Relevant papers

Our main paper is Intel SGX Explained from MIT.

This paper is the Intel paper that describes the SGX feature in general: https://software.intel.com/sites/default/files/article/413936/hasp-2013-innovative-instructions-and-software-model-for-isolated-execution.pdf

This paper describes some SGX applications such as secure web browser, video conference, etc..: https://software.intel.com/sites/default/files/article/413938/hasp-2013-innovative-instructions-for-trusted-solutions.pdf

This paper describes how to use SGX to do attestation: https://software.intel.com/sites/default/files/article/413939/hasp-2013-innovative-technology-for-attestation-and-sealing.pdf

The above three short Intel papers are good read to understand SGX, especially the first one which describes the basics of SGX. If your time is limited, you can just read the first paper.

Below are some other papers and resources on SGX:

Here is slides of Intel tutorial on SGX: https://software.intel.com/sites/default/files/332680-002.pdf

The Haven paper describes Microsoft's work using SGX to secure applications, and they found some limitations of SGX that led to the revision of the SGX specification later: http://research.microsoft.com/pubs/223450/osdi2014-haven.pdf

This is the Microsoft paper using SGX to secure Hadoop: http://research.microsoft.com/pubs/246524/vc3-oakland2015.pdf

This paper uses SGX to secure network applications such as Tor, and to authenticate network middleboxes: https://taesoo.gtisc.gatech.edu/pubs/2015/sgxtor/sgxtor.pdf

And some useful blogs about SGX: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2015/january/intel-software-guard-extensions-sgx-a-researchers-primer/ http://blog.invisiblethings.org/2013/08/30/thoughts-on-intels-upcoming-software.html http://blog.invisiblethings.org/2013/09/23/thoughts-on-intels-upcoming-software.html http://www.ayeks.de/2015/10/intel-sgx/ https://jbeekman.nl/blog/

Notes

Intel SGX Explained lists Intel privilege levels in Figure 8. Note that some Intel systems have at least one more privilege level (I'm not sure how wide spread this extension is). See Ring -3 Rootkits Slides and Ring -3 Rootkits Press release. The paper however, describes this privilege level in Section 2.9.2.