{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T16:25:22Z","timestamp":1778171122394,"version":"3.51.4"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319288642","type":"print"},{"value":"9783319288659","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-28865-9_40","type":"book-chapter","created":{"date-parts":[[2016,1,23]],"date-time":"2016-01-23T03:40:02Z","timestamp":1453520402000},"page":"605-621","source":"Crossref","is-referenced-by-count":13,"title":["Securing Application with Software Partitioning: A Case Study Using SGX"],"prefix":"10.1007","author":[{"given":"Ahmad","family":"Atamli-Reineh","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andrew","family":"Martin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"40_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"724","DOI":"10.1007\/3-540-44839-X_76","volume-title":"Computational Science and Its Applications - ICCSA 2003","author":"SC Misra","year":"2003","unstructured":"Misra, S.C., Bhavsar, V.C.: Relationships between selected software measures and latent bug-density: guidelines for improving quality. In: Kumar, V., Gavrilova, M.L., Tan, C.J.K., L\u2019Ecuyer, P. (eds.) ICCSA 2003. LNCS, vol. 2667, pp. 724\u2013732. Springer, Heidelberg (2003)"},{"issue":"49","key":"40_CR2","first-page":"14","volume":"7","author":"A One","year":"1996","unstructured":"One, A.: Smashing the stack for fun and profit. Phrack Magazine 7(49), 14\u201316 (1996)","journal-title":"Phrack Magazine"},{"key":"40_CR3","unstructured":"Sullivan, N.: Staying ahead of OpenSSL vulnerabilities \u2013 CloudFlare Blog (2014)"},{"issue":"7","key":"40_CR4","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1109\/MC.2003.1212691","volume":"36","author":"P England","year":"2003","unstructured":"England, P., Lampson, B., Manferdelli, J., Peinado, M., Willman, B.: A trusted open platform. Computer 36(7), 55\u201362 (2003)","journal-title":"Computer"},{"key":"40_CR5","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1145\/1353535.1346284","volume":"42","author":"X Chen","year":"2008","unstructured":"Chen, X., Garfinkel, T., Lewis, E.C., Subrahmanyam, P., Waldspurger, C.A., Boneh, D., Dwoskin, J., Ports, D.R.: Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. ACM SIGOPS Operating Systems Review 42, 2\u201313 (2008)","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"40_CR6","unstructured":"Martignoni, L., Poosankam, P., Zaharia, M., Han, J., McCamant, S., Song, D., Paxson, V., Perrig, A., Shenker, S., Stoica, I.: Cloud terminal: secure access to sensitive applications from untrusted systems. In: USENIX Annual Technical Conference, pp. 165\u2013182 (2012)"},{"key":"40_CR7","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1145\/1165389.945464","volume":"37","author":"T Garfinkel","year":"2003","unstructured":"Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: A virtual machine-based platform for trusted computing. ACM SIGOPS Operating Systems Review 37, 193\u2013206 (2003)","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"40_CR8","unstructured":"Ta-Min, R., Litty, L., Lie, D.: Splitting interfaces: making trust between applications and operating systems configurable. In: Proceedings of the 7th Symposium on Operating Systems Design and Implementation, pp. 279\u2013292. USENIX Association (2006)"},{"key":"40_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/978-3-642-38030-3_5","volume-title":"Smart Grid Security","author":"AJ Paverd","year":"2013","unstructured":"Paverd, A.J., Martin, A.P.: Hardware security for device authentication in the smart grid. In: Cuellar, J. (ed.) SmartGridSec 2012. LNCS, vol. 7823, pp. 72\u201384. Springer, Heidelberg (2013)"},{"key":"40_CR10","unstructured":"Li, Y., McCune, J., Newsome, J., Perrig, A., Baker, B., Drewry, W.: Minibox: a two-way sandbox for x86 native code. In: 2014 USENIX Annual Technical Conference (USENIX ATC 2014). USENIX Association (2014)"},{"issue":"4","key":"40_CR11","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1145\/2499368.2451146","volume":"48","author":"OS Hofmann","year":"2013","unstructured":"Hofmann, O.S., Kim, S., Dunn, A.M., Lee, M.Z., Witchel, E.: Inktag: secure applications on an untrusted operating system. ACM SIGPLAN Notices 48(4), 265\u2013278 (2013)","journal-title":"ACM SIGPLAN Notices"},{"key":"40_CR12","doi-asserted-by":"crossref","unstructured":"Atamli, A.W., Martin, A.: Threat-based security analysis for the internet of things. In: 2014 International Workshop on Secure Internet of Things (SIoT), pp. 35\u201343. IEEE (2014)","DOI":"10.1109\/SIoT.2014.10"},{"issue":"4","key":"40_CR13","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1145\/1357010.1352625","volume":"42","author":"JM McCune","year":"2008","unstructured":"McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for tcb minimization. SIGOPS Oper. Syst. Rev. 42(4), 315\u2013328 (2008)","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"40_CR14","doi-asserted-by":"crossref","unstructured":"McCune, J., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: Trustvisor: efficient tcb reduction and attestation. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 143\u2013158, May 2010","DOI":"10.1109\/SP.2010.17"},{"key":"40_CR15","doi-asserted-by":"crossref","unstructured":"Azab, A.M., Ning, P., Zhang, X.: Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 375\u2013388. ACM (2011)","DOI":"10.1145\/2046707.2046752"},{"key":"40_CR16","unstructured":"Sahita, R., Warrier, U., Dewan, P.: Protecting critical applications on mobile platforms. Intel Technology Journal 13(2) (2009)"},{"key":"40_CR17","doi-asserted-by":"crossref","unstructured":"Yee, B., Sehr, D., Dardyk, G., Chen, J.B., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native client: a sandbox for portable, untrusted x86 native code. