English
Related papers

Related papers: ERIM: Secure, Efficient In-process Isolation with …

200 papers

The kernels of operating systems such as Windows, Linux, and MacOS are vulnerable to control-flow hijacking. Defenses exist, but many require efficient intra-address-space isolation. Execute-only memory, for example, requires read…

Cryptography and Security · Computer Science 2021-08-04 Spyridoula Gravani , Mohammad Hedayati , John Criswell , Michael L. Scott

With the continuous increase in the number of software-based attacks, there has been a growing effort towards isolating sensitive data and trusted software components from untrusted third-party components. A hardware-assisted intra-process…

Cryptography and Security · Computer Science 2020-12-07 Leila Delshadtehrani , Sadullah Canakci , Manuel Egele , Ajay Joshi

Privacy-preserving computation techniques like homomorphic encryption (HE) and secure multi-party computation (SMPC) enhance data security by enabling processing on encrypted data. However, the significant computational and CPU-DRAM data…

Cryptography and Security · Computer Science 2024-09-26 Mpoki Mwaisela

Modern computing systems are limited in performance by the memory bandwidth available to processors, a problem known as the memory wall. Processing-in-Memory (PIM) promises to substantially improve this problem by moving processing closer…

Cryptography and Security · Computer Science 2025-04-24 Sahar Ghoflsaz Ghinani , Jingyao Zhang , Elaheh Sadredini

Efficient cloud computing relies on in-process isolation to optimize performance by running workloads within a single process. Without heavy-weight process isolation, memory safety errors pose a significant security threat by allowing an…

Cryptography and Security · Computer Science 2025-08-05 Martin Unterguggenberger , Lukas Lamster , David Schrammel , Martin Schwarzl , Stefan Mangard

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson

In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing. SeM uses a small amount of in-chip additional hardware that monitors key communication channels inside the CPU chip, and only acts…

Cryptography and Security · Computer Science 2018-03-13 Ofir Shwartz , Yitzhak Birk

To provide data and code confidentiality and reduce the risk of information leak from memory or memory bus, computing systems are enhanced with encryption and decryption engine. Despite massive efforts in designing hardware enhancements for…

Cryptography and Security · Computer Science 2022-08-17 Jingyao Zhang , Hoda Naghibijouybari , Elaheh Sadredini

Memory Protection Keys for Userspace (PKU) is a recent hardware feature that allows programs to assign virtual memory pages to protection domains, and to change domain access permissions using inexpensive, unprivileged instructions. Several…

Cryptography and Security · Computer Science 2021-10-12 Alexios Voulimeneas , Jonas Vinck , Ruben Mechelinck , Stijn Volckaert

With the alarming rate of security advisories and privacy concerns on connected devices, there is an urgent need for strong isolation guarantees in resource-constrained devices that demand very lightweight solutions. However, the status quo…

Operating Systems · Computer Science 2020-04-13 Zahra Tarkhani , Anil Madhavapeddy

Remote code disclosure attacks threaten embedded systems as they allow attackers to steal intellectual property or to find reusable code for use in control-flow hijacking attacks. Execute-only memory (XOM) prevents remote code disclosures,…

Cryptography and Security · Computer Science 2020-09-07 Zhuojia Shen , Komail Dharsee , John Criswell

The monolithic nature of widely used commodity operating systems means that vulnerabilities in one software component potentially compromise the entire kernel. Formally verifying these systems, or redesigning them altogether as…

Cryptography and Security · Computer Science 2026-05-11 Shriram Raja , Zhiyuan Ruan , Richard West

Transient execution side-channel attacks, such as Spectre, have been shown to break almost all isolation primitives. We introduce a new security property we call relaxed microarchitectural isolation (RMI) that allows sensitive programs that…

Cryptography and Security · Computer Science 2025-02-10 Jules Drean , Miguel Gomez-Garcia , Fisher Jepsen , Thomas Bourgeat , Srinivas Devadas

In-process compartmentalization and access control have been actively explored to provide in-place and efficient isolation of in-process security domains. Many works have proposed compartmentalization schemes that leverage hardware…

Cryptography and Security · Computer Science 2023-09-21 Kha Dinh Duy , Kyuwon Cho , Taehyun Noh , Hojoon Lee

The security of applications hinges on the trustworthiness of the operating system, as applications rely on the OS to protect code and data. As a result, multiple protections for safeguarding the integrity of kernel code and data are being…

Cryptography and Security · Computer Science 2019-05-16 Salessawi Ferede Yitbarek , Todd Austin

We present \textsc{CHOKE}, a novel code-based hybrid key-encapsulation mechanism (KEM) designed to securely and efficiently transmit multiple session keys simultaneously. By encoding $n$ independent session keys with an individually secure…

Cryptography and Security · Computer Science 2025-05-06 Benjamin D. Kim , Vipindev Adat Vasudevan , Alejandro Cohen , Rafael G. L. D'Oliveira , Thomas Stahlbuhk , Muriel Médard

Intel memory protection keys (MPK) is a new hardware feature to support thread-local permission control on groups of pages without requiring modification of page tables. Unfortunately, its current hardware implementation and software…

Cryptography and Security · Computer Science 2018-11-20 Soyeon Park , Sangho Lee , Wen Xu , Hyungon Moon , Taesoo Kim

Over the last years, security kernels have played a promising role in reshaping the landscape of platform security on today's ubiquitous embedded devices. Security kernels, such as separation kernels, enable constructing high-assurance…

Cryptography and Security · Computer Science 2020-05-07 Hamed Nemati

Application compartmentalization and privilege separation are our primary weapons against ever-increasing security threats and privacy concerns on connected devices. Despite significant progress, it is still challenging to privilege…

Cryptography and Security · Computer Science 2023-06-27 Zahra Tarkhani , Anil Madhavapeddy

Demand for data-intensive workloads and confidential computing are the prominent research directions shaping the future of cloud computing. Computer architectures are evolving to accommodate the computing of large data better. Protecting…

Cryptography and Security · Computer Science 2023-04-11 Kha Dinh Duy , Hojoon Lee
‹ Prev 1 2 3 10 Next ›