{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,26]],"date-time":"2026-02-26T16:08:37Z","timestamp":1772122117255,"version":"3.50.1"},"reference-count":100,"publisher":"IEEE","license":[{"start":{"date-parts":[[2022,8,1]],"date-time":"2022-08-01T00:00:00Z","timestamp":1659312000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,8,1]],"date-time":"2022-08-01T00:00:00Z","timestamp":1659312000000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,8]]},"DOI":"10.1109\/jcc56315.2022.00019","type":"proceedings-article","created":{"date-parts":[[2022,9,26]],"date-time":"2022-09-26T21:02:13Z","timestamp":1664226133000},"page":"79-88","source":"Crossref","is-referenced-by-count":8,"title":["Towards A Secure Joint Cloud With Confidential Computing"],"prefix":"10.1109","author":[{"given":"Xuyang","family":"Zhao","sequence":"first","affiliation":[{"name":"Shanghai Jiao Tong University,Institude of Parallel and Distributed Systems (IPADS),Shanghai,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mingyu","family":"Li","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University,Institude of Parallel and Distributed Systems (IPADS),Shanghai,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erhu","family":"Feng","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University,Institude of Parallel and Distributed Systems (IPADS),Shanghai,China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yubin","family":"Xia","sequence":"additional","affiliation":[{"name":"Shanghai Jiao Tong University,Institude of Parallel and Distributed Systems (IPADS),Shanghai,China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","year":"0","journal-title":"Validating instances using Cloud Monitoring"},{"key":"ref38","year":"0","journal-title":"Azure Attestation"},{"key":"ref33","year":"0","journal-title":"Introducing the sixth generation of alibaba cloud’s elastic compute service"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00054"},{"key":"ref31","year":"0","journal-title":"Data-in-use protection on IBM Cloud using Intel SGX"},{"key":"ref30","year":"0","journal-title":"Nvidia confidential computing"},{"key":"ref37","year":"0","journal-title":"Azure Products available by region"},{"key":"ref36","year":"0","journal-title":"Azure pricing calculator"},{"key":"ref35","year":"0","journal-title":"Pricing and Calculator"},{"key":"ref34","year":"0","journal-title":"Google VM instance pricing"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387532"},{"key":"ref27","year":"2021","journal-title":"AWS nitro enclaves"},{"key":"ref29","first-page":"275","article-title":"Scalable memory protection in the PENGLAI enclave","author":"feng","year":"2021","journal-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI)"},{"key":"ref20","year":"2019","journal-title":"AMD Secure Encrypted Virtualization"},{"key":"ref22","first-page":"1257","article-title":"Exploiting unprotected I\/O operations in amd’s secure encrypted virtualization","author":"li","year":"2019","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2018.00045"},{"key":"ref24","year":"2020","journal-title":"Amd sev-snp"},{"key":"ref23","year":"2017","journal-title":"Protecting VM Register State with SEV-ES"},{"key":"ref26","year":"2021","journal-title":"Arm developer Realm management extension"},{"key":"ref100","first-page":"1088","author":"fouladi","year":"2019","journal-title":"From laptop to lambda Outsourcing everyday jobs to thousands of transient functional containers"},{"key":"ref25","year":"2020","journal-title":"Intel Trust Domain Extensions"},{"key":"ref50","year":"0","journal-title":"scontain"},{"key":"ref51","article-title":"Scone: Secure linux containers with intel sgx","author":"arnautov","year":"2016","journal-title":"OSDI"},{"key":"ref59","first-page":"879","article-title":"Confidential machine learning on untrusted platforms: A survey","volume":"4","author":"sharma","year":"2021","journal-title":"Cybersecurity"},{"key":"ref58","year":"0","journal-title":"Ego is a framework for building confidential apps in go"},{"key":"ref57","year":"0","journal-title":"EdgelessDB"},{"key":"ref56","year":"0","journal-title":"MarbleRun"},{"key":"ref55","year":"0","journal-title":"The Opaque