{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,25]],"date-time":"2026-03-25T06:19:19Z","timestamp":1774419559876,"version":"3.50.1"},"reference-count":73,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2025,5,1]],"date-time":"2025-05-01T00:00:00Z","timestamp":1746057600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1946022"],"award-info":[{"award-number":["CNS-1946022"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000028","name":"Semiconductor Research Corporation","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000028","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2025,5]]},"DOI":"10.1109\/tdsc.2024.3474423","type":"journal-article","created":{"date-parts":[[2024,10,3]],"date-time":"2024-10-03T17:29:14Z","timestamp":1727976554000},"page":"1976-1992","source":"Crossref","is-referenced-by-count":4,"title":["Securing Cloud File Systems With Trusted Execution"],"prefix":"10.1109","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1719-3112","authenticated-orcid":false,"given":"Quinn","family":"Burke","sequence":"first","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0991-7926","authenticated-orcid":false,"given":"Yohan","family":"Beugin","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2960-0686","authenticated-orcid":false,"given":"Blaine","family":"Hoak","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-3241-9098","authenticated-orcid":false,"given":"Rachel","family":"King","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eric","family":"Pauley","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8447-602X","authenticated-orcid":false,"given":"Ryan","family":"Sheatsley","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6034-904X","authenticated-orcid":false,"given":"Mingli","family":"Yu","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1070-7483","authenticated-orcid":false,"given":"Ting","family":"He","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1295-4461","authenticated-orcid":false,"given":"Thomas F. La","family":"Porta","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, The Pennsylvania State University, University Park, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2091-7484","authenticated-orcid":false,"given":"Patrick","family":"McDaniel","sequence":"additional","affiliation":[{"name":"Computer Sciences Department, University of Wisconsin-Madison, Madison, WI, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.186"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274736"},{"key":"ref3","article-title":"Microsoft Azure has had a string of \u2018nightmare\u2019 vulnerabilities. Protocol Media, LLC","author":"Alspach","year":"2022"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCS.2016.46"},{"key":"ref5","article-title":"Non-control-data attacks are realistic threats","volume-title":"Proc. USENIX Secur. Symp.","volume":"5","author":"Chen"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363206"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24328"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378486"},{"key":"ref9","first-page":"1","article-title":"Towards application security on untrusted operating systems","volume-title":"Proc. 3rd Conf. Hot Topics Secur.","author":"Ports"},{"key":"ref10","doi-asserted-by":"crossref","DOI":"10.17487\/rfc7530","article-title":"Network file system (NFS) version 4 protocol","volume-title":"Internet Requests Comments","author":"Haynes","year":"2015"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945450"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"key":"ref15","first-page":"689","article-title":"SCONE: Secure linux containers with intel SGX","volume-title":"Proc. 12th USENIX Symp. Operating Syst. Des. Implementation","author":"Arnautov"},{"key":"ref16","first-page":"645","article-title":"Graphene-SGX: A practical library OS for unmodified applications on SGX","volume-title":"Proc. 2017 USENIX Annu. Tech. Conf.","author":"che Tsai"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23500"},{"key":"ref18","article-title":"SGX-securing the host OS interface for trusted execution","author":"Priebe","year":"2020"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1145\/168588.168590"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00049"},{"key":"ref21","first-page":"57","article-title":"Trusted execution environment: What it is, and what it is not","volume-title":"Proc. 2015 IEEE Trustcom\/BigDataSE\/ISPA","author":"Sabt"},{"key":"ref22","doi-asserted-by":"crossref","DOI":"10.1145\/2487726.2488368","article-title":"Innovative instructions and software model for isolated execution","volume-title":"Proc. 2nd Int. Workshop Hardware Architectural Support Secur. Privacy","author":"McKeen"},{"key":"ref23","article-title":"AMD memory encryption","author":"Kaplan","year":"2016"},{"key":"ref24","first-page":"445","article-title":"TrustZone explained: Architectural features and use cases","volume-title":"Proc. 2016 IEEE 2nd Int. Conf. Collaboration Internet Comput.","author":"Ngabonziza"},{"key":"ref25","article-title":"Filebench: A flexible framework for file system benchmarking","volume":"41","author":"Tarasov","year":"2016","journal-title":"Login Usenix Mag."},{"key":"ref26","article-title":"Ext4: The next generation of ext2\/3 filesystem","volume-title":"Proc. 2007 Linux Storage Filesystem Workshop","author":"Cao"},{"key":"ref27","article-title":"The enhanced network block device","author":"Breuer","year":"2000","journal-title":"Linux J."