English
Related papers

Related papers: Isolating Real-Time Safety-Critical Embedded Syste…

200 papers

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

Intel Software Guard Extensions (SGX) enables user-level code to create private memory regions called enclaves, whose code and data are protected by the CPU from software and hardware attacks outside the enclaves. Recent work introduces…

Operating Systems · Computer Science 2020-01-22 Youren Shen , Hongliang Tian , Yu Chen , Kang Chen , Runji Wang , Yi Xu , Yubin Xia

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a…

Cryptography and Security · Computer Science 2017-08-22 Ahmad Moghimi , Gorka Irazoqui , Thomas Eisenbarth

Modern CPU architectures offer strong isolation guarantees towards user applications in the form of enclaves. For instance, Intel's threat model for SGX assumes fully trusted enclaves, yet there is an ongoing debate on whether this threat…

Cryptography and Security · Computer Science 2019-02-12 Michael Schwarz , Samuel Weiser , Daniel Gruss

Intel(r) Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-07-14 Simon Johnson , Raghunandan Makaram , Amy Santoni , Vinnie Scarlata

Exceptions are a commodity hardware functionality which is central to multi-tasking OSes as well as event-driven user applications. Normally, the OS assists the user application by lifting the semantics of exceptions received from hardware…

Cryptography and Security · Computer Science 2021-10-14 Jinhua Cui , Jason Zhijingcheng Yu , Shweta Shinde , Prateek Saxena , Zhiping Cai

Network Function Virtualization (NFV) promises the benefits of reduced infrastructure, personnel, and management costs by outsourcing network middleboxes to the public or private cloud. Unfortunately, running network functions in the cloud…

Networking and Internet Architecture · Computer Science 2018-02-05 Dmitrii Kuvaiskii , Somnath Chakrabarti , Mona Vij

MapReduce is a programming model used extensively for parallel data processing in distributed environments. A wide range of algorithms were implemented using MapReduce, from simple tasks like sorting and searching up to complex clustering…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-05-17 Rafael Pires , Daniel Gavril , Pascal Felber , Emanuel Onica , Marcelo Pasin

Hardware support for trusted execution in modern CPUs enables tenants to shield their data processing workloads in otherwise untrusted cloud environments. Runtime systems for the trusted execution must rely on an interface to the untrusted…

Operating Systems · Computer Science 2020-01-22 Christian Priebe , Divya Muthukumaran , Joshua Lind , Huanzhou Zhu , Shujie Cui , Vasily A. Sartakov , Peter Pietzuch

The widening availability of hardware-based trusted execution environments (TEEs) has been accelerating the adaptation of new applications using TEEs. Recent studies showed that a cloud application consists of multiple distributed software…

Cryptography and Security · Computer Science 2022-12-23 Joongun Park , Seunghyo Kang , Sanghyeon Lee , Taehoon Kim , Jongse Park , Youngjin Kwon , Jaehyuk Huh

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot…

Cryptography and Security · Computer Science 2020-07-17 Tobias Cloosters , Michael Rodler , Lucas Davi

Since its debut, SGX has been used in many applications, e.g., secure data processing. However, previous systems usually assume a trusted enclave and ignore the security issues caused by an untrusted enclave. For instance, a vulnerable (or…

Cryptography and Security · Computer Science 2020-10-26 Yuan Chen , Jiaqi Li , Guorui Xu , Yajin Zhou , Zhi Wang , Cong Wang , Kui Ren

Intel(R) Software Guard Extensions (Intel(R) SGX) is a promising technology to securely process information in otherwise untrusted environments. An important aspect of Intel SGX is the ability to perform remote attestation to assess the…

Cryptography and Security · Computer Science 2019-07-29 Thomas Knauth , Michael Steiner , Somnath Chakrabarti , Li Lei , Cedric Xing , Mona Vij

Besides Intel's SGX technology, there are long-running discussions on how trusted computing technologies can be used to cloak malware. Past research showed example methods of malicious activities utilising Flicker, Trusted Platform Module,…

Cryptography and Security · Computer Science 2022-11-02 Kubilay Ahmet Küçük , Steve Moyle , Andrew Martin , Alexandru Mereacre , Nicholas Allott

Modern processors can offer hardware primitives that allow a process to run in isolation. These primitives implement a trusted execution environment (TEE) in which a program can run such that the integrity and confidentiality of its…

Cryptography and Security · Computer Science 2021-05-14 Pedro Antonino , Wojciech Aleksander Wołoszyn , A. W. Roscoe

The Intel Software Guard Extensions (SGX) technology enables applications to run in an isolated SGX enclave environment, with elevated confidentiality and integrity guarantees. Gramine Library OS facilitates execution of existing unmodified…

Cryptography and Security · Computer Science 2022-03-04 Dmitrii Kuvaiskii , Gaurav Kumar , Mona Vij

Microprocessors enable aggressive hardware virtualization by means of which multiple processes temporally execute on the system. These security-critical and ordinary processes interact with each other to assure application progress.…

Cryptography and Security · Computer Science 2020-01-28 Hamza Omar , Omer Khan

Embedded systems are pervasively used in many fields nowadays. In mixed-criticality environments (automotive, industry 4.0, drones, etc.) they need to run real-time applications with certain time and safety constraints alongside a rich…

Cryptography and Security · Computer Science 2021-11-05 Flavia Caforio , Pierpaolo Iannicelli , Michele Paolino , Daniel Raho

Enclaves, such as those enabled by Intel SGX, offer a powerful hardware isolation primitive for application partitioning. To become universally usable on future commodity OSes, enclave designs should offer compatibility with existing…

Cryptography and Security · Computer Science 2020-09-03 Shweta Shinde , Jinhua Cui , Satyaki Sen , Pinghai Yuan , Prateek Saxena

Containers are becoming the de facto standard to package and deploy applications and micro-services in the cloud. Several cloud providers (e.g., Amazon, Google, Microsoft) begin to offer native support on their infrastructure by integrating…

Distributed, Parallel, and Cluster Computing · Computer Science 2018-07-30 Sébastien Vaucher , Rafael Pires , Pascal Felber , Marcelo Pasin , Valerio Schiavoni , Christof Fetzer