English
Related papers

Related papers: ERIM: Secure, Efficient In-process Isolation with …

200 papers

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

Increasing data center network speed coupled with application requirements for high throughput and low latencies have raised the efficiency bar for network stacks. To reduce substantial kernel overhead in network processing, recent…

Operating Systems · Computer Science 2023-03-02 Yihan Yang , Zhuobin Huang , Antoine Kaufmann , Jialin Li

Microprocessors enable aggressive hardware virtualization by means of which multiple processes temporally execute on the system. These security-critical and ordinary processes interact with each other to assure application progress.…

Cryptography and Security · Computer Science 2020-01-28 Hamza Omar , Omer Khan

Inefficient data transfer between computation and memory inspired emerging processing-in-memory (PIM) technologies. Many PIM solutions enable storage and processing using memristors in a crossbar-array structure, with techniques such as…

Hardware Architecture · Computer Science 2021-05-11 Orian Leitersdorf , Ben Perach , Ronny Ronen , Shahar Kvatinsky

Rust is a popular memory-safe systems programming language. In order to interact with hardware or call into non-Rust libraries, Rust provides \emph{unsafe} language features that shift responsibility for ensuring memory safety to the…

Cryptography and Security · Computer Science 2025-10-09 Merve Gülmez , Thomas Nyman , Christoph Baumann , Jan Tobias Mühlberg

TEE implementations on RISC-V offer an enclave abstraction by introducing a trusted component called the security monitor (SM). The SM performs critical tasks such as isolating enclaves from each other as well as from the OS by using…

Cryptography and Security · Computer Science 2024-10-07 Mark Kuhne , Stavros Volos , Shweta Shinde

Memory security and reliability are two of the major design concerns in cloud computing systems. State-of-the-art memory security-reliability co-designs (e.g. Synergy) have achieved a good balance on performance, confidentiality, integrity,…

Cryptography and Security · Computer Science 2021-01-20 Wenpeng He , Dan Feng , Fang Wang , Yue Li , Mengting Lu

This article presents a hardware-based memory isolation solution for constrained devices. Existing solutions target high-end embedded systems (typically ARM Cortex-A with a Memory Management Unit, MMU) such as seL4 or Pip (formally verified…

Operating Systems · Computer Science 2023-01-12 Nicolas Dejon , Chrystel Gaber , Gilles Grimaud

In modern cloud-native applications, microservices are commonly deployed in containerized environments to ensure scalability and flexibility. However, inter-process communication (IPC) between co-located microservices often suffers from…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-05-14 Fnu Yashu , Shubham Malhotra , Muhammad Saqib

Modern cloud computing systems distribute software executables over a network to keep the software sources, which are typically compiled in a security-critical cluster, secret. We develop ERIC, a new, efficient, and general software…

Cryptography and Security · Computer Science 2022-07-18 Alperen Bolat , Seyyid Hikmet Çelik , Ataberk Olgun , Oğuz Ergin , Marco Ottavi

All the state-of-the-art rowhammer attacks can break the MMU-enforced inter-domain isolation because the physical memory owned by each domain is adjacent to each other. To mitigate these attacks, physical domain isolation, introduced by…

Cryptography and Security · Computer Science 2019-10-22 Yueqiang Cheng , Zhi Zhang , Surya Nepal , Zhi Wang

The widespread adoption of cloud-based solutions introduces privacy and security concerns. Techniques such as homomorphic encryption (HE) mitigate this problem by allowing computation over encrypted data without the need for decryption.…

Cryptography and Security · Computer Science 2024-12-13 Mpoki Mwaisela , Joel Hari , Peterson Yuhala , Jämes Ménétrey , Pascal Felber , Valerio Schiavoni

Plenty of in-process vulnerabilities are blamed on various out of bound memory accesses. Previous prevention methods are mainly based on software checking associated with performance overhead, while traditional hardware protection…

Cryptography and Security · Computer Science 2018-04-11 Xiaojing Zhu , Mingyu Chen , Yangyang Zhao , Zonghui Hong , Yunge Guo

Existing anti-malware software and reverse engineering toolkits struggle with stealthy sub-OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level driver can bypass OS-level anti-virus mechanisms easily.…

The development process of microcontroller firmware often involves multiple parties. In such a scenario, the Intellectual Property (IP) is not protected against adversarial developers which have unrestricted access to the firmware binary.…

Cryptography and Security · Computer Science 2019-09-13 Marc Schink , Johannes Obermaier

Cryptographic algorithms such as AES-128 and SHA-256 are fundamental to ensuring data security and integrity. Although these algorithms are computationally efficient, their performance is often constrained by the processor-centric…

Cryptography and Security · Computer Science 2026-05-20 Nicola Barcarolo , Brahmaiah Gandham , Mohammad Sadrosadati , Roberto Passerone , Onur Mutlu , Flavio Vella

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

The growing complexity of real-time embedded systems demands strong isolation of software components into separate protection domains to reduce attack surfaces and limit fault propagation. However, application-supplied device interrupt…

Cryptography and Security · Computer Science 2026-04-07 Hongbin Yang , Huanle Zhang , Runyu Pan

Runtime integrity measurements identify unexpected changes in operating systems and hypervisors during operation, enabling early detection of persistent threats. System Management Mode, a privileged x86 CPU mode, has the potential to…

Cryptography and Security · Computer Science 2018-05-11 Brian Delgado , Karen L. Karavanic

The security of microcontrollers, which drive modern IoT and embedded devices, continues to raise major concerns. Within a microcontroller (MCU), the firmware is a monolithic piece of software that contains the whole software stack, whereas…

Cryptography and Security · Computer Science 2023-12-05 Bo Feng , Meng Luo , Changming Liu , Long Lu , Engin Kirda