{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T19:38:29Z","timestamp":1770925109088,"version":"3.50.1"},"reference-count":54,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T00:00:00Z","timestamp":1770854400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T00:00:00Z","timestamp":1770854400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2026,6]]},"DOI":"10.1007\/s10586-025-05880-2","type":"journal-article","created":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T18:57:39Z","timestamp":1770922659000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Encloak: protecting sensitive data in remote computing using trusted execution environments"],"prefix":"10.1007","volume":"29","author":[{"given":"Yongzhi","family":"Wang","sequence":"first","affiliation":[]},{"given":"Bozhen","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,2,12]]},"reference":[{"key":"5880_CR1","doi-asserted-by":"crossref","unstructured":"McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. Hasp@ isca 10(1) (2013)","DOI":"10.1145\/2487726.2488368"},{"key":"5880_CR2","unstructured":"Kaplan, D., Powell, J., Woller, T.: Amd memory encryption. White paper (2016)"},{"key":"5880_CR3","first-page":"18","volume":"3","author":"T Alves","year":"2004","unstructured":"Alves, T.: Trustzone: Integrated hardware and software security. Inform. Quar. 3, 18\u201324 (2004)","journal-title":"Inform. Quar."},{"key":"5880_CR4","unstructured":"Corporation, I.: Intel Trust Domain Extensions. https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/articles\/intel-trust-domain-extensions.html. Accessed: 2024-07-22 (2021)"},{"key":"5880_CR5","unstructured":"Amazon: AWS Nitro Enclaves. Website. https:\/\/aws.amazon.com\/ec2\/nitro\/nitro-enclaves\/"},{"key":"5880_CR6","unstructured":"Microsoft: Azure Confidential Computing. Website. https:\/\/azure.microsoft.com\/en-us\/solutions\/confidential-compute\/"},{"key":"5880_CR7","unstructured":"Cloud, A.: Alibaba Cloud Enclave. Website. https:\/\/www.alibabacloud.com\/help\/en\/elastic-compute-service\/latest\/build-a-confidential-computing-environment-by-using-enclave"},{"key":"5880_CR8","unstructured":"Google: Confidential Computing. Website. https:\/\/cloud.google.com\/confidential-computing"},{"issue":"9","key":"5880_CR9","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3652597","volume":"56","author":"P-C Cheng","year":"2024","unstructured":"Cheng, P.-C., Ozga, W., Valdez, E., Ahmed, S., Gu, Z., Jamjoom, H., Franke, H., Bottomley, J.: Intel tdx demystified: A top-down approach. ACM Comput. Surv. 56(9), 1\u201333 (2024)","journal-title":"ACM Comput. Surv."},{"issue":"3","key":"5880_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2799647","volume":"33","author":"A Baumann","year":"2015","unstructured":"Baumann, A., Peinado, M., Hunt, G.: Shielding applications from an untrusted cloud with haven. ACM Trans. Comput. Syst. 33(3), 1\u201326 (2015)","journal-title":"ACM Trans. Comput. Syst."},{"key":"5880_CR11","unstructured":"Arnautov, S., Trach, B., Gregor, F., Knauth, T., Martin, A., Priebe, C., Lind, J., Muthukumaran, D., O\u2019keeffe, D., Stillwell, M., et\u00a0al.: Scone: Secure linux containers with intel sgx. In: OSDI, vol. 16, pp. 689\u2013703 (2016)"},{"key":"5880_CR12","unstructured":"Tsai, C.-C., Porter, D.E., Vij, M.: Graphene-sgx: A practical library os for unmodified applications on sgx. In: USENIX Annual Technical Conference, pp. 645\u2013658 (2017)"},{"key":"5880_CR13","unstructured":"Priebe, C., Muthukumaran, D., Lind, J., Zhu, H., Cui, S., Sartakov, V.A., Pietzuch, P.: Sgx-lkl: Securing the host os interface for trusted execution. arXiv preprint arXiv:1908.11143 (2019)"},{"key":"5880_CR14","unstructured":"Tsai, C.-C., Son, J., Jain, B., Popa, R.A., Porter, D.E.: Civet: An efficient java partitioning framework for hardware enclaves. In: Proceedings of the 29th USENIX Security Symposium (USENIX Security\u201920) (2020)"},{"key":"5880_CR15","doi-asserted-by":"crossref","unstructured":"Jiang, J., Chen, X., Li, T., Wang, C., Shen, T., Zhao, S., Cui, H., Wang, C.