Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running concurrently and sharing resources, but protects against an important class of additional software attacks that infer private information from a program\u27s memory access patterns. We follow a principled approach to eliminating entire attack surfaces through isolation, rather than plugging attack-specific privacy leaks. Sanctum demonstrates that strong software isolation is achievable with a surprisingly small set of minimally invasive hardware changes, and a very reasonable overhead. Sanctum does not change any major CPU building block. Instead, we add hardware at the interfaces between building blocks, without impacting cycle time. Our ...
We are witnessing a confluence between applied cryptography and secure hardware systems in enabling ...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Many embedded systems have relatively strong security requirements because they handle confidential ...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
International audienceIn modern computer systems, user processes are isolated from each other by the...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Abstract—We consider the problem of how to provide an execution environment where the application’s ...
We consider the problem of how to provide an execution environment where the application's secrets a...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
In order to prevent rainbow attacks against a stolen password database, most passwords are appended ...
We are witnessing a confluence between applied cryptography and secure hardware systems in enabling ...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...
Sanctum offers the same promise as SGX, namely strong provable isolation of software modules running...
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Comp...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Many embedded systems have relatively strong security requirements because they handle confidential ...
Hardware-assisted security solutions, and the isolation guarantees they provide, constitute the basi...
International audienceIn modern computer systems, user processes are isolated from each other by the...
Our society increasingly depends on computing devices. Customers rely on laptops and mobile devices ...
Abstract—We consider the problem of how to provide an execution environment where the application’s ...
We consider the problem of how to provide an execution environment where the application's secrets a...
Building applications that ensure confidentiality of sensitive data is a non-trivial task. Such appl...
In order to prevent rainbow attacks against a stolen password database, most passwords are appended ...
We are witnessing a confluence between applied cryptography and secure hardware systems in enabling ...
Over the last years, security-kernels have played a promising role in reshaping the landscape of pla...
Recent developments on hardware-based trusted execution environments, such as the Software Guard Ext...