Virtual memory primitives for user programs
ASPLOS IV Proceedings of the fourth international conference on Architectural support for programming languages and operating systems
MIPS RISC architectures
Architecture support for single address space operating systems
ASPLOS V Proceedings of the fifth international conference on Architectural support for programming languages and operating systems
ASPLOS V Proceedings of the fifth international conference on Architectural support for programming languages and operating systems
Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Fine-grain access control for distributed shared memory
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
Hardware support for fast capability-based addressing
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
U-Net: a user-level network interface for parallel and distributed computing
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Whole-program optimization for time and space efficient threads
Proceedings of the seventh international conference on Architectural support for programming languages and operating systems
Shasta: a low overhead, software-only approach for supporting fine-grain shared memory
Proceedings of the seventh international conference on Architectural support for programming languages and operating systems
Olden: parallelizing programs with dynamic data structures on distributed-memory machines
Olden: parallelizing programs with dynamic data structures on distributed-memory machines
An operating system structure for wide-address architectures
An operating system structure for wide-address architectures
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The Mungi single-address-space operating system
Software—Practice & Experience - Special issue on multiprocessor operating systems
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
IO-Lite: a unified I/O buffering and caching system
ACM Transactions on Computer Systems (TOCS)
A real-time garbage collector based on the lifetimes of objects
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Benchmark health considered harmful
ACM SIGARCH Computer Architecture News
Capability-Based Computer Systems
Capability-Based Computer Systems
IBM System/38 support for capability-based addressing
ISCA '81 Proceedings of the 8th annual symposium on Computer Architecture
Exploiting Two-Case Delivery for Fast Protected Messaging
HPCA '98 Proceedings of the 4th International Symposium on High-Performance Computer Architecture
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
iWatcher: Efficient Architectural Support for Software Debugging
Proceedings of the 31st annual international symposium on Computer architecture
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Minos: Control Data Attack Prevention Orthogonal to Memory Model
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
AccMon: Automatically Detecting Memory-Related Bugs via Program Counter-Based Invariants
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Improving the reliability of commodity operating systems
ACM Transactions on Computer Systems (TOCS)
Efficient and flexible architectural support for dynamic monitoring
ACM Transactions on Architecture and Code Optimization (TACO)
Segment protection for embedded systems using run-time checks
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
SECA: security-enhanced communication architecture
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
MTSS: multi task stack sharing for embedded systems
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Runtime specialization with optimistic heap analysis
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Live updating operating systems using virtualization
Proceedings of the 2nd international conference on Virtual execution environments
HeapMon: a helper-thread approach to programmable, automatic, and low-overhead memory bug detection
IBM Journal of Research and Development
An object-aware memory architecture
Science of Computer Programming - Special issue on five perspectives on modern memory management: Systems, hardware and theory
Heap protection for Java virtual machines
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Deconstructing process isolation
Proceedings of the 2006 workshop on Memory system performance and correctness
Architectural support for software-based protection
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Tradeoffs in fine-grained heap memory protection
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Bit level types for high level reasoning
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Minos: Architectural support for protecting control data
ACM Transactions on Architecture and Code Optimization (TACO)
Memory Protection through Dynamic Access Control
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
Memory overflow protection for embedded systems using run-time checks, reuse, and compression
ACM Transactions on Embedded Computing Systems (TECS)
A system for coarse grained memory protection in tiny embedded processors
Proceedings of the 44th annual Design Automation Conference
Proceedings of the 6th international symposium on Memory management
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
MOOSS2: a CPU with support for HLL memory structures
ACST'07 Proceedings of the third conference on IASTED International Conference: Advances in Computer Science and Technology
Improving dependability by revisiting operating system design
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
PRIMS: making NVRAM suitable for extremely reliable storage
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Combining static and dynamic defect-tolerance techniques for nanoscale memory systems
Proceedings of the 2007 IEEE/ACM international conference on Computer-aided design
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java heap protection for debugging native methods
Science of Computer Programming
