The amount of trust that can be placed in commodity computing platforms is limited by the likelihood of vulnerabilities in their huge software stacks. Protected-module architectures, such as Intel SGX, provide an interesting alternative by isolating the execution of software modules. To minimize the amount of code that provides support for the protected-module architecture, persistent storage of (confidentiality and integrity protected) states of modules can be delegated to the untrusted operating system. But precautions should be taken to ensure state continuity: an attacker should not be able to cause a module to use stale states (a so-called rollback attack), and while the system is not under attack, a module should always be able to mak...
The combination of (1) hard to eradicate low-level vulnerabilities, (2) a large trusted computing ba...
Today's embedded systems are considered as non trusted hosts since the owner, or anyone else whosucc...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
The amount of trust that can be placed in commodity computing platforms is limited by the likelihood...
The amount of trust that can be placed in commodity computing platforms is limited by the likelihood...
The ability to copy data effortlessly poses significant security issues in many applications; It is ...
Protected-module architectures such as Intel SGX provide strong isolation guarantees to sensitive pa...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Security architectures such as Intel SGX need protection against rollback attacks, where the adversa...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
We present the experimental evaluation of different security mechanisms applied to persistent state ...
Guaranteeing runtime integrity of embedded system software is an open problem. Trade-offs between se...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Our objective is to protect the integrity and confidentiality of applications operating in untrusted...
The combination of (1) hard to eradicate low-level vulnerabilities, (2) a large trusted computing ba...
Today's embedded systems are considered as non trusted hosts since the owner, or anyone else whosucc...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
The amount of trust that can be placed in commodity computing platforms is limited by the likelihood...
The amount of trust that can be placed in commodity computing platforms is limited by the likelihood...
The ability to copy data effortlessly poses significant security issues in many applications; It is ...
Protected-module architectures such as Intel SGX provide strong isolation guarantees to sensitive pa...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Security architectures such as Intel SGX need protection against rollback attacks, where the adversa...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
We present the experimental evaluation of different security mechanisms applied to persistent state ...
Guaranteeing runtime integrity of embedded system software is an open problem. Trade-offs between se...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Our objective is to protect the integrity and confidentiality of applications operating in untrusted...
The combination of (1) hard to eradicate low-level vulnerabilities, (2) a large trusted computing ba...
Today's embedded systems are considered as non trusted hosts since the owner, or anyone else whosucc...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...