Today's complex software systems are neither secure nor reliable. The rudimentary software protection primitives provided by current hardware forces systems to run many distrusting software components (e.g., procedures, libraries, plugins, modules) in the same protection domain, or otherwise suffer degraded performance from address space switches. We present CODOMs (COde-centric memory DOMains), a novel architecture that can provide finer-grained isolation between software components with effectively zero run-time overhead, all at a fraction of the complexity of other approaches. An implementation of CODOMs in a cycle-accurate full-system x86 simulator demonstrates that with the right hardware support, finer-grained protection and run-time ...
Aside from malicious software gaining access and corrupting sections of computer memory, even legiti...
With reference to a classical address translation scheme supporting the notion of a paged virtual a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Today's complex software systems are neither secure nor reliable. The rudimentary software protectio...
Today’s complex software systems are neither secure nor reliable. The rudimentary software protectio...
Abstract A single address space operating system is an excellent environment for the im-plementation...
Because large, complex systems inevitably contain se-curity vulnerabilities, it is important to miti...
This thesis presents the design, implementation, and evaluation of a novel capability operating syst...
In this paper, we advocate for a general-purpose, fine-grain memory protection mechanism for use by ...
The need to secure software systems is more important than ever. However, while a lot of work exists...
CHERI extends a conventional RISC Instruction- Set Architecture, compiler, and operating system to s...
This dissertation explores the use of capability security hardware and software in real-time and lat...
Existing high-end embedded systems face frequent security attacks. Software compartmentalization is ...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Thesis (Ph. D.)--University of Rochester. Dept. of Computer Science, 2011.Computer architects have e...
Aside from malicious software gaining access and corrupting sections of computer memory, even legiti...
With reference to a classical address translation scheme supporting the notion of a paged virtual a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
Today's complex software systems are neither secure nor reliable. The rudimentary software protectio...
Today’s complex software systems are neither secure nor reliable. The rudimentary software protectio...
Abstract A single address space operating system is an excellent environment for the im-plementation...
Because large, complex systems inevitably contain se-curity vulnerabilities, it is important to miti...
This thesis presents the design, implementation, and evaluation of a novel capability operating syst...
In this paper, we advocate for a general-purpose, fine-grain memory protection mechanism for use by ...
The need to secure software systems is more important than ever. However, while a lot of work exists...
CHERI extends a conventional RISC Instruction- Set Architecture, compiler, and operating system to s...
This dissertation explores the use of capability security hardware and software in real-time and lat...
Existing high-end embedded systems face frequent security attacks. Software compartmentalization is ...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Thesis (Ph. D.)--University of Rochester. Dept. of Computer Science, 2011.Computer architects have e...
Aside from malicious software gaining access and corrupting sections of computer memory, even legiti...
With reference to a classical address translation scheme supporting the notion of a paged virtual a...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...