English
Related papers

Related papers: Making 'syscall' a Privilege not a Right

200 papers

In this paper a pipelined architecture of a high speed network security processor (NSP) for SSL,TLS protocol is implemented on a system on chip (SOC) where hardware information of all encryption, hashing and key exchange algorithms are…

Hardware Architecture · Computer Science 2016-11-25 Rourab Paul , Amlan Chakrabarti , Ranjan Ghosh

Intel's software guard extensions (SGX) provide hardware enclaves to guarantee confidentiality and integrity for sensitive code and data. However, systems leveraging such security mechanisms must often pay high performance overheads. A…

Cryptography and Security · Computer Science 2023-07-10 Peterson Yuhala , Michael Paper , Timothée Zerbib , Pascal Felber , Valerio Schiavoni , Alain Tchana

Data analyses in the life sciences are moving from tools run on a personal computer to services run on large computing platforms. This creates a need to package tools and dependencies for easy installation, configuration and deployment on…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-12-27 Inge Alexander Raknes , Bjørn Fjukstad , Lars Ailo Bongo

In kernel-centric operations, the uprobe component of eBPF frequently encounters performance bottlenecks, largely attributed to the overheads borne by context switches. Transitioning eBPF operations to user space bypasses these hindrances,…

Operating Systems · Computer Science 2025-08-01 Yusheng Zheng , Tong Yu , Yiwei Yang , Yanpeng Hu , Xiaozheng Lai , Andrew Quinn

Intel Software Guard Extensions (SGX) enables user-level code to create private memory regions called enclaves, whose code and data are protected by the CPU from software and hardware attacks outside the enclaves. Recent work introduces…

Operating Systems · Computer Science 2020-01-22 Youren Shen , Hongliang Tian , Yu Chen , Kang Chen , Runji Wang , Yi Xu , Yubin Xia

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing mandatory access control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. But this is challenging as SELinux…

Cryptography and Security · Computer Science 2022-06-01 Lorenzo Ceragioli , Letterio Galletta , Pierpaolo Degano , David Basin

Trusted executions environments (TEEs) such as Intel(R) SGX provide hardware-isolated execution areas in memory, called enclaves. By running only the most trusted application components in the enclave, TEEs enable developers to minimize the…

Cryptography and Security · Computer Science 2020-06-19 Marcela S. Melara , Michael J. Freedman , Mic Bowman

Speculative execution techniques have been a cornerstone of modern processors to improve instruction-level parallelism. However, recent studies showed that this kind of techniques could be exploited by attackers to leak secret data via…

Cryptography and Security · Computer Science 2021-07-20 Bowen Tang , Chenggang Wu , Zhe Wang , Lichen Jia , Pen-Chung Yew , Yueqiang Cheng , Yinqian Zhang , Chenxi Wang , Guoqing Harry Xu

Cloud computing offers the economies of scale for computational resources with the ease of management, elasticity, and fault tolerance. To take advantage of these benefits, many enterprises are contemplating to outsource the middlebox…

Cryptography and Security · Computer Science 2019-10-18 Bohdan Trach , Alfred Krohmer , Sergei Arnautov , Franz Gregor , Pramod Bhatotia , Christof Fetzer

The European Union technological sovereignty strategy centers around the RISC-V Instruction Set Architecture, with the European Processor Initiative leading efforts to build production-ready processors. Focusing on realizing a functional…

Operating Systems · Computer Science 2025-05-16 Petar Andrić , Aaron Call , Ramon Nou

Trusted Execution Environments (TEEs) allow user processes to create enclaves that protect security-sensitive computation against access from the OS kernel and the hypervisor. Recent work has shown that TEEs are vulnerable to side-channel…

Cryptography and Security · Computer Science 2023-12-20 Shujie Cui , Haohua Li , Yuanhong Li , Zhi Zhang , Lluís Vilanova , Peter Pietzuch

With the increasing popularity of AArch64 processors in general-purpose computing, securing software running on AArch64 systems against control-flow hijacking attacks has become a critical part toward secure computation. Shadow stacks keep…

Cryptography and Security · Computer Science 2023-07-20 Zhuojia Shen , John Criswell

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier

Computer systems often provide hardware support for isolation mechanisms like privilege levels, virtual memory, or enclaved execution. Over the past years, several successful software-based side-channel attacks have been developed that…

Cryptography and Security · Computer Science 2020-01-30 Matteo Busi , Job Noorman , Jo Van Bulck , Letterio Galletta , Pierpaolo Degano , Jan Tobias Mühlberg , Frank Piessens

In-storage computing with modern solid-state drives (SSDs) enables developers to offload programs from the host to the SSD. It has been proven to be an effective approach to alleviate the I/O bottleneck. To facilitate in-storage computing,…

Hardware Architecture · Computer Science 2021-09-09 Luyi Kang , Yuqi Xue , Weiwei Jia , Xiaohao Wang , Jongryool Kim , Changhwan Youn , Myeong Joon Kang , Hyung Jin Lim , Bruce Jacob , Jian Huang

Least privilege is a core security principle: grant each request only the minimum access needed to achieve its goal. Deployed language models almost never follow it, instead being exposed through a single API endpoint that serves all users…

Cryptography and Security · Computer Science 2026-03-05 Paulius Rauba , Dominykas Seputis , Patrikas Vanagas , Mihaela van der Schaar

Applications with safety requirements have become ubiquitous nowadays and can be found in edge devices of all kinds. However, microcontrollers in those devices, despite offering moderate performance by implementing multicores and cache…

Hardware Architecture · Computer Science 2022-10-04 Fabio Mazzocchetti , Sergi Alcaide , Francisco Bas , Pedro Benedicte , Guillem Cabo , Feng Chang , Francisco Fuentes , Jaume Abella

Intel has introduced a trusted computing technology, Intel Software Guard Extension (SGX), which provides an isolated and secure execution environment called enclave for a user program without trusting any privilege software (e.g., an…

Cryptography and Security · Computer Science 2018-11-14 Jinwen Wang , Yueqiang Cheng , Qi Li , Yong Jiang

Hardware-enclaves that target complex CPU designs compromise both security and performance. Programs have little control over micro-architecture, which leads to side-channel leaks, and then have to be transformed to have worst-case control-…

Cryptography and Security · Computer Science 2020-07-16 Sarbartha Banerjee , Prakash Ramrakhyani , Shijia Wei , Mohit Tiwari

The current zero trust model adopted in System-on-Chip (SoC) design is vulnerable to various malicious entities, and modern SoC designs must incorporate various security policies to protect sensitive assets from unauthorized access. These…

Cryptography and Security · Computer Science 2023-08-08 Sudipta Paria , Swarup Bhunia