The code and data in the enclave utilize a threat model in which the enclave is trusted but no process outside it can be trusted (including the operating system itself and any hypervisor), and therefore all of these are treated as potentially hostile. The processor thus protects the code from being 'spied on' or examined by other code. The enclave is decrypted on the fly only within the CPU itself, and even then, only for code and data running from within the enclave itself. SGX involves encryption by the CPU of a portion of memory. They allow user-level as well as operating system code to define private regions of memory, called enclaves, whose contents are protected and unable to be either read or saved by any process outside the enclave itself, including processes running at higher privilege levels.
Intel Software Guard Extensions ( SGX) is a set of security-related instruction codes that are built into some modern Intel central processing units (CPUs). Security-related instruction code processor extension