields to the decryptor enclave when the submit button is pressed.
|
|
|
|
