English
Related papers

Related papers: Enabling Lightweight Privilege Separation in Appli…

200 papers

With the alarming rate of security advisories and privacy concerns on connected devices, there is an urgent need for strong isolation guarantees in resource-constrained devices that demand very lightweight solutions. However, the status quo…

Operating Systems · Computer Science 2020-04-13 Zahra Tarkhani , Anil Madhavapeddy

An inherent security limitation with the classic multithreaded programming model is that all the threads share the same address space and, therefore, are implicitly assumed to be mutually trusted. This assumption, however, does not take…

Operating Systems · Computer Science 2013-05-22 Jun Wang , Xi Xiong , Peng Liu

Modern applications are increasingly advanced and complex, and inevitably contain exploitable software bugs despite the ongoing efforts. The applications today often involve processing of sensitive information. However, the lack of…

Cryptography and Security · Computer Science 2018-05-31 Hojoon Lee , Chihyun Song , Brent Byunghoon Kang

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

Modern operating systems (OSes) have unfettered access to application data, assuming that applications trust them. This assumption, however, is problematic under many scenarios where either the OS provider is not trustworthy or the OS can…

Operating Systems · Computer Science 2022-12-27 Caihua Li , Seung-seob Lee , Min Hong Yun , Lin Zhong

We present a new least-privilege-based model of addressing on which to base memory management functionality in an OS for modern computers like phones or server-based accelerators. Existing software assumptions do not account for…

Operating Systems · Computer Science 2019-08-26 Reto Achermann , Nora Hossle , Lukas Humbel , Daniel Schwyn , David Cock , Timothy Roscoe

Modern GPU applications, such as machine learning (ML), can only partially utilize GPUs, leading to GPU underutilization in cloud environments. Sharing GPUs across multiple applications from different tenants can improve resource…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-10-17 Manos Pavlidakis , Giorgos Vasiliadis , Stelios Mavridis , Anargyros Argyros , Antony Chazapis , Angelos Bilas

Increasing data center network speed coupled with application requirements for high throughput and low latencies have raised the efficiency bar for network stacks. To reduce substantial kernel overhead in network processing, recent…

Operating Systems · Computer Science 2023-03-02 Yihan Yang , Zhuobin Huang , Antoine Kaufmann , Jialin Li

The monolithic nature of widely used commodity operating systems means that vulnerabilities in one software component potentially compromise the entire kernel. Formally verifying these systems, or redesigning them altogether as…

Cryptography and Security · Computer Science 2026-05-11 Shriram Raja , Zhiyuan Ruan , Richard West

The endless stream of vulnerabilities urgently calls for principled mitigation to confine the effect of exploitation. However, the monolithic architecture of commodity OS kernels, like the Linux kernel, allows an attacker to compromise the…

Cryptography and Security · Computer Science 2024-09-17 Yinggang Guo , Zicheng Wang , Weiheng Bai , Qingkai Zeng , Kangjie Lu

The security of applications hinges on the trustworthiness of the operating system, as applications rely on the OS to protect code and data. As a result, multiple protections for safeguarding the integrity of kernel code and data are being…

Cryptography and Security · Computer Science 2019-05-16 Salessawi Ferede Yitbarek , Todd Austin

The trade-off between coarse- and fine-grained locking is a well understood issue in operating systems. Coarse-grained locking provides lower overhead under low contention, fine-grained locking provides higher scalability under contention,…

Operating Systems · Computer Science 2016-09-29 Kevin Elphinstone , Amirreza Zarrabi , Adrian Danis , Yanyan Shen , Gernot Heiser

Embedded systems are parts of our daily life and used in many fields. They can be found in smartphones or in modern cars including GPS, light/rain sensors and other electronic assistance mechanisms. These systems may handle sensitive data…

Cryptography and Security · Computer Science 2016-02-23 Pascal Cotret , Guy Gogniat , Martha Johanna Sepulveda Florez

Microprocessors enable aggressive hardware virtualization by means of which multiple processes temporally execute on the system. These security-critical and ordinary processes interact with each other to assure application progress.…

Cryptography and Security · Computer Science 2020-01-28 Hamza Omar , Omer Khan

Smaller, smarter and faster edge devices in the Internet of things era demands secure data analysis and transmission under resource constraints of hardware architecture. Lightweight cryptography on edge hardware is an emerging topic that is…

Emerging Technologies · Computer Science 2019-06-04 Alex Pappachen James

Virtualization, after having found widespread adoption in the server and desktop arena, is poised to change the architecture of embedded systems as well. The benefits afforded by virtualization - enhanced isolation, manageability,…

Operating Systems · Computer Science 2018-06-05 Janis Danisevskis , Michael Peter , Jan Nordholz

In this paper, we propose a new secure machine learning inference platform assisted by a small dedicated security processor, which will be easier to protect and deploy compared to today's TEEs integrated into high-performance processors.…

Cryptography and Security · Computer Science 2024-10-30 Pengzhi Huang , Thang Hoang , Yueying Li , Elaine Shi , G. Edward Suh

Confidential Computing (CC) has received increasing attention in recent years as a mechanism to protect user data from untrusted operating systems (OSes). Existing CC solutions hide confidential memory from the OS and/or encrypt it to…

Cryptography and Security · Computer Science 2024-12-06 Caihua Li , Seung-seob Lee , Lin Zhong

Intel memory protection keys (MPK) is a new hardware feature to support thread-local permission control on groups of pages without requiring modification of page tables. Unfortunately, its current hardware implementation and software…

Cryptography and Security · Computer Science 2018-11-20 Soyeon Park , Sangho Lee , Wen Xu , Hyungon Moon , Taesoo Kim

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier
‹ Prev 1 2 3 10 Next ›