Modern applications often involve processing of sensitive information. However, the lack of privilege separation within the user space leaves sensitive application secret such as cryptographic keys just as unprotected as a "hello world" string. Cutting-edge hardware-supported security features are being introduced. However, the features are often vendor-specific or lack compatibility with older generations of the processors. The situation leaves developers with no portable solution to incorporate protection for the sensitive application component. We propose LOTRx86, a fundamental and portable approach for user-space privilege separation. Our approach creates a more privileged user execution layer called PrivUser by harnessing the und...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Many operating system services require special privileges to execute their tasks. A programming erro...
Protecting modern computer systems and complex software stacks against the growing range of possible...
Protecting modern computer systems and complex software stacks against the growing range of possible...
Hackers leverage software vulnerabilities to disclose, tamper with, or destroy sensitive data. To p...
This dissertation suggests and partially demonstrates that it is feasible to retrofit real privilege...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
The need to secure software systems is more important than ever. However, while a lot of work exists...
Any multi-user, multi-tasking operating system, such as the LINIX SVR4 Operating System, must provid...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Many operating system services require special privileges to execute their tasks. A programming erro...
Protecting modern computer systems and complex software stacks against the growing range of possible...
Protecting modern computer systems and complex software stacks against the growing range of possible...
Hackers leverage software vulnerabilities to disclose, tamper with, or destroy sensitive data. To p...
This dissertation suggests and partially demonstrates that it is feasible to retrofit real privilege...
Abstract. Applications typically rely on the operating system to en-force access control policies su...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
The need to secure software systems is more important than ever. However, while a lot of work exists...
Any multi-user, multi-tasking operating system, such as the LINIX SVR4 Operating System, must provid...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...