{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T16:18:05Z","timestamp":1781021885505,"version":"3.54.1"},"reference-count":58,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2021,7,1]],"date-time":"2021-07-01T00:00:00Z","timestamp":1625097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2021,7,1]],"date-time":"2021-07-01T00:00:00Z","timestamp":1625097600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2021,7,1]],"date-time":"2021-07-01T00:00:00Z","timestamp":1625097600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1713212"],"award-info":[{"award-number":["U1713212"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["91418206"],"award-info":[{"award-number":["91418206"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Cloud Comput."],"published-print":{"date-parts":[[2021,7,1]]},"DOI":"10.1109\/tcc.2019.2892449","type":"journal-article","created":{"date-parts":[[2019,1,14]],"date-time":"2019-01-14T19:52:37Z","timestamp":1547495557000},"page":"910-922","source":"Crossref","is-referenced-by-count":10,"title":["Architectural Protection of Trusted System Services for SGX Enclaves in Cloud Computing"],"prefix":"10.1109","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6877-780X","authenticated-orcid":false,"given":"Hongliang","family":"Liang","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Mingyu","family":"Li","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9173-7651","authenticated-orcid":false,"given":"Yixiu","family":"Chen","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tianqi","family":"Yang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6053-3317","authenticated-orcid":false,"given":"Zhuosi","family":"Xie","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lin","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-15512-3_9"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"ref32","year":"2018"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/945461.945462"},{"key":"ref30","first-page":"299","article-title":"High-resolution side channels for untrusted operating systems","author":"h\u00e4hnel","year":"2017","journal-title":"Proc USENIX Annu Tech Conf"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2013.6575343"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.11"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.42"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.36"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/3124680.3124745"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346915"},{"key":"ref29","first-page":"1041","article-title":"Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution","author":"bulck","year":"2017","journal-title":"Proc 26th USENIX Secur Symp"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"key":"ref1","first-page":"689","article-title":"SCONE: Secure Linux containers with intel SGX","author":"arnautov","year":"2016","journal-title":"Proc 12th USENIX Symp Operating Syst Des Implementation"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"ref22","year":"0"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.21236\/ADA465464"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00587-9_13"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2005.12.008"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2005.12"},{"key":"ref25","first-page":"271","article-title":"RAPTOR: Routing attacks on privacy in Tor","author":"sun","year":"2015","journal-title":"Proc 24th USENIX Secur Symp"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1145\/3079856.3080208"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/3193111.3193119"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053007"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/TCC.2015.2511728"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1109\/TCC.2015.2469657"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.27"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"ref52","first-page":"489","article-title":"mTCP: A highly scalable user-level TCP stack for multicore systems","author":"jeong","year":"2014","journal-title":"Proc 11th USENIX Symp Netw Syst Des Implementation"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451145"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978326"},{"key":"ref40","doi-asserted-by":"publisher","DOI":"10.1145\/3029806.3029822"},{"key":"ref12","year":"2016"},{"key":"ref13","year":"2016"},{"key":"ref14","article-title":"TaLoS: Secure and Transparent TLS Termination inside SGX Enclaves","author":"aublin","year":"2017"},{"key":"ref15","year":"2017"},{"key":"ref16","year":"2017"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2541940.2541986"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451146"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872372"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"key":"ref3","first-page":"533","article-title":"Ryoan: A distributed sandbox for untrusted computation on secret data","author":"hunt","year":"2016","journal-title":"Proc 12th USENIX Symp Operating Syst Des Implementation"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23500"},{"key":"ref5","first-page":"645","article-title":"Graphene-SGX: A practical library OS for unmodified applications on SGX","author":"tsai","year":"2017","journal-title":"Proc USENIX Annu Tech Conf"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185469"},{"key":"ref7","first-page":"145","article-title":"Enhancing security and privacy of Tor&#x2019;s ecosystem by using trusted execution environments","author":"kim","year":"2017","journal-title":"Proc 14th USENIX Symp Netw Syst Des Implementation"},{"key":"ref49","article-title":"Trusted platform module library. Part 1: Architecture. Family 2.0. Revision 01.16.","year":"2014"},{"key":"ref9","article-title":"Intel 64 and IA-32 architectures software developer's manual combined volume 3D: System programming Guide","year":"0"},{"key":"ref46","first-page":"991","article-title":"Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution","author":"van bulck","year":"2018","journal-title":"Proc 27th USENIX Secur Symp"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4302-6572-6"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346303"},{"key":"ref42","article-title":"A new class of vulnerabilities in SMI handlers","author":"bazhaniuk","year":"2015"},{"key":"ref41","article-title":"Attacking SMM memory via Intel CPU Cache Poisoning","author":"wojtczuk","year":"2009"},{"key":"ref44","first-page":"973","article-title":"Meltdown: Reading kernel memory from user space","author":"lipp","year":"2018","journal-title":"Proc 27th USENIX Secur Symp"},{"key":"ref43","article-title":"System management mode design and security issues","author":"duflot","year":"0"}],"container-title":["IEEE Transactions on Cloud Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6245519\/9527996\/08611132.pdf?arnumber=8611132","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,5,10]],"date-time":"2022-05-10T14:53:45Z","timestamp":1652194425000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/8611132\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,1]]},"references-count":58,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/tcc.2019.2892449","relation":{},"ISSN":["2168-7161","2372-0018"],"issn-type":[{"value":"2168-7161","type":"electronic"},{"value":"2372-0018","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,1]]}}}