English
Related papers

Related papers: CapExec: Towards Transparently-Sandboxed Services …

200 papers

Sandboxing restricts what applications do, and prevents exploited processes being abused; yet relatively few applications get sandboxed: why? We report a usability trial with 7 experienced Seccomp developers exploring how they approached…

Operating Systems · Computer Science 2025-06-13 Maysara Alhindi , Joseph Hallett

Sandboxing mechanisms allow developers to limit how much access applications have to resources, following the least-privilege principle. However, it's not clear how much and in what ways developers are using these mechanisms. This study…

Software Engineering · Computer Science 2024-05-14 Maysara Alhindi , Joseph Hallett

Applications running in Trusted Execution Environments (TEEs) commonly use untrusted external services such as host File System. Adversaries may maliciously alter the normal service behavior to trigger subtle application bugs that would…

Cryptography and Security · Computer Science 2022-11-15 Meni Orenbach , Bar Raveh , Alon Berkenstadt , Yan Michalevsky , Shachar Itzhaky , Mark Silberstein

AI agents increasingly run untrusted code on developer machines: shell commands generated by language models, third-party scripts retrieved at runtime, and tool plugins of unknown provenance. Existing isolation mechanisms impose tradeoffs…

Cryptography and Security · Computer Science 2026-05-27 Cong Wang , Yusheng Zheng

Serverless computing is an approach to cloud computing that allows programmers to run serverless functions in response to external events. Serverless functions are priced at sub-second granularity, support transparent elasticity, and…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-08-05 Emily Herbert , Arjun Guha

A growing framework of legal and ethical requirements limit scientific and commercial evalua-tion of personal data. Typically, pseudonymization, encryption, or methods of distributed com-puting try to protect individual privacy. However,…

Cryptography and Security · Computer Science 2018-11-21 Nikolaus von Bomhard , Bernd Ahlborn , Catherine Mason , Ulrich Mansmann

Covert channels can be utilized to secretly deliver information from high privileged processes to low privileged processes in the context of a high-assurance computing system. In this case study, we investigate the possibility of covert…

Cryptography and Security · Computer Science 2015-08-24 Wolfgang Schmidt , Michael Hanspach , Jörg Keller

In-network computing using programmable networking hardware is a strong trend in networking that promises to reduce latency and consumption of server resources through offloading to network elements (programmable switches and smart NICs).…

Networking and Internet Architecture · Computer Science 2018-06-13 Thomas Kohler , Ruben Mayer , Frank Dürr , Marius Maaß , Sukanya Bhowmik , Kurt Rothermel

There are many sandboxing mechanisms provided by operating systems to limit what resources applications can access, however, sometimes the use of these mechanisms requires developers to refactor their code to fit the sandboxing model. In…

Cryptography and Security · Computer Science 2025-07-01 Maysara Alhindi , Joseph Hallett

Cloud computing has emerged as a corner stone of today's computing landscape. More and more customers who outsource their infrastructure benefit from the manageability, scalability and cost saving that come with cloud computing. Those…

Cryptography and Security · Computer Science 2022-05-13 Ferdinand Brasser , Patrick Jauernig , Frederik Pustelnik , Ahmad-Reza Sadeghi , Emmanuel Stapf

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

This paper presents SplitBox, a scalable system for privately processing network functions that are outsourced as software processes to the cloud. Specifically, providers processing the network functions do not learn the network policies…

Cryptography and Security · Computer Science 2016-05-13 Hassan Jameel Asghar , Luca Melis , Cyril Soldani , Emiliano De Cristofaro , Mohamed Ali Kaafar , Laurent Mathy

Trust is arguably the most important challenge for critical services both deployed as well as accessed remotely over the network. These systems are exposed to a wide diversity of threats, ranging from bugs to exploits, active attacks, rogue…

There is an increasing trend that enterprises outsource their network functions to the cloud for lower cost and ease of management. However, network function outsourcing brings threats to the privacy of enterprises since the cloud is able…

Networking and Internet Architecture · Computer Science 2016-06-24 Huazhe Wang , Xin Li , Yu Zhao , Ye Yu , Hongkun Yang , Chen Qian

We introduce a new mechanism to securely extend systems data collection software with potentially untrusted third-party code. Unlike existing tools which run extension modules or plugins directly inside the monitored endpoint (the guest),…

Cryptography and Security · Computer Science 2021-11-11 Sahil Suneja , Canturk Isci

Multi-access Edge Computing (MEC) is booming as a promising paradigm to push the computation and communication resources from cloud to the network edge to provide services and to perform computations. With container technologies, mobile…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-05-20 Hailiang Zhao , Shuiguang Deng , Zijie Liu , Jianwei Yin , Schahram Dustdar

Several researchers have proposed solutions for secure data outsourcing on the public clouds based on encryption, secret-sharing, and trusted hardware. Existing approaches, however, exhibit many limitations including high computational…

Databases · Computer Science 2018-12-06 Sharad Mehrotra , Kerim Yasin Oktay , Shantanu Sharma

Software transactional memory implementations which allow transactions to work on inconsistent states of shared data, risk to cause application visible errors such as memory access violations or endless loops. Hence, many implementations…

Distributed, Parallel, and Cluster Computing · Computer Science 2014-09-23 Holger Machens

Complex Event Processing (CEP) is a powerful paradigm for scalable data management that is employed in many real-world scenarios such as detecting credit card fraud in banks. The so-called complex events are expressed using a specification…

Networking and Internet Architecture · Computer Science 2021-07-09 Manisha Luthra , Sebastian Hennig , Kamran Razavi , Lin Wang , Boris Koldehofe

With the wide/rapid spread of distributed systems for information processing, such as cloud computing and social networking, not only transmission but also processing is done on the internet. Therefore, a lot of studies on secure, efficient…

Cryptography and Security · Computer Science 2018-11-27 Hitoshi Kiya
‹ Prev 1 2 3 10 Next ›