Glamdring: Automatic Application Partitioning for Intel SGX
暂无分享,去创建一个
David M. Eyers | Peter R. Pietzuch | Christof Fetzer | Rüdiger Kapitza | David Goltzsche | Florian Kelbert | Tobias Reiher | Pierre-Louis Aublin | Joshua Lind | Christian Priebe | Divya Muthukumaran | Dan O'Keeffe | Joshua Lind | Florian Kelbert | C. Fetzer | D. Eyers | Pierre-Louis Aublin | R. Kapitza | David Goltzsche | Christian Priebe | D. Muthukumaran | Dan O'Keeffe | P. Pietzuch | T. Reiher
[1] Horatiu Jula,et al. Deadlock Immunity: Enabling Systems to Defend Against Deadlocks , 2008, OSDI.
[2] Joe D. Warren,et al. The program dependence graph and its use in optimization , 1987, TOPL.
[3] David Lie,et al. Splitting interfaces: making trust between applications and operating systems configurable , 2006, OSDI '06.
[4] Scott F. Smith,et al. Refactoring programs to secure information flows , 2006, PLAS '06.
[5] Sanjit A. Seshia,et al. Moat: Verifying Confidentiality of Enclave Programs , 2015, CCS.
[6] Tulika Mitra,et al. Automated Partitioning of Android Applications for Trusted Execution Environments , 2016, 2016 IEEE/ACM 38th International Conference on Software Engineering (ICSE).
[7] Ben Hardekopf,et al. Flow-sensitive pointer analysis for millions of lines of code , 2011, International Symposium on Code Generation and Optimization (CGO 2011).
[8] Sean W. Smith,et al. Building the IBM 4758 Secure Coprocessor , 2001, Computer.
[9] Calton Pu,et al. SubDomain: Parsimonious Server Security , 2000, LISA.
[10] Xiaoxin Chen,et al. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems , 2008, ASPLOS.
[11] David W. Binkley,et al. Interprocedural slicing using dependence graphs , 1988, SIGP.
[12] George Candea,et al. Code-pointer integrity , 2014, OSDI.
[13] Vikram S. Adve,et al. Virtual ghost: protecting applications from hostile operating systems , 2014, ASPLOS.
[14] Christos Gkantsidis,et al. VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.
[15] Tze-Jie Yu,et al. Identifying Error-Prone Software—An Empirical Study , 1985, IEEE Transactions on Software Engineering.
[16] Hovav Shacham,et al. Iago attacks: why the system call API is a bad untrusted RPC interface , 2013, ASPLOS '13.
[17] Deian Stefan,et al. Protecting Users by Confining JavaScript with COWL , 2014, OSDI.
[18] Mark Handley,et al. Wedge: Splitting Applications into Reduced-Privilege Compartments , 2008, NSDI.
[19] Sanjit A. Seshia,et al. A design and verification methodology for secure isolated regions , 2016, PLDI.
[20] Alexander Pretschner,et al. A Fully Decentralized Data Usage Control Enforcement Infrastructure , 2015, ACNS.
[21] David Brumley,et al. Privtrans: Automatically Partitioning Programs for Privilege Separation , 2004, USENIX Security Symposium.
[22] Haibo Chen,et al. CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.
[23] Subhas C. Misra,et al. Relationships Between Selected Software Measures and Latent Bug-Density: Guidelines for Improving Quality , 2003, ICCSA.
[24] Frank Piessens,et al. Ariadne: A Minimal Approach to State Continuity , 2016, USENIX Security Symposium.
[25] Tal Garfinkel,et al. Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.
[26] Angelos D. Keromytis,et al. Adaptive defenses for commodity software through virtual application partitioning , 2012, CCS.
[27] Karl J. Ottenstein,et al. The program dependence graph in a software development environment , 1984, SDE 1.
[28] Jun Sun,et al. Automatically partition software into least privilege components using dynamic data dependency analysis , 2013, 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE).
[29] Thomas W. Reps,et al. Precise interprocedural dataflow analysis via graph reachability , 1995, POPL '95.
[31] Randy H. Katz,et al. A view of cloud computing , 2010, CACM.
[32] Christof Fetzer,et al. Secure Content-Based Routing Using Intel Software Guard Extensions , 2016, Middleware.
[33] Ben Y. Zhao,et al. Silverline: toward data confidentiality in storage-intensive cloud applications , 2011, SoCC.
[34] Marcus Peinado,et al. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.
[35] Adam Silberstein,et al. Benchmarking cloud serving systems with YCSB , 2010, SoCC '10.
[36] Kang G. Shin,et al. Using hypervisor to provide data secrecy for user applications on a per-page basis , 2008, VEE '08.
[37] Peter G. Neumann,et al. Clean application compartmentalization with SOAAP (extended version) , 2015 .
[38] G. Ramalingam,et al. The undecidability of aliasing , 1994, TOPL.
[39] Samuel Madden,et al. Processing Analytical Queries over Encrypted Data , 2013, Proc. VLDB Endow..
[40] Per Larsen,et al. Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity , 2015, NDSS.
[41] Michael K. Reiter,et al. Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.
[42] Calton Pu,et al. Reducing TCB complexity for security-sensitive applications: three case studies , 2006, EuroSys.
[43] Morris J. Dworkin,et al. SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .
[44] Brad Fitzpatrick,et al. Distributed caching with memcached , 2004 .
[45] Donald E. Porter,et al. Cooperation and security isolation of library OSes for multi-process applications , 2014, EuroSys '14.
[46] Michael K. Reiter,et al. An Execution Infrastructure for TCB Minimization , 2007 .
[47] Galen C. Hunt,et al. Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.
[48] Aikaterini Mitrokotsa,et al. DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.
[49] Karl J. Ottenstein,et al. The program dependence graph in a software development environment , 1984 .
[50] Alan Mycroft,et al. Flow- and Context-Sensitive Points-To Analysis Using Generalized Points-To Graphs , 2016, SAS.
[51] Craig Gentry,et al. Fully homomorphic encryption using ideal lattices , 2009, STOC '09.
[52] Wei Zhang,et al. Lightweight Function Pointer Analysis , 2015, ISPEC.
[53] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.
[54] Emmett Witchel,et al. InkTag: secure applications on an untrusted operating system , 2013, ASPLOS '13.
[55] David Evans,et al. Statically Detecting Likely Buffer Overflow Vulnerabilities , 2001, USENIX Security Symposium.
[56] Jean-Pierre Seifert,et al. Software mitigations to hedge AES against cache-based software side channel vulnerabilities , 2006, IACR Cryptol. ePrint Arch..
[57] Mark Weiser,et al. Program Slicing , 1981, IEEE Transactions on Software Engineering.
[58] David M. Eyers,et al. SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.
[59] Adrian Perrig,et al. TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.
[60] Donald E. Porter,et al. Rethinking the library OS from the top down , 2011, ASPLOS XVI.
[61] Paul England,et al. NGSCB: A Trusted Open System , 2004, ACISP.
[62] Herbert Bos,et al. Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations , 2013, USENIX Security Symposium.
[63] Hari Balakrishnan,et al. CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.
[64] Rüdiger Kapitza,et al. AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves , 2016, ESORICS.
[65] Jonathan M. McCune,et al. Efficient TCB Reduction and Attestation , 2009 .
[66] Vikram S. Adve,et al. LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..
[67] Yutao Liu,et al. Thwarting Memory Disclosure with Efficient Hypervisor-enforced Intra-domain Isolation , 2015, CCS.