Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Contrasting characteristics and cache performance of technical and multi-user commercial workloads
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
Architectural support for fast symmetric-key cryptography
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Hardware Support for Tamper-Resistant and Copy-Resistant Software
Hardware Support for Tamper-Resistant and Copy-Resistant Software
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
How to Manage Persistent State in DRM Systems
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Specifying and Verifying Hardware for Tamper-Resistant Software
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Experiences with the enforcement of access rights extracted from ODRL-based digital contracts
Proceedings of the 3rd ACM workshop on Digital rights management
Obfuscation of design intent in object-oriented applications
Proceedings of the 3rd ACM workshop on Digital rights management
Obfuscation of executable code to improve resistance to static disassembly
Proceedings of the 10th ACM conference on Computer and communications security
Efficient Memory Integrity Verification and Encryption for Secure Processors
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Fast Secure Processor for Inhibiting Software Piracy and Tampering
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Flexible Software Protection Using Hardware/Software Codesign Techniques
Proceedings of the conference on Design, automation and test in Europe - Volume 1
Security as a new dimension in embedded system design
Proceedings of the 41st annual Design Automation Conference
iWatcher: Efficient Architectural Support for Software Debugging
Proceedings of the 31st annual international symposium on Computer architecture
Security in embedded systems: Design challenges
ACM Transactions on Embedded Computing Systems (TECS)
Hardware assisted control flow obfuscation for embedded processors
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Proceedings of the 13th International Conference on Parallel Architectures and Compilation Techniques
Attacks and risk analysis for hardware supported software copy protection systems
Proceedings of the 4th ACM workshop on Digital rights management
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
A Hardware-Software Platform for Intrusion Prevention
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Building Intrusion-Tolerant Secure Software
Proceedings of the international symposium on Code generation and optimization
Secure Embedded Processing through Hardware-Assisted Run-Time Monitoring
Proceedings of the conference on Design, Automation and Test in Europe - Volume 1
SAFE-OPS: An approach to embedded software security
ACM Transactions on Embedded Computing Systems (TECS)
Improving Memory Encryption Performance in Secure Processors
IEEE Transactions on Computers
Towards the issues in architectural support for protection of software execution
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Protecting cryptographic keys and computations via virtual secure coprocessing
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Memory predecryption: hiding the latency overhead of memory encryption
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Architectural support for protecting user privacy on trusted processors
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
ChipLock: support for secure microarchitectures
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Efficient and flexible architectural support for dynamic monitoring
ACM Transactions on Architecture and Code Optimization (TACO)
Architecture for Protecting Critical Secrets in Microprocessors
Proceedings of the 32nd annual international symposium on Computer Architecture
High Efficiency Counter Mode Security Architecture via Prediction and Precomputation
Proceedings of the 32nd annual international symposium on Computer Architecture
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
Proceedings of the 32nd annual international symposium on Computer Architecture
A Data-Driven Approach for Embedded Security
ISVLSI '05 Proceedings of the IEEE Computer Society Annual Symposium on VLSI: New Frontiers in VLSI Design
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance
IEEE Transactions on Dependable and Secure Computing
Anomalous path detection with hardware support
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Hardware support for code integrity in embedded processors
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Compiler Optimizations to Reduce Security Overhead
Proceedings of the International Symposium on Code Generation and Optimization
Architecture Support for 3D Obfuscation
IEEE Transactions on Computers
Secure bootstrap is not enough: shoring up the trusted computing base
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Improving Cost, Performance, and Security of Memory Encryption and Authentication
Proceedings of the 33rd annual international symposium on Computer Architecture
IBM Systems Journal
Speculative virtual verification: policy-constrained speculative execution
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
A parallelized way to provide data encryption and integrity checking on a processor-memory bus
Proceedings of the 43rd annual Design Automation Conference
A low-cost memory remapping scheme for address bus protection
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Efficient data protection for distributed shared memory multiprocessors
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Architectural support for software-based protection
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Some new approaches for preventing software tampering
Proceedings of the 44th annual Southeast regional conference
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
Authentication Control Point and Its Implications For Secure Processor Design
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
M-TREE: a high efficiency security architecture for protecting integrity and privacy of software
Journal of Parallel and Distributed Computing - Special issue: Security in grid and distributed systems