-L., Zhang, F.: Uranus: Simple, efficient sgx programming and its applications. In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, pp. 826\u2013840 (2020)","DOI":"10.1145\/3320269.3384763"},{"key":"5880_CR16","doi-asserted-by":"crossref","unstructured":"Wang, H., Wang, P., Ding, Y., Sun, M., Jing, Y., Duan, R., Li, L., Zhang, Y., Wei, T., Lin, Z.: Towards memory safe enclave programming with rust-sgx. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2333\u20132350 (2019)","DOI":"10.1145\/3319535.3354241"},{"key":"5880_CR17","unstructured":"Wang, H., Sun, M., Feng, Q., Wang, P., Li, T., Ding, Y.: Towards memory safe python enclave for security sensitive computation. arXiv preprint arXiv:2005.05996 (2020)"},{"key":"5880_CR18","unstructured":"Ghosn, A., Larus, J., Bugnion, E.: Secured routines: Language-based construction of trusted execution environments. In: Proceedings of the 2019 Usenix Annual Technical Conference, pp. 571\u2013585 (2019). USENIX ASSOC"},{"key":"5880_CR19","doi-asserted-by":"crossref","unstructured":"Wang, H., Bauman, E., Karande, V., Lin, Z., Cheng, Y., Zhang, Y.: Running language interpreters inside sgx: A lightweight, legacy-compatible script code hardening approach. In: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, pp. 114\u2013121 (2019)","DOI":"10.1145\/3321705.3329848"},{"key":"5880_CR20","unstructured":"Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013)"},{"key":"5880_CR21","doi-asserted-by":"publisher","unstructured":"Sardar, M.U., Quoc, D.L., Fetzer, C.: Towards formalization of enhanced privacy id (epid)-based remote attestation in intel sgx. In: 2020 23rd Euromicro Conference on Digital System Design (DSD), pp. 604\u2013607 (2020). https:\/\/doi.org\/10.1109\/DSD51259.2020.00099","DOI":"10.1109\/DSD51259.2020.00099"},{"key":"5880_CR22","unstructured":"Oleksenko, O., Trach, B., Krahn, R., Silberstein, M., Fetzer, C.: Varys: Protecting sgx enclaves from practical side-channel attacks. In: 2018 Usenix Annual Technical Conference (USENIX ATC 18), pp. 227\u2013240 (2018)"},{"key":"5880_CR23","doi-asserted-by":"crossref","unstructured":"Brasser, F., Capkun, S., Dmitrienko, A., Frassetto, T., Kostiainen, K., Sadeghi, A.-R.: Dr. sgx: Automated and adjustable side-channel protection for sgx using data location randomization. In: Proceedings of the 35th Annual Computer Security Applications Conference, pp. 788\u2013800 (2019)","DOI":"10.1145\/3359789.3359809"},{"key":"5880_CR24","doi-asserted-by":"crossref","unstructured":"Oh, H., Ahmad, A., Park, S., Lee, B., Paek, Y.: Trustore: Side-channel resistant storage for sgx using intel hybrid cpu-fpga. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 1903\u20131918 (2020)","DOI":"10.1145\/3372297.3417265"},{"key":"5880_CR25","unstructured":"Lind, J., Priebe, C., Muthukumaran, D., O\u2019Keeffe, D., Aublin, P., Kelbert, F., Reiher, T., Goltzsche, D., Eyers, D., Kapitza, R., et\u00a0al.: Glamdring: Automatic application partitioning for intel sgx. (2017). USENIX"},{"issue":"3","key":"5880_CR26","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1145\/24039.24041","volume":"9","author":"J Ferrante","year":"1987","unstructured":"Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. ACM Trans. Program. Lang. Syst. 9(3), 319\u2013349 (1987). https:\/\/doi.org\/10.1145\/24039.24041","journal-title":"ACM Trans. Program. Lang. Syst."},{"key":"5880_CR27","doi-asserted-by":"crossref","unstructured":"Sridharan, M., Chandra, S., Dolby, J., Fink, S.J., Yahav, E.: Alias analysis for object-oriented programs. In: Aliasing in Object-Oriented Programming: Types. Analysis, and Verification, pp. 196\u2013232. Springer, Berlin, Heidelberg (2013)","DOI":"10.1007\/978-3-642-36946-9_8"},{"key":"5880_CR28","unstructured":"Lhot\u00e1k, O.: Spark: A flexible points-to analysis framework for java (2003)"},{"key":"5880_CR29","unstructured":"Andersen, L.O.: Program analysis and specialization for the c programming language. PhD thesis, Citeseer (1994)"},{"issue":"6","key":"5880_CR30","doi-asserted-by":"publisher","first-page":"87","DOI":"10.1145\/1543135.1542486","volume":"44","author":"O Tripp","year":"2009","unstructured":"Tripp, O., Pistoia, M., Fink, S.J., Sridharan, M., Weisman, O.: Taj: effective taint analysis of web applications. ACM Sigplan Notices 44(6), 87\u201397 (2009)","journal-title":"ACM Sigplan Notices"},{"issue":"ICFP","key":"5880_CR31","doi-asserted-by":"publisher","first-page":"955","DOI":"10.1145\/3607863","volume":"7","author":"S