Hardbound: architectural support for spatial safety of the C programming language
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Designing secure systems on reconfigurable hardware
ACM Transactions on Design Automation of Electronic Systems (TODAES)
MTSS: Multitask stack sharing for embedded systems
ACM Transactions on Embedded Computing Systems (TECS)
ISCA '08 Proceedings of the 35th Annual International Symposium on Computer Architecture
Data Protection in Memory Using Byte Reordering
PAISI, PACCF and SOCO '08 Proceedings of the IEEE ISI 2008 PAISI, PACCF, and SOCO international workshops on Intelligence and Security Informatics
Proceedings of the 1st ACM workshop on Virtual machine security
Hypervisor support for identifying covertly executing binaries
SS'08 Proceedings of the 17th conference on Security symposium
A compiler-hardware approach to software protection for embedded systems
Computers and Electrical Engineering
ISOLATOR: dynamically ensuring isolation in comcurrent programs
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
Notary: Hardware techniques to enhance signatures
Proceedings of the 41st annual IEEE/ACM International Symposium on Microarchitecture
MemTracker: An accelerator for memory debugging and monitoring
ACM Transactions on Architecture and Code Optimization (TACO)
Writing an OS Kernel in a Strictly and Statically Typed Language
Formal to Practical Security
Hardware-enforced fine-grained isolation of untrusted code
Proceedings of the first ACM workshop on Secure execution of untrusted code
The cake is a lie: privilege rings as a policy resource
Proceedings of the 1st ACM workshop on Virtual machine security
An object-aware memory architecture
An object-aware memory architecture
Survival strategies for synthesized hardware systems
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Virtualized and flexible ECC for main memory
Proceedings of the fifteenth edition of ASPLOS on Architectural support for programming languages and operating systems
Multi-compartment: a new architecture for secure co-hosting on SoC
SOC'09 Proceedings of the 11th international conference on System-on-chip
The Journal of Supercomputing
Kivati: fast detection and prevention of atomicity violations
Proceedings of the 5th European conference on Computer systems
Mitigating the lying-endpoint problem in virtualized network access frameworks
DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services
Proceedings of the 37th annual international symposium on Computer architecture
Sentry: light-weight auxiliary memory access control
Proceedings of the 37th annual international symposium on Computer architecture
Cohesion: a hybrid memory model for accelerators
Proceedings of the 37th annual international symposium on Computer architecture
MemMON: run-time off-chip detection for memory access violation in embedded systems
Proceedings of the 2010 Symposium on Information and Communication Technology
A case for system support for concurrency exceptions
HotPar'09 Proceedings of the First USENIX conference on Hot topics in parallelism
CuriOS: improving reliability through operating system structure
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Hardware enforcement of application security policies using tagged memory
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Memory safety for low-level software/hardware interactions
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Tolerating malicious device drivers in Linux
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Efficient dynamic program monitoring on multi-core systems
Journal of Systems Architecture: the EUROMICRO Journal
Flexible and Efficient Instruction-Grained Run-Time Monitoring Using On-Chip Reconfigurable Fabric
MICRO '43 Proceedings of the 2010 43rd Annual IEEE/ACM International Symposium on Microarchitecture
Operating system implications of fast, cheap, non-volatile memory
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
A case for unlimited watchpoints
ASPLOS XVII Proceedings of the seventeenth international conference on Architectural Support for Programming Languages and Operating Systems
Policy-driven memory protection for reconfigurable hardware
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Worst-case execution time analysis for parallel run-time monitoring
Proceedings of the 49th Annual Design Automation Conference
Efficient protection of kernel data structures via object partitioning
Proceedings of the 28th Annual Computer Security Applications Conference
Composing OS extensions safely and efficiently with Bascule
Proceedings of the 8th ACM European Conference on Computer Systems
Improving the energy efficiency of hardware-assisted watchpoint systems
Proceedings of the 50th Annual Design Automation Conference
| Hi-index | 0.00 |
Mondrian memory protection (MMP) is a fine-grained protection scheme that allows multiple protection domains to flexibly share memory and export protected services. In contrast to earlier page-based systems, MMP allows arbitrary permissions control at the granularity of individual words. We use a compressed permissions table to reduce space overheads and employ two levels of permissions caching to reduce run-time overheads. The protection tables in our implementation add less than 9% overhead to the memory space used by the application. Accessing the protection tables adds than 8% additional memory references to the accesses made by the application. Although it can be layered on top of demand-paged virtual memory, MMP is also well-suited to embedded systems with a single physical address space. We extend MMP to support segment translation which allows a memory segment to appear at another location in the address space. We use this translation to implement zero-copy networking underneath the standard read system call interface, where packet payload fragments are connected together by the translation system to avoid data copying. This saves 52% of the memory references used by a traditional copying network stack.