English
Related papers

Related papers: The Endokernel: Fast, Secure, and Programmable Sub…

200 papers

Virtualization is a technique that allows multiple instances typically running different guest operating systems on top of single physical hardware. A hypervisor, a layer of software running on top of the host operating system, typically…

Cryptography and Security · Computer Science 2025-01-03 Krishna Sai Ketha , Guanqun Song , Ting Zhu

Intel Trust Domain Extensions (TDX) is a new architectural extension in the 4th Generation Intel Xeon Scalable Processor that supports confidential computing. TDX allows the deployment of virtual machines in the Secure-Arbitration Mode…

Cryptography and Security · Computer Science 2023-03-29 Pau-Chen Cheng , Wojciech Ozga , Enriquillo Valdez , Salman Ahmed , Zhongshu Gu , Hani Jamjoom , Hubertus Franke , James Bottomley

Network protocols have historically been developed on an ad-hoc basis, and cloud computing is no exception. A fundamental management protocol, not yet standardized, that cloud providers need to run to support wide-area virtual network…

Networking and Internet Architecture · Computer Science 2014-03-17 Flavio Esposito , Ibrahim Matta

In the last decade, we have witnessed exponential growth in the complexity of control systems for safety-critical applications (automotive, robots, industrial automation) and their transition to heterogeneous mixed-criticality systems…

Hardware Architecture · Computer Science 2024-06-12 Michael Rogenmoser , Alessandro Ottaviano , Thomas Benz , Robert Balas , Matteo Perotti , Angelo Garofalo , Luca Benini

An important class of applications, including programs that leverage third-party libraries, programs that use user-defined functions in databases, and serverless applications, benefit from isolating the execution of untrusted code at the…

Programming Languages · Computer Science 2022-03-18 Nicholas C. Wanninger , Joshua J. Bowden , Kirtankumar Shetty , Ayush Garg , Kyle C. Hale

Enforcing integrity and confidentiality of users' application code and data is a challenging mission that any software developer working on an online production grade service is facing. Since cryptology is not a widely understood subject,…

Cryptography and Security · Computer Science 2018-04-04 Mohammad Hasanzadeh Mofrad , Adam Lee

Separation kernels provide temporal/spatial separation and controlled information flow to their hosted applications. They are introduced to decouple the analysis of applications in partitions from the analysis of the kernel itself. More…

Software Engineering · Computer Science 2017-01-09 Yongwang Zhao , David Sanan , Fuyuan Zhang , Yang Liu

Future mobile networks supporting Internet of Things are expected to provide both high throughput and low latency to user-specific services. One way to overcome this challenge is to adopt network function virtualization and Multi-access…

Networking and Internet Architecture · Computer Science 2019-07-04 Emmanouil Fountoulakis , Qi Liao , Manuel Stein , Nikolaos Pappas

CPUs provide isolation mechanisms like virtualization and privilege levels to protect software. Yet these focus on architectural isolation while typically overlooking microarchitectural side channels, exemplified by Meltdown and Foreshadow.…

Cryptography and Security · Computer Science 2025-07-09 Oleksii Oleksenko , Flavien Solt , Cédric Fournet , Jana Hofmann , Boris Köpf , Stavros Volos

Microprocessors enable aggressive hardware virtualization by means of which multiple processes temporally execute on the system. These security-critical and ordinary processes interact with each other to assure application progress.…

Cryptography and Security · Computer Science 2020-01-28 Hamza Omar , Omer Khan

Software defined networking (SDN) has emerged as a promising paradigm for making the control of communication networks flexible. SDN separates the data packet forwarding plane, i.e., the data plane, from the control plane and employs a…

Networking and Internet Architecture · Computer Science 2016-09-12 Andreas Blenk , Arsany Basta , Martin Reisslein , Wolfgang Kellerer

This paper presents the "isolate first, then share" OS model in which the processor cores, memory, and devices are divided up between disparate OS instances and a new abstraction, subOS, is proposed to encapsulate an OS instance that can be…

Operating Systems · Computer Science 2017-10-27 Gang Lu , Jianfeng Zhan , Chongkang Tan , Xinlong Lin , Defei Kong , Chen Zheng , Fei Tang , Cheng Huang , Lei Wang , Tianshu Hao

To ensure secure and trustworthy execution of applications, vendors frequently embed trusted execution environments into their systems. Here, applications are protected from adversaries, including a malicious operating system. TEEs are…

Cryptography and Security · Computer Science 2021-03-10 Pascal Nasahl , Robert Schilling , Mario Werner , Stefan Mangard

An effective packet processing abstraction that leverages software or hardware acceleration techniques can simplify the implementation of high-performance virtual network functions. In this paper, we explore the suitability of SDN switches'…

Networking and Internet Architecture · Computer Science 2016-11-10 Luca Petrucci , Nicola Bonelli , Marco Bonola , Gregorio Procissi , Carmelo Cascone , Davide Sanvito , Salvatore Pontarelli , Giuseppe Bianchi , Roberto Bifulco

Enclaves have emerged as a particularly compelling primitive to implement trusted execution environments: strongly isolated sensitive user-mode processes in a largely untrusted software environment. While the threat models employed by…

Cryptography and Security · Computer Science 2018-12-31 Ilia Lebedev , Kyle Hogan , Jules Drean , David Kohlbrenner , Dayeol Lee , Krste Asanović , Dawn Song , Srinivas Devadas

We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally…

Cryptography and Security · Computer Science 2009-05-12 Stere Preda , Nora Cuppens-Boulahia , Frederic Cuppens , Joaquin Garcia-Alfaro , Laurent Toutain

Recent proliferation of embedded systems has generated a bold new paradigm, known as open embedded systems. While traditional embedded systems provide only closed base applications (natively-installed software) to users, open embedded…

Distributed, Parallel, and Cluster Computing · Computer Science 2010-06-30 Hiroaki Inoue

Trusted Execution Environment, or enclave, promises to protect data confidentiality and execution integrity of an outsourced computation on an untrusted host. Extending the protection to distributed applications that run on physically…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-05-17 Hung Dang , Ee-Chien Chang

In the future, computing will be immersed in the world around us -- from augmented reality to autonomous vehicles to the Internet of Things. Many of these smart devices will offer services that respond in real time to their physical…

Operating Systems · Computer Science 2019-01-07 Yuxin Ren , Vlad Nitu , Guyue Liu , Gabriel Parmer , Timothy Wood , Alain Tchana , Riley Kennedy

VPN service providers (VSP) and IP-VPN customers have traditionally maintained service demarcation boundaries between their routing and signaling entities. This has resulted in the VPNs viewing the VSP network as an opaque entity and…

Networking and Internet Architecture · Computer Science 2019-12-11 Ravishankar Ravindran , Changcheng Huang , Krishnaiyan Thulasiraman , Tachun Lin
‹ Prev 1 3 4 5 6 7 10 Next ›