Keidel","year":"2023","unstructured":"Keidel, S., Erdweg, S., Homb\u00fccher, T.: Combinator-based fixpoint algorithms for big-step abstract interpreters. Proceedings of the ACM on Programming Languages 7(ICFP), 955\u2013981 (2023)","journal-title":"Proceedings of the ACM on Programming Languages"},{"key":"5880_CR32","doi-asserted-by":"publisher","unstructured":"Ruf, E.: Context-insensitive alias analysis reconsidered. In: Proceedings of the ACM SIGPLAN 1995 Conference on Programming Language Design and Implementation. PLDI \u201995, pp. 13\u201322. Association for Computing Machinery, New York, NY, USA (1995). https:\/\/doi.org\/10.1145\/207110.207112","DOI":"10.1145\/207110.207112"},{"key":"5880_CR33","unstructured":"LLVM Language Reference Manual; LLVM 22.0.0 git documentation \u2014 llvm.org. https:\/\/llvm.org\/docs\/LangRef.html. [Accessed 02-11-2025]"},{"key":"5880_CR34","unstructured":"The LLVM Compiler Infrastructure Project \u2014 llvm.org. https:\/\/llvm.org. [Accessed 02-11-2025]"},{"key":"5880_CR35","unstructured":"Debugging LLVM - Rust Compiler Development Guide \u2014 rustc-dev-guide.rust-lang.org. https:\/\/rustc-dev-guide.rust-lang.org\/backend\/debugging.html. [Accessed 02-11-2025]"},{"key":"5880_CR36","unstructured":"GitHub - goplus\/llgo: A Go compiler based on LLVM in order to better integrate Go with the C ecosystem including Python and JavaScript \u2014 github.com. https:\/\/github.com\/goplus\/llgo. [Accessed 02-11-2025]"},{"key":"5880_CR37","doi-asserted-by":"crossref","unstructured":"Ye, M., Sherman, J., Srisa-An, W., Wei, S.: Tzslicer: Security-aware dynamic program slicing for hardware isolation. In: 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 17\u201324 (2018). IEEE","DOI":"10.1109\/HST.2018.8383886"},{"issue":"4","key":"5880_CR38","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3231594","volume":"35","author":"T Hunt","year":"2018","unstructured":"Hunt, T., Zhu, Z., Xu, Y., Peter, S., Witchel, E.: Ryoan: A distributed sandbox for untrusted computation on secret data. ACM Trans. Comput. Syst 35(4), 1\u201332 (2018)","journal-title":"ACM Trans. Comput. Syst"},{"key":"5880_CR39","doi-asserted-by":"crossref","unstructured":"Shinde, S., Le\u00a0Tien, D., Tople, S., Saxena, P.: Panoply: Low-tcb linux applications with sgx enclaves. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23500"},{"issue":"4","key":"5880_CR40","doi-asserted-by":"publisher","first-page":"3562","DOI":"10.1109\/TDSC.2023.3334516","volume":"21","author":"J M\u00e9n\u00e9trey","year":"2024","unstructured":"M\u00e9n\u00e9trey, J., Pasin, M., Felber, P., Schiavoni, V., Mazz\u00e9o, G., Hollum, A., Vaydia, D.: A comprehensive trusted runtime for webassembly with intel sgx. IEEE Transactions on Dependable and Secure Computing 21(4), 3562\u20133579 (2024). https:\/\/doi.org\/10.1109\/TDSC.2023.3334516","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"5880_CR41","doi-asserted-by":"crossref","unstructured":"Wu, M., Li, Z., Chen, H., Zang, B., Wang, S., Yu, L., Li, S., Song, H.: Towards an sgx-friendly java runtime. IEEE Transactions on Computers (2023)","DOI":"10.1109\/TC.2023.3318400"},{"key":"5880_CR42","doi-asserted-by":"crossref","unstructured":"Yuhala, P., M\u00e9n\u00e9trey, J., Felber, P., Schiavoni, V., Tchana, A., Thomas, G., Guiroux, H., Lozi, J.-P.: Montsalvat: Intel sgx shielding for graalvm native images. In: Proceedings of the 22nd International Middleware Conference, pp. 352\u2013364 (2021)","DOI":"10.1145\/3464298.3493406"},{"key":"5880_CR43","doi-asserted-by":"crossref","unstructured":"Wang, Y., Shen, Y., Su, C., Cheng, K., Yang, Y., Faree, A., Liu, Y.: Cfhider: Control flow obfuscation with intel sgx. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 541\u2013549 (2019). IEEE","DOI":"10.1109\/INFOCOM.2019.8737444"},{"issue":"9","key":"5880_CR44","first-page":"2128","volume":"71","author":"Y Wang","year":"2021","unstructured":"Wang, Y., Zou, Y., Shen, Y., Liu, Y.: Cfhider: Protecting control flow confidentiality with intel sgx. IEEE Trans. Comput. 71(9), 2128\u20132141 (2021)","journal-title":"IEEE Trans. Comput."