Platform"},{"key":"ref54","year":"0","journal-title":"Securing secrets management against insider threats"},{"key":"ref53","year":"0","journal-title":"Anjuna"},{"key":"ref52","year":"0","journal-title":"fortanix"},{"key":"ref40","year":"0","journal-title":"AWS nitro enclaves"},{"key":"ref4","year":"0","journal-title":"General Data Protection Regulation"},{"key":"ref3","year":"0","journal-title":"cloud security breaches (and lessons)"},{"key":"ref6","article-title":"Fully homomorphic encryption using ideal lattices","year":"2009","journal-title":"STOC ’07"},{"key":"ref5","year":"0","journal-title":"Health insurance portability and accountability act"},{"key":"ref8","first-page":"6381","volume":"1907","author":"morais","year":"2019","journal-title":"ArXiv"},{"key":"ref49","year":"0","journal-title":"Intel shim tdx"},{"key":"ref7","article-title":"Secure multiparty computation for privacy-preserving data mining","volume":"1","author":"lindell","year":"2008","journal-title":"Journal of Privacy and Confidentiality"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.47"},{"key":"ref46","year":"0","journal-title":"Occlum"},{"key":"ref45","year":"0","journal-title":"nitro-sdk"},{"key":"ref48","year":"0","journal-title":"Kata Containers"},{"key":"ref47","year":"0","journal-title":"Gramine - a Library OS for Unmodified Applications"},{"key":"ref42","year":"0","journal-title":"Open Enclave SDK"},{"key":"ref41","year":"0","journal-title":"Intel Software Guard Extensions SDK for Linux OS"},{"key":"ref44","year":"0","journal-title":"Apache teaclave (incubating) is an open source universal secure computing platform making computation on privacy-sensitive data safe and simple"},{"key":"ref43","year":"0","journal-title":"Edgeless Systems"},{"key":"ref73","author":"chen","year":"2019","journal-title":"Opera Open remote attestation for intel’s secure enclaves"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1145\/3458336.3465301"},{"key":"ref71","author":"barbalace","year":"2020","journal-title":"Edge computing the case for heterogeneous-isa container migration"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1145\/3318464.3386141"},{"key":"ref76","article-title":"LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection","author":"bulck","year":"2020","journal-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P)"},{"key":"ref77","article-title":"Sgxpectre attacks: Leaking enclave secrets via speculative execution","author":"chen","year":"2019","journal-title":"Proceedings of the IEEE Symposium on Security and Privacy (S&P)"},{"key":"ref74","year":"0","journal-title":"Project veraison creates software components that can be used to build an attestation verification service"},{"key":"ref75","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00057"},{"key":"ref78","article-title":"Inferring fine-grained control flow inside SGX enclaves with branch shadowing","author":"lee","year":"2017","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"ref60","year":"0","journal-title":"Confidential ONNX Inference Server"},{"key":"ref62","year":"0","journal-title":"Tensorflow lite for intel sgx"},{"key":"ref61","year":"0","journal-title":"TVM Open Deep Learning Compiler Stack"},{"key":"ref63","first-page":"619","article-title":"Oblivious MultiParty machine learning on trusted processors","author":"ohrimenko","year":"2016","journal-title":"25th USENIX Security Symposium (USENIX Security 16)"},{"key":"ref64","article-title":"Slalom: Fast, verifiable and private` execution of neural networks in trusted hardware","author":"tramer","year":"0","journal-title":"7th International Conference on Learning Representations ICLR 2019"},{"key":"ref65","year":"0","journal-title":"accessible and privacy friendly ai deployment"},{"key":"ref66","year":"0","journal-title":"Mesatee gbdt-rs"},{"key":"ref67","article-title":"The phala network blockchain","year":"0","journal-title":"pruntime and the bridge"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1145\/3341301.3359627"},{"key":"ref2","year":"0","journal-title":"7 Most Infamous Cloud Security Breaches"},{"key":"ref69","year":"0","journal-title":"Azure confidential ledger"},{"key":"ref1","article-title":"the daily swig","year":"0","journal-title":"latest