Alam et al., 2023 - Google Patents
Making your program oblivious: a comparative study for side-channel-safe confidential computingAlam et al., 2023
View PDF- Document ID
- 2419876735648086326
- Author
- Alam A
- Chen K
- Publication year
- Publication venue
- 2023 IEEE 16th International Conference on Cloud Computing (CLOUD)
External Links
Snippet
Trusted Execution Environments (TEEs) are gradually adopted by major cloud providers, offering a practical option of confidential computing for users who do not fully trust public clouds. TEEs use CPU-enabled hardware features to eliminate direct breaches from …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2123—Dummy operation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zheng et al. | A survey on the moving target defense strategies: An architectural perspective | |
| Yu et al. | Data oblivious ISA extensions for side channel-resistant and high performance computing | |
| Tsoutsos et al. | Fabrication attacks: Zero-overhead malicious modifications enabling modern microprocessor privilege escalation | |
| Lu | A survey on risc-v security: Hardware and architecture | |
| Felsen et al. | Secure and private function evaluation with Intel SGX | |
| JP6788160B2 (en) | Methods and devices for randomizing computer instruction sets, memory registers, and pointers | |
| Soliman et al. | Taxonomy of malware analysis in the IoT | |
| D’Anna et al. | Self-protecting mobile agents obfuscation report | |
| CN107194246B (en) | CPU for realizing dynamic instruction set randomization | |
| Alam et al. | Making your program oblivious: a comparative study for side-channel-safe confidential computing | |
| Aweke et al. | Øzone: Efficient execution with zero timing leakage for modern microarchitectures | |
| Alam et al. | Sgx-mr: Regulating dataflows for protecting access patterns of data-intensive sgx applications | |
| Chen | Confidential High-Performance Computing in the Public Cloud | |
| Atamli‐Reineh et al. | A framework for application partitioning using trusted execution environments | |
| Yavarzadeh et al. | Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor | |
| Monden et al. | A framework for obfuscated interpretation | |
| Sudusinghe et al. | Network-on-chip attack detection using machine learning | |
| Shahin et al. | An iot adversary emulation prototype tool | |
| Kanuparthi et al. | Controlling your control flow graph | |
| Liu et al. | HRPDF: A Software-Based Heterogeneous Redundant Proactive Defense Framework for Programmable Logic Controller | |
| Hataba et al. | OJIT: A novel obfuscation approach using standard just-in-time compiler transformations | |
| Roy et al. | When Oblivious is Not: Attacks against {OPAM} | |
| Bekiroglu et al. | Source code transformations for improving security of time-bounded K-variant systems | |
| Ferri et al. | Towards the Hypervision of Hardware-based Control Flow Integrity for Arm Platforms. | |
| Roy et al. | Strategic remote attestation: testbed for internet-of-things devices and stackelberg security game for optimal strategies |