},{"key":"5880_CR45","doi-asserted-by":"crossref","unstructured":"Oak, A., Ahmadian, A.M., Balliu, M., Salvaneschi, G.: Language support for secure software development with enclaves. In: 2021 IEEE 34th Computer Security Foundations Symposium (CSF), pp. 1\u201316 (2021). IEEE","DOI":"10.1109\/CSF51468.2021.00037"},{"key":"5880_CR46","doi-asserted-by":"publisher","DOI":"10.1145\/3626757","author":"M Sha","year":"2023","unstructured":"Sha, M., Li, J., Wang, S., Li, F., Tan, K.-L.: Tee-based general-purpose computational backend for secure delegated data processing. Proc. ACM Manag. Data (2023). https:\/\/doi.org\/10.1145\/3626757","journal-title":"Proc. ACM Manag. Data"},{"key":"5880_CR47","doi-asserted-by":"crossref","unstructured":"Djoko, J.B., Lange, J., Lee, A.J.: Nexus: Practical and secure access control on untrusted storage platforms using client-side sgx. In: 2019 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 401\u2013413 (2019). IEEE","DOI":"10.1109\/DSN.2019.00049"},{"key":"5880_CR48","doi-asserted-by":"crossref","unstructured":"Le\u00a0Quoc, D., Gregor, F., Singh, J., Fetzer, C.: Sgx-pyspark: Secure distributed data analytics. In: The World Wide Web Conference, pp. 3564\u20133563 (2019)","DOI":"10.1145\/3308558.3314129"},{"key":"5880_CR49","doi-asserted-by":"crossref","unstructured":"Priebe, C., Vaswani, K., Costa, M.: Enclavedb: A secure database using sgx. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 264\u2013278 (2018). IEEE","DOI":"10.1109\/SP.2018.00025"},{"issue":"5","key":"5880_CR50","doi-asserted-by":"publisher","first-page":"666","DOI":"10.1109\/TC.2019.2963303","volume":"69","author":"Y Wang","year":"2020","unstructured":"Wang, Y., Shen, Y., Su, C., Ma, J., Liu, L., Dong, X.: Cryptsqlite: Sqlite with high data security. IEEE Trans. Comput. 69(5), 666\u2013678 (2020). https:\/\/doi.org\/10.1109\/TC.2019.2963303","journal-title":"IEEE Trans. Comput."},{"key":"5880_CR51","doi-asserted-by":"crossref","unstructured":"Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: Vc3: Trustworthy data analytics in the cloud using sgx. In: 2015 IEEE Symposium on Security and Privacy, pp. 38\u201354 (2015). IEEE","DOI":"10.1109\/SP.2015.10"},{"key":"5880_CR52","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2022.103403","volume":"72","author":"K Bagher","year":"2023","unstructured":"Bagher, K., Lai, S.: Sgx-stream: A secure stream analytics framework in sgx-enabled edge cloud. Journal of Information Security and Applications 72, 103403 (2023). https:\/\/doi.org\/10.1016\/j.jisa.2022.103403","journal-title":"Journal of Information Security and Applications"},{"key":"5880_CR53","doi-asserted-by":"publisher","DOI":"10.1145\/3632954","author":"J Park","year":"2024","unstructured":"Park, J., Kang, S., Lee, S., Kim, T., Park, J., Kwon, Y., Huh, J.: Hardware-hardened sandbox enclaves for trusted serverless computing. ACM Trans. Archit. Code Optim. (2024). https:\/\/doi.org\/10.1145\/3632954","journal-title":"ACM Trans. Archit. Code Optim."},{"key":"5880_CR54","doi-asserted-by":"crossref","unstructured":"Sun, Z., Sun, R., Liu, C., Chowdhury, A.R., Lu, L., Jha, S.: Shadownet: A secure and efficient on-device model inference system for convolutional neural networks. In: 2023 IEEE Symposium on Security and Privacy (SP), pp. 1596\u20131612 (2023). IEEE","DOI":"10.1109\/SP46215.2023.10179382"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-025-05880-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-025-05880-2","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-025-05880-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,12]],"date-time":"2026-02-12T18:57:50Z","timestamp":1770922670000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-025-05880-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,2,12]]},"references-count":54,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2026,6]]}},"alternative-id":["5880"],"URL":"https:\/\/doi.org\/10.1007\/s10586-025-05880-2","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,2,12]]},"assertion":[{"value":"9 September 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 November 2025","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 December 2025","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 February 2026","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no Conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}],"article-number":"140"}}