{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T21:03:11Z","timestamp":1774299791597,"version":"3.50.1"},"reference-count":45,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"4","license":[{"start":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T00:00:00Z","timestamp":1775001600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T00:00:00Z","timestamp":1775001600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T00:00:00Z","timestamp":1775001600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100002367","name":"Chinese Academy of Sciences","doi-asserted-by":"publisher","award":["2022YFB3103900"],"award-info":[{"award-number":["2022YFB3103900"]}],"id":[{"id":"10.13039\/501100002367","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Research and Development Program of China","award":["2021YFB2910109"],"award-info":[{"award-number":["2021YFB2910109"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62202465"],"award-info":[{"award-number":["62202465"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Comput."],"published-print":{"date-parts":[[2026,4]]},"DOI":"10.1109\/tc.2026.3654947","type":"journal-article","created":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T20:39:44Z","timestamp":1768941584000},"page":"1608-1621","source":"Crossref","is-referenced-by-count":0,"title":["FlexClave: An Extensible and Secure Trusted Execution Environment Framework"],"prefix":"10.1109","volume":"75","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8565-1923","authenticated-orcid":false,"given":"Qihang","family":"Zhou","sequence":"first","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7506-9408","authenticated-orcid":false,"given":"Wenzhuo","family":"Cao","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8376-3235","authenticated-orcid":false,"given":"Xiaoqi","family":"Jia","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-8141-8183","authenticated-orcid":false,"given":"Shaowen","family":"Xu","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9965-0876","authenticated-orcid":false,"given":"Jiayun","family":"Chen","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-2547-3667","authenticated-orcid":false,"given":"Nan","family":"Jiang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-3635-7785","authenticated-orcid":false,"given":"Zhicong","family":"Zhang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3336-923X","authenticated-orcid":false,"given":"Zhenyu","family":"Song","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2783-3232","authenticated-orcid":false,"given":"Haichao","family":"Du","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-2170-7434","authenticated-orcid":false,"given":"Yamin","family":"Xie","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-8641-0534","authenticated-orcid":false,"given":"Chen","family":"Song","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-1426-3677","authenticated-orcid":false,"given":"Jing","family":"Tang","sequence":"additional","affiliation":[{"name":"Institute of Information Engineering, Chinese Academy of Sciences; School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-2917-3922","authenticated-orcid":false,"given":"Peijie","family":"Yin","sequence":"additional","affiliation":[{"name":"Communication Engineering Division, Xi&#x2019;an Electronic Engineering Research Institute, Xi&#x2019;an, China"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9432-9779","authenticated-orcid":false,"given":"Shengzhi","family":"Zhang","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Metropolitan College, Boston University, Boston, MA, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5091-8464","authenticated-orcid":false,"given":"Peng","family":"Liu","sequence":"additional","affiliation":[{"name":"Pennsylvania State University, University Park, PA, USA"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2025.240328"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451146"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872372"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132782"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043576"},{"key":"ref6","first-page":"267","article-title":"Shielding applications from an untrusted cloud with haven","volume-title":"Proc.11th OSDI","author":"Baumann","year":"2014"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378469"},{"key":"ref8","first-page":"689","article-title":"SCONE: Secure Linux containers with intel SGX","volume-title":"Proc. 12th OSDI","author":"Arnautov","year":"2016"},{"key":"ref9","article-title":"Software guard extensions programming reference","year":"2014"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-019-2707-6"},{"key":"ref11","article-title":"Arm security technology - Building a secure system using TrustZone technology","year":"2009"},{"key":"ref12","first-page":"1416","article-title":"SoK: Understanding the prevailing security vulnerabilities in TrustZone-assisted TEE systems","volume-title":"Proc. 41st IEEE Symp. Secur. Privacy (SP)","author":"Cerdeira","year":"2020"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387532"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.5555\/3241094.3241161"},{"key":"ref15","first-page":"683","article-title":"Blackbox: A container security monitor for protecting containers on untrusted operating systems","volume-title":"Proc. 16th USENIX OSDI","author":"Hof","year":"2022"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2021.3055293"},{"key":"ref17","article-title":"Arm CCA.\u201d"},{"key":"ref18","first-page":"6257","article-title":"SHELTER: extending ARM CCA with isolation in user space","volume-title":"Proc. 32nd USENIX Secur.","author":"Zhang","year":"2023"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2018.00045"},{"key":"ref20","first-page":"645","article-title":"Graphene-SGX: A practical library OS for unmodified applications on SGX","volume-title":"Proc. 25th USENIX ATC","author":"Tsai","year":"2017"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/3652597"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690323"},{"key":"ref23","article-title":"AMD secure encrypted virtualization (SEV).\u201d"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103180"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/1353536.1346284"},{"key":"ref26","first-page":"437","article-title":"HyperEnclave: An open and cross-platform trusted execution environment","volume-title":"Proc. 31st USENIX ATC","author":"Jia","year":"2022"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/3698038.3698520"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23448"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2499368.2451145"},{"key":"ref30","first-page":"565","article-title":"Hardware-assisted on-demand hypervisor activation for efficient security critical code execution on mobile devices","volume-title":"Proc. 25th USENIX ATC","author":"Cho","year":"2016"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2775054.2694386"},{"key":"ref32","first-page":"423","article-title":"The turtles project: Design and implementation of nested virtualization","volume-title":"Prof. 9th USENIX OSDI","author":"Ben-Yehuda","year":"2010"},{"key":"ref33","first-page":"541","article-title":"VTZ: Virtualizing ARM TrustZone","volume-title":"Proc. USENIX Secur.","author":"Hua","year":"2017"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/3477132.3483554"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/3586040"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC63791.2024.00023"},{"key":"ref37","article-title":"httpd.\u201d"},{"key":"ref38","article-title":"Apache benchmarks.\u201d"},{"key":"ref39","article-title":"Nginx.\u201d"},{"key":"ref40","article-title":"Memcached.\u201d"},{"key":"ref41","article-title":"Memtier.\u201d"},{"key":"ref42","article-title":"Mysql.\u201d"},{"key":"ref43","article-title":"Sysbench.\u201d"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00057"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354201"}],"container-title":["IEEE Transactions on Computers"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/12\/11435995\/11357544.pdf?arnumber=11357544","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,23]],"date-time":"2026-03-23T20:06:20Z","timestamp":1774296380000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/11357544\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,4]]},"references-count":45,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.1109\/tc.2026.3654947","relation":{},"ISSN":["0018-9340","1557-9956","2326-3814"],"issn-type":[{"value":"0018-9340","type":"print"},{"value":"1557-9956","type":"electronic"},{"value":"2326-3814","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,4]]}}}