cloud security"},{"key":"ref95","first-page":"441","author":"wu","year":"2018","journal-title":"Comprehensive VM protection against untrusted hypervisor through retrofitted AMD memory encryption"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1145\/3361525.3361541"},{"key":"ref93","year":"0","journal-title":"Secure live migration of encrypted vms"},{"key":"ref92","year":"0","journal-title":"Intel® tdx migration td design guide"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00031"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.37"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833694"},{"key":"ref99","year":"0","journal-title":"SOFAEnclave"},{"key":"ref96","first-page":"1289","article-title":"ROTE: rollback protection for trusted execution","author":"matetic","year":"2017","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref97","first-page":"1598","volume":"70","author":"gu","year":"2021","journal-title":"Enclavisor A hardware-software co-design for enclaves on untrusted cloud"},{"key":"ref10","year":"0","journal-title":"Azure Confidential Computing"},{"key":"ref11","year":"0","journal-title":"Google Cloud Computing"},{"key":"ref12","year":"0","journal-title":"Alibaba cloud"},{"key":"ref13","year":"0","journal-title":"AWS nitro enclaves"},{"key":"ref14","year":"0","journal-title":"Confidential computing on IBM Cloud"},{"key":"ref15","year":"2021","journal-title":"Confidential Computing Consortium"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488370"},{"key":"ref82","article-title":"Cipherleaks: Breaking constant-time cryptography on amd sev via the ciphertext side channel","author":"li","year":"2021","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref17","year":"2022","journal-title":"Build an intel® software guard extensions ecdsa attestation service to strengthen enclave security"},{"key":"ref81","article-title":"Foreshadow: Extracting the keys to the intel sgx kingdom with transient out-of-order execution","author":"bulck","year":"2018","journal-title":"USENIX Security Symposium"},{"key":"ref18","year":"2022","journal-title":"Intel(r) software guard extensions data center attestation primitives"},{"key":"ref84","article-title":"Exploiting unprotected i\/o operations in amd’s secure encrypted virtualization","author":"li","year":"2019","journal-title":"USENIX Security Symposium"},{"key":"ref19","year":"2020","journal-title":"3rd gen intel® xeon® scalable processors"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3485253"},{"key":"ref80","article-title":"Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution","author":"bulck","year":"2017","journal-title":"Proceedings of the USENIX Security Symposium"},{"key":"ref89","first-page":"155","article-title":"Don’t yank my chain: Auditable NF service chaining","author":"liu","year":"2021","journal-title":"Proceedings of the USENIX Symposium on Networked Systems Design and Implementation (NSDI)"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA52012.2021.00032"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"key":"ref87","first-page":"533","article-title":"Ryoan: A distributed sandbox for untrusted computation on secret data","author":"hunt","year":"2016","journal-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI)"},{"key":"ref88","first-page":"331","author":"li","year":"2021","journal-title":"Proceedings of the USENIX Symposium on Operating Systems Design and Implementation (OSDI)"}],"event":{"name":"2022 IEEE International Conference on Joint Cloud Computing (JCC)","location":"Fremont, CA, USA","start":{"date-parts":[[2022,8,15]]},"end":{"date-parts":[[2022,8,18]]}},"container-title":["2022 IEEE International Conference on Joint Cloud Computing (JCC)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9897094\/9898078\/09898084.pdf?arnumber=9898084","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,14]],"date-time":"2022-10-14T20:51:54Z","timestamp":1665780714000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9898084\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,8]]},"references-count":100,"URL":"https:\/\/doi.org\/10.1109\/jcc56315.2022.00019","relation":{},"subject":[],"published":{"date-parts":[[2022,8]]}}}