As modern 64-bit x86 processors no longer support the segmentation capabilities of their 32-bit predecessors, most research projects assume that strong in-process memory isolation is no longer an affordable option. Instead of strong, deterministic isolation, new defense systems therefore rely on the probabilistic pseudo-isolation provided by randomization to "hide" sensitive (or safe) regions. However, recent attacks have shown that such protection is insufficient; attackers can leak these safe regions in a variety of ways. In this paper, we revisit isolation for x86-64 and argue that hardware features enabling efficient deterministic isolation do exist. We first present a comprehensive study on commodity hardware features that can be repur...
This dissertation explores the use of capability security hardware and software in real-time and lat...
Many embedded systems have relatively strong security requirements because they handle confidential ...
Hardware platforms, such as microprocessors and Trusted Execution Environments (TEEs), aim to provid...
Computers today are ubiquitous and closely integrated into our everyday lives. But computers are fic...
Many attacks on modern software begin when the application processes untrusted data. Often attackers...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable i...
XOM-based secure processor has recently been introduced as a mechanism to provide copy and tamper re...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
© Springer International Publishing AG, part of Springer Nature 2018. Enclaved execution environment...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Computer systems often provide hardware support for isolation mechanisms like privilege levels, virt...
In this paper, we present MemShuffle, an end-to-end mem-ory protection scheme that resists several a...
The pursuit of secure computation has always featured a tension between performance and security. Se...
Abstract—We consider the problem of how to provide an execution environment where the application’s ...
This dissertation explores the use of capability security hardware and software in real-time and lat...
Many embedded systems have relatively strong security requirements because they handle confidential ...
Hardware platforms, such as microprocessors and Trusted Execution Environments (TEEs), aim to provid...
Computers today are ubiquitous and closely integrated into our everyday lives. But computers are fic...
Many attacks on modern software begin when the application processes untrusted data. Often attackers...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
Sanctum offers the same promise as Intel’s Software Guard Extensions (SGX), namely strong provable i...
XOM-based secure processor has recently been introduced as a mechanism to provide copy and tamper re...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
© Springer International Publishing AG, part of Springer Nature 2018. Enclaved execution environment...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Computer systems often provide hardware support for isolation mechanisms like privilege levels, virt...
In this paper, we present MemShuffle, an end-to-end mem-ory protection scheme that resists several a...
The pursuit of secure computation has always featured a tension between performance and security. Se...
Abstract—We consider the problem of how to provide an execution environment where the application’s ...
This dissertation explores the use of capability security hardware and software in real-time and lat...
Many embedded systems have relatively strong security requirements because they handle confidential ...
Hardware platforms, such as microprocessors and Trusted Execution Environments (TEEs), aim to provid...