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 79\u201393. IEEE (2009)","DOI":"10.1109\/SP.2009.25"},{"key":"40_CR18","unstructured":"Dewan, P., Durham, D., Khosravi, H., Long, M., Nagabhushan, G.: A hypervisor-based system for protecting software runtime memory and persistent storage. In: Proceedings of the 2008 Spring Simulation Multiconference, pp. 828\u2013835. Society for Computer Simulation International (2008)"},{"key":"40_CR19","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1145\/1218063.1217951","volume":"40","author":"L Singaravelu","year":"2006","unstructured":"Singaravelu, L., Pu, C., H\u00e4rtig, H., Helmuth, C.: Reducing tcb complexity for security-sensitive applications: Three case studies. ACM SIGOPS Operating Systems Review 40, 161\u2013174 (2006)","journal-title":"ACM SIGOPS Operating Systems Review"},{"key":"40_CR20","unstructured":"Cheng, Y., Ding, X., Deng, R.: Appshield: Protecting applications against untrusted operating system. Singaport Management University Technical Report, SMU-SIS-13 101 (2013)"},{"key":"40_CR21","unstructured":"ARM: ARM TrustZone"},{"issue":"1","key":"40_CR22","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1145\/1353534.1346285","volume":"36","author":"JM McCune","year":"2008","unstructured":"McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Seshadri, A.: How low can you go?: Recommendations for hardware-supported minimal tcb code execution. SIGARCH Comput. Archit. News 36(1), 14\u201325 (2008)","journal-title":"SIGARCH Comput. Archit. News"},{"key":"40_CR23","doi-asserted-by":"crossref","unstructured":"Hoekstra, M., Lal, R.: Using innovative instructions to create trustworthy software solutions. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (2013)","DOI":"10.1145\/2487726.2488370"},{"key":"40_CR24","doi-asserted-by":"crossref","unstructured":"McKeen, F., Alexandrovich, I., Berenzon, A.: Innovative instructions and software model for isolated execution. In: HASP (2013)","DOI":"10.1145\/2487726.2488368"},{"issue":"3","key":"40_CR25","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1145\/361268.361275","volume":"15","author":"MD Schroeder","year":"1972","unstructured":"Schroeder, M.D., Saltzer, J.H.: A hardware architecture for implementing protection rings. Communications of the ACM 15(3), 157\u2013170 (1972)","journal-title":"Communications of the ACM"},{"key":"40_CR26","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with haven. In: USENIX Symposium on Operating Systems Design and Implementation (OSDI) (2014)"},{"key":"40_CR27","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-vm side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 305\u2013316. ACM, New York (2012)","DOI":"10.1145\/2382196.2382230"},{"key":"40_CR28","doi-asserted-by":"crossref","unstructured":"Fan, J., Guo, X., De Mulder, E., Schaumont, P., Preneel, B., Verbauwhede, I.: State-of-the-art of secure ecc implementations: a survey on known side-channel attacks and countermeasures. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 76\u201387. IEEE (2010)","DOI":"10.1109\/HST.2010.5513110"},{"issue":"9","key":"40_CR29","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/PROC.1975.9939","volume":"63","author":"JH Saltzer","year":"1975","unstructured":"Saltzer, J.H., Schroeder, M.D.: The protection of information in computer systems. Proceedings of the IEEE 63(9), 1278\u20131308 (1975)","journal-title":"Proceedings of the IEEE"},{"key":"40_CR30","unstructured":"OpenSSL Software Foundation: OpenSSL Library Version 1.0.2a"},{"key":"40_CR31","unstructured":"Mehta, N.: Codenomicon: The Heartbleed Bug"},{"issue":"4","key":"40_CR32","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1145\/1218063.1217951","volume":"40","author":"L Singaravelu","year":"2006","unstructured":"Singaravelu, L., Pu, C., H\u00e4rtig, H., Helmuth, C.: Reducing tcb complexity for security-sensitive applications: Three case studies. SIGOPS Oper. Syst. Rev. 40(4), 161\u2013174 (2006)","journal-title":"SIGOPS Oper. Syst. Rev."},{"key":"40_CR33","doi-asserted-by":"crossref","unstructured":"Strackx, R., Piessens, F.: Fides: selectively hardening software application components against kernel-level or process-level malware. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 2\u201313. ACM, New York (2012)","DOI":"10.1145\/2382196.2382200"},{"key":"40_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-642-23822-2_13","volume-title":"Computer Security \u2013 ESORICS 2011","author":"Y Cheng","year":"2011","unstructured":"Cheng, Y., Ding, X., Deng, R.H.: DriverGuard: a fine-grained protection on I\/O flows. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 227\u2013244. Springer, Heidelberg (2011)"},{"key":"40_CR35","doi-asserted-by":"crossref","unstructured":"Vasiliadis, G., Athanasopoulos, E., Polychronakis, M., Ioannidis, S.: Pixelvault: using gpus for securing cryptographic operations. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014, pp. 1131\u20131142. ACM, New York (2014)","DOI":"10.1145\/2660267.2660316"},{"key":"40_CR36","doi-asserted-by":"crossref","unstructured":"Stitt, G., Lysecky, R., Vahid, F.: Dynamic hardware\/software partitioning: a first approach. In: Proceedings of the 40th Annual Design Automation Conference, DAC 2003, pp. 250\u2013255. ACM, New York (2003)","DOI":"10.1145\/775894.775896"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-28865-9_40","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T07:48:29Z","timestamp":1559375309000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-28865-9_40"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319288642","9783319288659"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-28865-9_40","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}