{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:47:52Z","timestamp":1772164072438,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,3,14]],"date-time":"2015-03-14T00:00:00Z","timestamp":1426291200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National High Technology Research and Development Program of China(863 Program)","award":["2012AA010904"],"award-info":[{"award-number":["2012AA010904"]}]},{"name":"Ph.D. Programs Foundation of Ministry of Education of China","award":["20120201110010"],"award-info":[{"award-number":["20120201110010"]}]},{"name":"National Natural Science Foundation of China","award":["60933003,61272460"],"award-info":[{"award-number":["60933003,61272460"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,3,14]]},"DOI":"10.1145\/2731186.2731199","type":"proceedings-article","created":{"date-parts":[[2015,3,17]],"date-time":"2015-03-17T08:27:54Z","timestamp":1426580874000},"page":"187-199","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["AppSec"],"prefix":"10.1145","author":[{"given":"Jianbao","family":"Ren","sequence":"first","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yong","family":"Qi","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yuehua","family":"Dai","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaoguang","family":"Wang","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yi","family":"Shi","sequence":"additional","affiliation":[{"name":"Xi'an Jiaotong University, Xi'an, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2015,3,14]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Xen Arbitrary Code Execution. URL http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-3124.  Xen Arbitrary Code Execution. URL http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-3124."},{"key":"e_1_3_2_1_2_1","unstructured":"Google V8 Benchmark Suite. URL http:\/\/v8.googlecode.com\/svn\/data\/benchmarks\/v7\/run.html.  Google V8 Benchmark Suite. URL http:\/\/v8.googlecode.com\/svn\/data\/benchmarks\/v7\/run.html."},{"key":"e_1_3_2_1_3_1","unstructured":"The connection methods to the X server. URL https:\/\/www.debian.org\/doc\/manuals\/debian-reference\/ch07.en.html#_the_connection_methods_to_the_x_server.  The connection methods to the X server. URL https:\/\/www.debian.org\/doc\/manuals\/debian-reference\/ch07.en.html#_the_connection_methods_to_the_x_server."},{"key":"e_1_3_2_1_4_1","unstructured":"VMWare Arbitrary Code Execution. URL http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014--1209.  VMWare Arbitrary Code Execution. URL http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014--1209."},{"key":"e_1_3_2_1_5_1","unstructured":"PCI Local Bus Specification. URL http:\/\/www.math.uni.wroc.pl\/~p-wyk4\/so\/pci23.pdf.  PCI Local Bus Specification. URL http:\/\/www.math.uni.wroc.pl\/~p-wyk4\/so\/pci23.pdf."},{"key":"e_1_3_2_1_6_1","unstructured":"Trusted Platform Module (TPM) Summary. URL http:\/\/www.trustedcomputinggroup.org\/resources\/trusted_platform_module_tpm_summary.  Trusted Platform Module (TPM) Summary. URL http:\/\/www.trustedcomputinggroup.org\/resources\/trusted_platform_module_tpm_summary."},{"key":"e_1_3_2_1_7_1","unstructured":"X Window System. URL http:\/\/en.wikipedia.org\/wiki\/X_Window_System.  X Window System. URL http:\/\/en.wikipedia.org\/wiki\/X_Window_System."},{"key":"e_1_3_2_1_8_1","volume-title":"Instruction Set Extensions ProgrammingReference","author":"NTEL","year":"2013","unstructured":"I NTEL R 64 AND IA-32 ARCHITECTURES SOFTWARE DEVELOPER'S MANUAL. Instruction Set Extensions ProgrammingReference . Intel Corporation , January 2013 . INTEL R 64 AND IA-32 ARCHITECTURES SOFTWARE DEVELOPER'S MANUAL. Instruction Set Extensions ProgrammingReference. Intel Corporation, January 2013."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1609956.1609960"},{"key":"e_1_3_2_1_10_1","volume-title":"6th Conference on Innovative Data Systems Research","author":"Arasu A.","year":"2013","unstructured":"A. Arasu , S. Blanas , K. Eguro , R. Kaushik , D. Kossmann , R. Ramamurthy , and R. Venkatesan . Orthogonal security with cipherbase . In 6th Conference on Innovative Data Systems Research , Jan. 2013 . A. Arasu, S. Blanas, K. Eguro, R. Kaushik, D. Kossmann, R. Ramamurthy, and R. Venkatesan. Orthogonal security with cipherbase. In 6th Conference on Innovative Data Systems Research, Jan. 2013."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046752"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2465351.2465375"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/2685048.2685070"},{"key":"e_1_3_2_1_14_1","unstructured":"A. D. Central. BIOS and Kernel Developer's Guide for AMD Family 15h Models 00h-0Fh Processors.  