Hybrid multi-core architecture for boosting single-threaded performance
ACM SIGARCH Computer Architecture News
Accelerating memory decryption and authentication with frequent value prediction
Proceedings of the 4th international conference on Computing frontiers
Certifying program execution with secure processors
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Proceedings of the conference on Design, automation and test in Europe
Controlled physical random functions and applications
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the 9th workshop on Multimedia & security
Daonity - Grid security from two levels of virtualization
Information Security Tech. Report
Offline untrusted storage with immediate detection of forking and replay attacks
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Hardware-rooted trust for secure key management and transient trust
Proceedings of the 14th ACM conference on Computer and communications security
Architectural support for run-time validation of program data properties
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Implementing Embedded Security on Dual-Virtual-CPU Systems
IEEE Design & Test
Cell broadband engine processor vault security architecture
IBM Journal of Research and Development
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
How low can you go?: recommendations for hardware-supported minimal TCB code execution
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Hardbound: architectural support for spatial safety of the C programming language
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Binary obfuscation using signals
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Designing secure systems on reconfigurable hardware
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Processor virtualization for secure mobile terminals
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Operating system controlled processor-memory bus encryption
Proceedings of the conference on Design, automation and test in Europe
The Reduced Address Space (RAS) for Application Memory Authentication
ISC '08 Proceedings of the 11th international conference on Information Security
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
Towards application security on untrusted operating systems
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Dynamic security domain scaling on embedded symmetric multiprocessors
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Making secure processors OS- and performance-friendly
ACM Transactions on Architecture and Code Optimization (TACO)
A security approach for off-chip memory in embedded microprocessor systems
Microprocessors & Microsystems
Memory-Centric Security Architecture
Transactions on High-Performance Embedded Architectures and Compilers I
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
Supporting flexible streaming media protection through privacy-aware secure processors
Computers and Electrical Engineering
A compiler-hardware approach to software protection for embedded systems
Computers and Electrical Engineering
Diversification of Processors Based on Redundancy in Instruction Set
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
SHARK: Architectural support for autonomic protection against stealth by rootkit exploits
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines
Transactions on Computational Science IV
Euro-Par 2008 Workshops - Parallel Processing
Compiler-Assisted Memory Encryption for Embedded Processors
Transactions on High-Performance Embedded Architectures and Compilers II
Relating Boolean gate truth tables to one-way functions
Integrated Computer-Aided Engineering
Hardware-assisted run-time monitoring for secure program execution on embedded processors
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Accountability in hosted virtual networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
MAC Precomputation with Applications to Secure Memory
ISC '09 Proceedings of the 12th International Conference on Information Security
Security extensions for integrity and confidentiality in embedded processors
Microprocessors & Microsystems
Effective implementation of the cell broadband engine™ isolation loader
Proceedings of the 16th ACM conference on Computer and communications security
Hardware-enforced fine-grained isolation of untrusted code
Proceedings of the first ACM workshop on Secure execution of untrusted code
Execution leases: a hardware-supported mechanism for enforcing strong non-interference
Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
A low-cost memory remapping scheme for address bus protection
Journal of Parallel and Distributed Computing
Security Primitives for Reconfigurable Hardware-Based Systems
ACM Transactions on Reconfigurable Technology and Systems (TRETS)
Practical uses of virtual machines for protection of sensitive user data
ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Compiler-assisted memory encryption for embedded processors
HiPEAC'07 Proceedings of the 2nd international conference on High performance embedded architectures and compilers
Secure cryptographic precomputation with insecure memory
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
SHIELDSTRAP: making secure processors truly secure
ICCD'09 Proceedings of the 2009 IEEE international conference on Computer design
Foundations of security analysis and design IV
NoHype: virtualized cloud infrastructure without the virtualization
Proceedings of the 37th annual international symposium on Computer architecture
Using hypervisors to secure commodity operating systems
Proceedings of the fifth ACM workshop on Scalable trusted computing
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
SecBus: operating system controlled hierarchical page-based memory bus protection
Proceedings of the Conference on Design, Automation and Test in Europe
An analysis of secure processor architectures
Transactions on computational science VII
A framework for testing hardware-software security architectures
Proceedings of the 26th Annual Computer Security Applications Conference
A secure and robust approach to software tamper resistance
