A Policy Language for TEEs

In modern operating systems, applications and services can operate within individual Trusted Execution Environments, separating them from other system components. Despite this isolation, the programs may still need to interact with each other, all while securely storing and exchanging confidential data. Given the potential complexity of scenarios involving multiple components, there arises the necessity for a policy language capable of expressing a wide range of relationships.

The goal of this master thesis is to develop a policy language that is sufficiently generic and expressive, making the system configuration more approachable for system designers.

(Status Talk Master)