English
Related papers

Related papers: Isolating Functions at the Hardware Limit with Vir…

200 papers

Cloud stacks must isolate application components, while permitting efficient data sharing between components deployed on the same physical host. Traditionally, the MMU enforces isolation and permits sharing at page granularity. MMU…

Operating Systems · Computer Science 2022-06-27 Vasily A. Sartakov , Lluís Vilanova , David Eyers , Takahiro Shinagawa , Peter Pietzuch

As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a hypervisor architecture for…

Cryptography and Security · Computer Science 2025-04-23 James Mickens , Sarah Radway , Ravi Netravali

Confidential computing safeguards sensitive computations from untrusted clouds, with Confidential Virtual Machines (CVMs) providing a secure environment for guest OS. However, CVMs often come with large and vulnerable operating system…

Cryptography and Security · Computer Science 2024-07-19 Benshan Mei , Saisai Xia , Wenhao Wang , Dongdai Lin

Virtualization is a technique that allows multiple instances typically running different guest operating systems on top of single physical hardware. A hypervisor, a layer of software running on top of the host operating system, typically…

Cryptography and Security · Computer Science 2025-01-03 Krishna Sai Ketha , Guanqun Song , Ting Zhu

Over the last years, security kernels have played a promising role in reshaping the landscape of platform security on today's ubiquitous embedded devices. Security kernels, such as separation kernels, enable constructing high-assurance…

Cryptography and Security · Computer Science 2020-05-07 Hamed Nemati

Cloud computing requires isolation and portability for workloads. Cloud vendors must isolate each user's resources from others to prevent them from attacking other users or the whole system. Users may want to move their applications to…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-11-05 Soichiro Ueda , Ai Nozaki , Daisuke Kotani , Yasuo Okabe

Protecting commodity operating systems and applications against malware and targeted attacks has proven to be difficult. In recent years, virtualization has received attention from security researchers who utilize it to harden existing…

Cryptography and Security · Computer Science 2014-05-26 Francesco Gadaleta , Raoul Strackx , Nick Nikiforakis , Frank Piessens , Wouter Joosen

Many applications have service requirements that are not easily met by existing operating systems. Real-time and security-critical tasks, for example, often require custom OSes to meet their needs. However, development of special purpose…

Operating Systems · Computer Science 2018-01-25 Ying Ye , Zhuoqun Cheng , Soham Sinha , Richard West

Plenty of in-process vulnerabilities are blamed on various out of bound memory accesses. Previous prevention methods are mainly based on software checking associated with performance overhead, while traditional hardware protection…

Cryptography and Security · Computer Science 2018-04-11 Xiaojing Zhu , Mingyu Chen , Yangyang Zhao , Zonghui Hong , Yunge Guo

Real-time embedded platforms with resource constraints can take the benefits of mixed-criticality system where applications with different criticality-level share computational resources, with isolation in the temporal and spatial domain. A…

Systems and Control · Electrical Eng. & Systems 2022-08-31 Shibarchi Majumder , Jens Frederik Dalsgaard Nielsen , Thomas Bak

Sensitive computations are now routinely delegated to third-parties. In response, Confidential Computing technologies are being introduced to microprocessors, offering a protected processing environment, which we generically call an…

Operating systems provide an abstraction layer between the hardware and higher-level software. Many abstractions, such as threads, processes, containers, and virtual machines, are mechanisms to provide isolation. New application scenarios…

Cryptography and Security · Computer Science 2023-09-19 Sidhartha Agrawal , Reto Achermann , Margo Seltzer

Commodity applications contain more and more combinations of interacting components (user, application, library, and system) and exhibit increasingly diverse tradeoffs between isolation, performance, and programmability. We argue that the…

Cryptography and Security · Computer Science 2021-08-11 Bumjin Im , Fangfei Yang , Chia-Che Tsai , Michael LeMay , Anjo Vahldiek-Oberwagner , Nathan Dautenhahn

As OS-level virtualization technology usually imposes little overhead on virtual machine start-up and running, it provides an excellent choice for building intrusion/fault tolerant applications that require redundancy and frequent…

Operating Systems · Computer Science 2016-09-16 Zhiyong Shan , Yang Yu , Tzi-cker Chiueh

Cloud computing is a convenient model for processing data remotely. However, users must trust their cloud provider with the confidentiality and integrity of the stored and processed data. To increase the protection of virtual machines, AMD…

Cryptography and Security · Computer Science 2020-10-15 Martin Radev , Mathias Morbitzer

This report presents a taxonomy of vulnerabilities created as a part of an effort to develop a framework for deriving verification and validation strategies to assess software security. This taxonomy is grounded in a theoretical model of…

Cryptography and Security · Computer Science 2007-05-23 Anil Bazaz , James D. Arthur

Serverless computing provides just-in-time infrastructure provisioning with rapid elasticity and a finely-grained pricing model. As full control of resource allocation is in the hands of the cloud provider and applications only consume…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-10-10 Natalie Carl , Tobias Pfandzelter , David Bermbach

Recently, the WebAssembly (or Wasm) technology has been rapidly evolving, with many runtimes actively under development, providing cross-platform secure sandboxes for Wasm modules to run as portable containers. Compared with Docker, which…

Cryptography and Security · Computer Science 2025-09-16 Zhaofeng Yu , Dongyang Zhan , Lin Ye , Haining Yu , Hongli Zhang , Zhihong Tian

Nowadays, industries are looking into virtualization as an effective means to build safe applications, thanks to the isolation it can provide among virtual machines (VMs) running on the same hardware. In this context, a fundamental issue is…

Cryptography and Security · Computer Science 2023-03-24 Carmine Cesarano , Marcello Cinque , Domenico Cotroneo , Luigi De Simone , Giorgio Farina

The primary motivation for uptake of virtualization have been resource isolation, capacity management and resource customization: isolation and capacity management allow providers to isolate users from the site and control their resources…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-11-17 Omer Khalid , Richard Anthony , Paul Nillson , Kate Keahey , Markus Schulz , Miltos Petridis , Kevin Parrott
‹ Prev 1 2 3 10 Next ›