A. D. Central. BIOS and Kernel Developer's Guide for AMD Family 15h Models 00h-0Fh Processors."},{"key":"e_1_3_2_1_15_1","volume-title":"Tamper-resistant execution in an untrusted operating system using a virtual machine monitor","author":"Chen H.","year":"2007","unstructured":"H. Chen , F. Zhang , C. Chen , Z. Yang , R. Chen , B. Zang , and W. Mao . Tamper-resistant execution in an untrusted operating system using a virtual machine monitor . 2007 . H. Chen, F. Zhang, C. Chen, Z. Yang, R. Chen, B. Zang, and W. Mao. Tamper-resistant execution in an untrusted operating system using a virtual machine monitor. 2007."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"e_1_3_2_1_17_1","first-page":"227","volume-title":"Proceedings of European Symposium on Research in Computer Security","author":"Cheng Y.","year":"2011","unstructured":"Y. Cheng , X. Ding , and R. H. Deng . Driverguard: A finegrained protection on i\/o flows . In Proceedings of European Symposium on Research in Computer Security , pages 227 -- 244 . Springer , 2011 . Y. Cheng, X. Ding, and R. H. Deng. Driverguard: A finegrained protection on i\/o flows. In Proceedings of European Symposium on Research in Computer Security, pages 227--244. Springer, 2011."},{"key":"e_1_3_2_1_18_1","unstructured":"I. Corporation. Lagrande technology preliminary architecture specification. Intel Publication (D52212) 2006.  I. Corporation. Lagrande technology preliminary architecture specification. Intel Publication (D52212) 2006."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2541940.2541986"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11704-012-2084-0"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2451512.2451535"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.21"},{"key":"e_1_3_2_1_23_1","volume-title":"Proc. of the USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Dunn A. M.","year":"2012","unstructured":"A. M. Dunn , M. Z. Lee , S. Jana , S. Kim , M. Silberstein , Y. Xu , V. Shmatikov , and E. Witchel . Eternal sunshine of the spotless machine: Protecting privacy with ephemeral channels . In Proc. of the USENIX Symposium on Operating Systems Design and Implementation (OSDI) , 2012 . A. M. Dunn, M. Z. Lee, S. Jana, S. Kim, M. Silberstein, Y. Xu, V. Shmatikov, and E. Witchel. Eternal sunshine of the spotless machine: Protecting privacy with ephemeral channels. In Proc. of the USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2012."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/224057.224076"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2011.5958202"},{"key":"e_1_3_2_1_26_1","first-page":"1","volume-title":"1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS)","author":"Fraser K.","year":"2004","unstructured":"K. Fraser , S. Hand , R. Neugebauer , I. Pratt , A. Warfield , and M. Williamson . Safe hardware access with the xen virtual machine monitor . In 1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS) , pages 1 -- 1 , 2004 . K. Fraser, S. Hand, R. Neugebauer, I. Pratt, A. Warfield, and M. Williamson. Safe hardware access with the xen virtual machine monitor. In 1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS), pages 1--1, 2004."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165389.945464"},{"key":"e_1_3_2_1_28_1","volume-title":"32nd International Cryptology Conference","author":"Gebtry C.","year":"2012","unstructured":"C. Gebtry , S. Halevi , and N. P. Smart . Homomorphic evaluation of the aes circuit . In 32nd International Cryptology Conference , 2012 . C. Gebtry, S. Halevi, and N. P. Smart. Homomorphic evaluation of the aes circuit. In 32nd International Cryptology Conference, 2012."},{"key":"e_1_3_2_1_29_1","volume-title":"Stanford University","author":"Gentry C.","year":"2009","unstructured":"C. Gentry . A fully homomorphic encryption scheme. PhD thesis , Stanford University , 2009 . C. Gentry. A fully homomorphic encryption scheme. PhD thesis, Stanford University, 2009."},{"key":"e_1_3_2_1_30_1","volume-title":"Technology Insight: Intel c Next Generation Microarchitecture Codename Ivy Bridge","author":"George V.","year":"2011","unstructured":"V. George , T. Piazza , and H. Jiang . Technology Insight: Intel c Next Generation Microarchitecture Codename Ivy Bridge , 2011 . URL www.intel.com\/idf\/library\/pdf\/sf_2011\/SF11_SPCS005_101F.pdf. V. George, T. Piazza, and H. Jiang. Technology Insight: Intel c Next Generation Microarchitecture Codename Ivy Bridge, 2011. URL www.intel.com\/idf\/library\/pdf\/sf_2011\/SF11_SPCS005_101F.pdf."