},{"key":"ref28","article-title":"Understanding $\\lbrace${Rack-Scale$\\rbrace$} disaggregated storage","volume-title":"Proc. 9th USENIX Workshop Hot Topics Storage File Syst.","author":"Legtchenko","year":"2017"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/MSST.2010.5496972"},{"key":"ref30","article-title":"Analysis of six distributed file systems","author":"Depardon","year":"2013"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/PerComW.2012.6197506"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813700"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.28"},{"key":"ref34","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2022.24161","article-title":"Titanium: A metadata-hiding file-sharing system with malicious security","volume-title":"Proc. 2022 Netw. Distrib. Syst. Secur. Symp.","author":"Chen"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451145"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/49.223881"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/1127345.1127346"},{"key":"ref38","article-title":"Plutus: Scalable secure file sharing on untrusted storage","volume-title":"Proc. 2nd USENIX Conf. File Storage Technol.","author":"Kallahalla"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNMC.2003.1243024"},{"key":"ref40","first-page":"523","article-title":"BesFS: A POSIX filesystem for enclaves with a mechanized safety proof","volume-title":"Proc. 29th USENIX Secur. Symp. USENIX Assoc.","author":"Shinde"},{"key":"ref41","first-page":"357","article-title":"Robustness in the salus scalable block store","volume-title":"Proc. 10th USENIX Symp. Netw. Syst. Des. Implementation","author":"Wang"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2741948.2741958"},{"key":"ref43","first-page":"173","article-title":"Practical byzantine fault tolerance","volume-title":"Proc. 3rd Symp. Operating Syst. Des. Implementation","author":"Castro"},{"key":"ref44","first-page":"15","article-title":"Protocol-aware recovery for consensus-based storage","volume-title":"Proc. 16th USENIX Conf. File Storage Technol.","author":"Alagappan"},{"key":"ref45","first-page":"1","article-title":"Auditing to keep online storage services honest","volume-title":"Proc. 11th USENIX Workshop Hot Topics Operating Syst.","author":"Shah"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064219"},{"key":"ref47","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2018.23284","article-title":"OBLIVIATE: A data oblivious filesystem for intel SGX","volume-title":"Proc. 2018 Netw. Distrib. Syst. Secur. Symp.","author":"Ahmad"},{"key":"ref48","first-page":"29","article-title":"End-to-end data integrity for file systems: A ZFS case study","volume-title":"Proc. 8th USENIX Conf. File Storage Technol.","author":"Zhang"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1007\/0-387-34805-0_21"},{"key":"ref51","first-page":"1","article-title":"EIO: Error handling is occasionally correct","volume-title":"Proc. 6th USENIX Conf. File Storage Technol.","author":"Gunawi"},{"key":"ref52","article-title":"Amazon elastic block store service level agreement. Amazon Web Services, Inc.","year":"2023"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-9278-8_1"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.54"},{"key":"ref58","first-page":"59","article-title":"To FUSE or not to FUSE: Performance of user-space file systems","volume-title":"Proc. 15th USENIX Conf. File Storage Technol.","author":"Vangoor"},{"key":"ref59","doi-asserted-by":"crossref","DOI":"10.17487\/RFC8446","article-title":"The Transport Layer Security (TLS) Protocol Version 1.3","author":"Rescorla","year":"2018"},{"key":"ref60","article-title":"Gramine - a library os for unmodified applications. Gramine Project","author":"Project","year":"2023"},{"key":"ref62","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2018.23239","article-title":"ZeroTrace: Oblivious memory primitives from intel SGX","volume-title":"Proc. 2018 Netw. Distrib. Syst. Secur. Symp.","author":"Sasy"},{"key":"ref63","article-title":"Recommended nfs mount options","year":"2024"},{"key":"ref64","first-page":"241","article-title":"Designing a true direct-access file system with DevFS","volume-title":"Proc. 16th USENIX Conf. File Storage Technol.","author":"Kannan"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3177155"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/1476589.1476628"},{"key":"ref69","article-title":"Open enclave sdk","author":"Enclave","year":"2024"},{"key":"ref70","doi-asserted-by":"publisher","DOI":"10.1145\/3065913.3065915"},{"key":"ref71","first-page":"557","article-title":"Inferring fine-grained control flow inside SGX enclaves with branch shadowing","volume-title":"Proc. 26th USENIX Secur. Symp.","author":"Lee"},{"key":"ref72","first-page":"227","article-title":"Varys: Protecting SGX enclaves from practical side-channel attacks","volume-title":"Proc. 2018 USENIX Annu. Tech. Conf.","author":"Oleksenko"},{"key":"ref73","article-title":"A Survey of published attacks on intel SGX","author":"Nilsson","year":"2020"},{"key":"ref74","first-page":"307","article-title":"Ceph: A scalable, high-performance distributed file system","volume-title":"Proc. 7th Symp. Operating Syst. Des. Implementation","author":"Weil"},{"key":"ref75","doi-asserted-by":"crossref","DOI":"10.1145\/2420950.2420985","article-title":"Iris: A scalable cloud file system with efficient integrity checks","volume-title":"Proc. 28th Annu. Comput. Secur. Appl. Conf.","author":"Stefanov"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1145\/2928275.2928282"},{"key":"ref77","article-title":"BlueSky: A cloud-backed file system for the enterprise","volume-title":"Proc. 10th USENIX Conf. File Storage Technolog.","author":"Vrable"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1145\/3119896"},{"key":"ref79","doi-asserted-by":"publisher","DOI":"10.1145\/3447786.3456255"},{"key":"ref80","first-page":"264","article-title":"EnclaveDB: A secure database using SGX","volume-title":"Proc. IEEE Symp. Secur. Privacy","author":"Priebe"},{"key":"ref81","first-page":"173","article-title":"SPEICHER: Securing LSM-based key-value stores using shielded execution","volume-title":"Proc. 17th USENIX Conf. File Storage Technol.","author":"Bailleu"},{"key":"ref82","first-page":"65","article-title":"Avocado: A secure in-memory distributed storage system","volume-title":"Proc. 2021 USENIX Annu. Tech. Conf.","author":"Bailleu"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielam\/8858\/10992672\/10704991-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8858\/10992672\/10704991.pdf?arnumber=10704991","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,17]],"date-time":"2025-05-17T03:26:07Z","timestamp":1747452367000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10704991\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,5]]},"references-count":73,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2024.3474423","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,5]]}}}