English
Related papers

Related papers: Apptainer Without Setuid

200 papers

Do Linux distribution package managers need the privileged operations they request to actually happen? Apparently not, at least for building container images for HPC applications. We use this observation to implement a root emulation mode…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-13 Reid Priedhorsky , Michael Jennings , Megan Phinney

We describe SAFIUS, a secure accountable file system that resides over an untrusted storage. SAFIUS provides strong security guarantees like confidentiality, integrity, prevention from rollback attacks, and accountability. SAFIUS also…

Operating Systems · Computer Science 2016-11-18 V Sriram , Ganesh Narayan , K Gopinath

Containers are increasingly used as means to distribute and run Linux services and applications. In this paper we describe the architectural design and implementation of udocker, a tool which enables the user to execute Linux containers in…

Software Engineering · Computer Science 2018-08-07 Jorge Gomes , Isabel Campos , Emanuele Bagnaschi , Mario David , Luis Alves , Joao Martins , Joao Pina , Alvaro Lopez-Garcia , Pablo Orviz

In this paper we present reclaimID: An architecture that allows users to reclaim their digital identities by securely sharing identity attributes without the need for a centralised service provider. We propose a design where user attributes…

Cryptography and Security · Computer Science 2018-09-11 Martin Schanzenbach , Georg Bramm , Julian Schütte

Capability-based memory isolation is a promising new architectural primitive. Software can access low-level memory only via capability handles rather than raw pointers, which provides a natural interface to enforce security restrictions.…

Cryptography and Security · Computer Science 2023-03-10 Jason Zhijingcheng Yu , Conrad Watt , Aditya Badole , Trevor E. Carlson , Prateek Saxena

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier

HPC centers face increasing demand for software flexibility, and there is growing consensus that Linux containers are a promising solution. However, existing container build solutions require root privileges and cannot be used directly on…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-02-02 Reid Priedhorsky , R. Shane Canon , Timothy Randles , Andrew J. Younge

Linux container technologies such as Docker and Singularity offer encapsulated environments for easy execution of software. In high performance computing, this is especially important for evolving and complex software stacks with…

Operating Systems · Computer Science 2022-12-15 Vanessa Sochat , Matthieu Muffato , Audrey Stott , Marco De La Pierre , Georgia Stuart

Passwordless authentication was first tested for seamless and secure merchant payments without the use of passwords or pins. It opened a whole new world of authentications giving up the former reliance on traditional passwords. It relied on…

Cryptography and Security · Computer Science 2023-07-17 Aditya Mitra , Anisha Ghosh , Sibi Chakkaravarthy Sethuraman

Modern operating systems all support multi-users that users could share a computer simultaneously and not affect each other. However, there are some limitations. For example, privacy problem exists that users are visible to each other in…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-12-10 Wenzhe Zhang , Kai Lu , Ruibo Wang , Wanqing Chi , Mingtian Shao , Huijun Wu , Mikel Luján , Xiaoping Wang

Linux containers currently provide limited isolation guarantees. While containers separate namespaces and partition resources, the patchwork of mechanisms used to ensure separation cannot guarantee consistent security semantics. Even worse,…

Cryptography and Security · Computer Science 2021-02-16 William Findlay , David Barrera , Anil Somayaji

An inherent security limitation with the classic multithreaded programming model is that all the threads share the same address space and, therefore, are implicitly assumed to be mutually trusted. This assumption, however, does not take…

Operating Systems · Computer Science 2013-05-22 Jun Wang , Xi Xiong , Peng Liu

Strong confidentiality, integrity, user control, reliability and performance are critical requirements in privacy-sensitive applications. Such applications would benefit from a data storage and sharing infrastructure that provides these…

Cryptography and Security · Computer Science 2024-03-26 Arastoo Bozorgi , Mahya Soleimani Jadidi , Jonathan Anderson

Embedded devices face an ever-expanding threat landscape: vulnerabilities in application software, operating system kernels, and peripherals threaten the embedded device integrity. Existing computer-architectural defenses fully consider at…

Cryptography and Security · Computer Science 2026-03-10 Eric Ackermann , Sven Bugiel

Although cloud storage platforms promise a convenient way for users to share files and engage in collaborations, they require all files to have a single owner who unilaterally makes access control decisions. Existing clouds are, thus,…

Cryptography and Security · Computer Science 2013-11-26 Claudio Soriente , Ghassan Karame , Hubert Ritzdorf , Srdjan Marinovic , Srdjan Capkun

Modern FaaS systems perform well in the case of repeat executions when function working sets stay small. However, these platforms are less effective when applied to more complex, large-scale and dynamic workloads. In this paper, we…

Operating Systems · Computer Science 2019-10-04 James Cadden , Thomas Unger , Yara Awad , Han Dong , Orran Krieger , Jonathan Appavoo

High availability is no longer just a business continuity concern. Users are increasingly dependant on devices that consume and produce data in ever increasing volumes. A popular solution is to have a central repository which each device…

Cryptography and Security · Computer Science 2015-06-05 Mark Scanlon , Jason Farina , M-Tahar Kechadi

Cloud computing has emerged as a corner stone of today's computing landscape. More and more customers who outsource their infrastructure benefit from the manageability, scalability and cost saving that come with cloud computing. Those…

Cryptography and Security · Computer Science 2022-05-13 Ferdinand Brasser , Patrick Jauernig , Frederik Pustelnik , Ahmad-Reza Sadeghi , Emmanuel Stapf

Serverless computing has grown in popularity in recent years, with an increasing number of applications being built on Functions-as-a-Service (FaaS) platforms. By default, FaaS platforms support retry-based fault tolerance, but this is…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-03-16 Vikram Sreekanti , Chenggang Wu , Saurav Chhatrapati , Joseph E. Gonzalez , Joseph M. Hellerstein , Jose M. Faleiro

The Encrypted File System (EFS) pushes encryption services into the file system itself. EFS supports secure storage at the system level through a standard UNIX file system interface to encrypted files. User can associate a cryptographic key…

Cryptography and Security · Computer Science 2009-08-06 Dr. Shishir Kumar , U. S. Rawat , Sameer Kumar Jasra , Akshay Kumar Jain
‹ Prev 1 2 3 10 Next ›