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451146"},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 21st USENIX Conference on Security Symposium, Security'12","author":"Kemerlis V. P.","year":"2012","unstructured":"V. P. Kemerlis , G. Portokalidis , and A. D. Keromytis . kguard: Lightweight kernel protection against return-to-user attacks . In Proceedings of the 21st USENIX Conference on Security Symposium, Security'12 , Berkeley, CA, USA , 2012 . USENIX Association. V. P. Kemerlis, G. Portokalidis, and A. D. Keromytis. kguard: Lightweight kernel protection against return-to-user attacks. In Proceedings of the 21st USENIX Conference on Security Symposium, Security'12, Berkeley, CA, USA, 2012. USENIX Association."},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the 23rd USENIX Conference on Security Symposium, SEC'14","author":"Kemerlis V. P.","year":"2014","unstructured":"V. P. Kemerlis , M. Polychronakis , and A. D. Keromytis . Ret2dir: Rethinking kernel isolation . In Proceedings of the 23rd USENIX Conference on Security Symposium, SEC'14 , 2014 . V. P. Kemerlis, M. Polychronakis, and A. D. Keromytis. Ret2dir: Rethinking kernel isolation. In Proceedings of the 23rd USENIX Conference on Security Symposium, SEC'14, 2014."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/977395.977673"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/356989.357005"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.17"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517349.2522719"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.24"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_3_2_1_41_1","volume-title":"Plash: tools for practical least privilege","author":"Seaborn M.","year":"2008","unstructured":"M. Seaborn . Plash: tools for practical least privilege , 2008 . URL http:\/\/plash.beasts.org\/index.html. M. Seaborn. Plash: tools for practical least privilege, 2008. URL http:\/\/plash.beasts.org\/index.html."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.5555\/1251375.1251387"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 9th USENIX conference on Operating systems design and implementation, OSDI. ACM","author":"Soares L.","year":"2010","unstructured":"L. Soares and M. Stumm . Flexsc: flexible system call scheduling with exception-less system calls . In Proceedings of the 9th USENIX conference on Operating systems design and implementation, OSDI. ACM , 2010 . L. Soares and M. Stumm. Flexsc: flexible system call scheduling with exception-less system calls. In Proceedings of the 9th USENIX conference on Operating systems design and implementation, OSDI. ACM, 2010."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382200"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/782814.782838"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2509136.2509554"},{"key":"e_1_3_2_1_47_1","unstructured":"A. Virtualization. Secure Virtual Machine Architecture Reference Manual. AMD Publication (33047) 2005.  A. Virtualization. Secure Virtual Machine Architecture Reference Manual. AMD Publication (33047) 2005."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346256.1346267"},{"key":"e_1_3_2_1_49_1","first-page":"337","volume-title":"Usenix Security","author":"Zhang M.","year":"2013","unstructured":"M. Zhang and R. Sekar . Control flow integrity for cots binaries . In Usenix Security , pages 337 -- 352 , 2013 . M. Zhang and R. Sekar. Control flow integrity for cots binaries. In Usenix Security, pages 337--352, 2013."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.42"}],"event":{"name":"VEE '15: 11th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments","location":"Istanbul Turkey","acronym":"VEE '15","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the 11th ACM SIGPLAN\/SIGOPS International Conference on Virtual Execution Environments"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2731186.2731199","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2731186.2731199","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T01:48:17Z","timestamp":1750211297000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2731186.2731199"}},"subtitle":["A Safe Execution Environment for Security Sensitive Applications"],"short-title":[],"issued":{"date-parts":[[2015,3,14]]},"references-count":50,"alternative-id":["10.1145\/2731186.2731199","10.1145\/2731186"],"URL":"https:\/\/doi.org\/10.1145\/2731186.2731199","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/2817817.2731199","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2015,3,14]]},"assertion":[{"value":"2015-03-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}