IH'10 Proceedings of the 12th international conference on Information hiding
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Transactions on computational science X
Green secure processors: towards power-efficient secure processor design
Transactions on computational science X
SecureME: a hardware-software approach to full system security
Proceedings of the international conference on Supercomputing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Eliminating the hypervisor attack surface for a more secure cloud
Proceedings of the 18th ACM conference on Computer and communications security
DynaPoMP: dynamic policy-driven memory protection for SPM-based embedded systems
WESS '11 Proceedings of the Workshop on Embedded Systems Security
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Efficient scheme of verifying integrity of application binaries in embedded operating systems
The Journal of Supercomputing
Dynamic policy discovery with remote attestation
FOSSACS'06 Proceedings of the 9th European joint conference on Foundations of Software Science and Computation Structures
Remote software-based attestation for wireless sensors
ESAS'05 Proceedings of the Second European conference on Security and Privacy in Ad-Hoc and Sensor Networks
Secure processor consistent with both foreign software protection and user privacy protection
SP'04 Proceedings of the 12th international conference on Security Protocols
Memory-centric security architecture
HiPEAC'05 Proceedings of the First international conference on High Performance Embedded Architectures and Compilers
Arc3D: a 3D obfuscation architecture
HiPEAC'05 Proceedings of the First international conference on High Performance Embedded Architectures and Compilers
Architectural support for hypervisor-secure virtualization
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
CODESSEAL: Compiler/FPGA approach to secure applications
ISI'05 Proceedings of the 2005 IEEE international conference on Intelligence and Security Informatics
Architectural support for secure virtualization under a vulnerable hypervisor
Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture
Efficient architectural support for secure bus-based shared memory multiprocessor
ACSAC'05 Proceedings of the 10th Asia-Pacific conference on Advances in Computer Systems Architecture
PATMOS'06 Proceedings of the 16th international conference on Integrated Circuit and System Design: power and Timing Modeling, Optimization and Simulation
Software protection through dynamic code mutation
WISA'05 Proceedings of the 6th international conference on Information Security Applications
An architecture for provably secure computation
LATIN'06 Proceedings of the 7th Latin American conference on Theoretical Informatics
Delegating secure logging in pervasive computing systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment
ACM Transactions on Embedded Computing Systems (TECS)
Policy-sealed data: a new abstraction for building trusted cloud services
Security'12 Proceedings of the 21st USENIX conference on Security symposium
A cost-effective tag design for memory data authentication in embedded systems
Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embedded systems
Proceedings of the 2012 ACM conference on Computer and communications security
A secure processor architecture for encrypted computation on untrusted programs
Proceedings of the seventh ACM workshop on Scalable trusted computing
CleanOS: limiting mobile data exposure with idle eviction
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Formal analysis of secure bootstrap in trusted computing
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Bus and memory protection through chain-generated and tree-verified IV for multiprocessors systems
Future Generation Computer Systems
Software protection for dynamically-generated code
PPREW '13 Proceedings of the 2nd ACM SIGPLAN Program Protection and Reverse Engineering Workshop
Run-time control flow authentication: an assessment on contemporary x86 platforms
Proceedings of the 28th Annual ACM Symposium on Applied Computing
Design space exploration and optimization of path oblivious RAM in secure processors
Proceedings of the 40th Annual International Symposium on Computer Architecture
TSV: A novel energy efficient Memory Integrity Verification scheme for embedded systems
Journal of Systems Architecture: the EUROMICRO Journal
PHANTOM: practical oblivious computation in a secure processor
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Generalized external interaction with tamper-resistant hardware with bounded information leakage
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Beyond full disk encryption: protection on security-enhanced commodity processors
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Using ARM trustzone to build a trusted language runtime for mobile applications
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Memory encryption: A survey of existing techniques
ACM Computing Surveys (CSUR)
Security-Preserving Live Migration of Virtual Machines in the Cloud
Journal of Network and Systems Management
| Hi-index | 0.01 |
Although there have been attempts to develop code transformations that yield tamper-resistant software, no reliable software-only methods are know. This paper studies the hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated. To support XOM code we use a machine that supports internal compartments---a process in one compartment cannot read data from another compartment. All data that leaves the machine is encrypted, since we assume external memory is not secure. The design of this machine poses some interesting trade-offs between security, efficiency, and flexibility. We explore some of the potential security issues as one pushes the machine to become more efficient and flexible. Although security carries a performance penalty, our analysis indicates that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode. While a virtual XOM machine is possible, the underlying hardware needs to support a unique private key, private memory, and traps on cache misses. For efficient operation, hardware assist to provide fast symmetric ciphers is also required.