English
Related papers

Related papers: CAPIO: Safe Kernel-Bypass of Commodity Devices usi…

200 papers

In-process compartmentalization and access control have been actively explored to provide in-place and efficient isolation of in-process security domains. Many works have proposed compartmentalization schemes that leverage hardware…

Cryptography and Security · Computer Science 2023-09-21 Kha Dinh Duy , Kyuwon Cho , Taehyun Noh , Hojoon Lee

Compartmentalization is a form of defensive software design in which an application is broken down into isolated but communicating components. Retrofitting compartmentalization into existing applications is often thought to be expensive…

Cryptography and Security · Computer Science 2023-09-22 John Alistair Kressel , Hugo Lefeuvre , Pierre Olivier

A modern GPU aims to simultaneously execute more warps for higher Thread-Level Parallelism (TLP) and performance. When generating many memory requests, however, warps contend for limited cache space and thrash cache, which in turn severely…

Hardware Architecture · Computer Science 2018-05-22 Jie Zhang , Shuwen Gao , Nam Sung Kim , Myoungsoo Jung

Capability-based memory isolation is a promising new architectural primitive. Software can access low-level memory only via capability handles rather than raw pointers, which provides a natural interface to enforce security restrictions.…

Cryptography and Security · Computer Science 2023-03-10 Jason Zhijingcheng Yu , Conrad Watt , Aditya Badole , Trevor E. Carlson , Prateek Saxena

MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…

Operating Systems · Computer Science 2024-01-19 Hesham Almatary , Alfredo Mazzinghi , Robert N. M. Watson

This paper presents an in-kernel, hardware-based control-flow integrity (CFI) protection, called PAL, that utilizes ARM's Pointer Authentication (PA). It provides three important benefits over commercial, state-of-the-art PA-based CFIs like…

Cryptography and Security · Computer Science 2021-12-15 Sungbae Yoo , Jinbum Park , Seolheui Kim , Yeji Kim , Taesoo Kim

The high memory and computation demand of large language models (LLMs) makes them challenging to be deployed on consumer devices due to limited GPU memory. Offloading can mitigate the memory constraint but often suffers from low GPU…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-06-16 Yangyijian Liu , Jun Li , Wu-Jun Li

Existing high-end embedded systems face frequent security attacks. Software compartmentalization is one technique to limit the attacks' effects to the compromised compartment and not the entire system. Unfortunately, the existing…

Oblivious RAM (ORAM) hides the memory access patterns, enhancing data privacy by preventing attackers from discovering sensitive information based on the sequence of memory accesses. The performance of ORAM is often limited by its inherent…

Cryptography and Security · Computer Science 2024-11-11 Haojie Ye , Yuchen Xia , Yuhan Chen , Kuan-Yu Chen , Yichao Yuan , Shuwen Deng , Baris Kasikci , Trevor Mudge , Nishil Talati

This technical report describes a new extension to capability machines. Capability machines are a special type of processors that include better security primitives at the hardware level. In capability machines, every word has an associated…

Programming Languages · Computer Science 2020-06-03 Sander Huyghebaert , Thomas Van Strydonck , Steven Keuchel , Dominique Devriese

Memory corruption attacks have been prevalent in software for a long time. Some mitigation strategies against these attacks do exist, but they are not as far-reaching or as efficient as the CHERI architecture. CHERI uses capabilities to…

Cryptography and Security · Computer Science 2026-01-28 Dariy Guzairov , Alex Potanin , Stephen Kell , Alwen Tiu

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell

Software control flow integrity (CFI) solutions have been applied to the Linux kernel for memory protection. Due to performance costs, deployed software CFI solutions are coarse grained. In this work, we demonstrate a precise…

Cryptography and Security · Computer Science 2019-12-10 Rémi Denis-Courmont , Hans Liljestrand , Carlos Chinea , Jan-Erik Ekberg

This article presents a hardware-based memory isolation solution for constrained devices. Existing solutions target high-end embedded systems (typically ARM Cortex-A with a Memory Management Unit, MMU) such as seL4 or Pip (formally verified…

Operating Systems · Computer Science 2023-01-12 Nicolas Dejon , Chrystel Gaber , Gilles Grimaud

The widespread deployment of embedded systems in critical infrastructures, interconnected edge devices like autonomous drones, and smart industrial systems requires robust security measures. Compromised systems increase the risks of…

Emerging Technologies · Computer Science 2025-07-08 Donato Ferraro , Andrea Bastoni , Alexander Zuepke , Andrea Marongiu

The I/O access patterns of many parallel applications consist of accesses to a large number of small, noncontiguous pieces of data. If an application's I/O needs are met by making many small, distinct I/O requests, however, the I/O…

Distributed, Parallel, and Cluster Computing · Computer Science 2007-05-23 Rajeev Thakur , William Gropp , Ewing Lusk

As quantum computing enters the cloud era, thousands of users must share access to a small number of quantum processors. Users need to wait minutes to days to start their jobs, which only takes a few seconds for execution. Current quantum…

Operating Systems · Computer Science 2026-02-10 John Zhuoyang Ye , Jiyuan Wang , Yifan Qiao , Jens Palsberg

Permissions are highly sensitive in Internet-of-Things (IoT) applications, as IoT devices collect our personal data and control the safety of our environment. Rather than simply granting permissions, further constraints shall be imposed on…

Cryptography and Security · Computer Science 2018-04-03 Lakshya Tandon , Philip W. L. Fong , Reihaneh Safavi-Naini

Cloud stacks must isolate application components, while permitting efficient data sharing between components deployed on the same physical host. Traditionally, the MMU enforces isolation and permits sharing at page granularity. MMU…

Operating Systems · Computer Science 2022-06-27 Vasily A. Sartakov , Lluís Vilanova , David Eyers , Takahiro Shinagawa , Peter Pietzuch

Up to 10% of memory-safety vulnerabilities in languages like C and C++ stem from uninitialized variables. This work addresses the prevalence and lack of adequate software mitigations for uninitialized memory issues, proposing architectural…

Cryptography and Security · Computer Science 2025-10-14 Merve Gülmez , Håkan Englund , Jan Tobias Mühlberg , Thomas Nyman
‹ Prev 1 2 3 10 Next ›