{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:47:09Z","timestamp":1772164029004,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":77,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,3,19]],"date-time":"2018-03-19T00:00:00Z","timestamp":1521417600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Union","award":["687698"],"award-info":[{"award-number":["687698"]}]},{"DOI":"10.13039\/100000001","name":"NSF","doi-asserted-by":"publisher","award":["#1652259 and #1514261"],"award-info":[{"award-number":["#1652259 and #1514261"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,3,19]]},"DOI":"10.1145\/3173162.3173213","type":"proceedings-article","created":{"date-parts":[[2018,3,22]],"date-time":"2018-03-22T11:15:40Z","timestamp":1521717340000},"page":"722-736","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["DATS - Data Containers for Web Applications"],"prefix":"10.1145","author":[{"given":"Casen","family":"Hunger","sequence":"first","affiliation":[{"name":"The University of Texas at Austin, Austin, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lluis","family":"Vilanova","sequence":"additional","affiliation":[{"name":"Technion - Israel Institute of Technology, Haifa, Israel"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Charalampos","family":"Papamanthou","sequence":"additional","affiliation":[{"name":"The University of Maryland, College Park, MD, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yoav","family":"Etsion","sequence":"additional","affiliation":[{"name":"Technion -- Israel Institute of Technology, Haifa, Israel"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mohit","family":"Tiwari","sequence":"additional","affiliation":[{"name":"The University of Texas at Austin, Austin, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,3,19]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Advanced multi layered unification filesystem (AUFS). http:\/\/aufs. sourceforge.net.  Advanced multi layered unification filesystem (AUFS). http:\/\/aufs. sourceforge.net."},{"key":"e_1_3_2_1_2_1","unstructured":"Celery. http:\/\/www.celeryproject.org.  Celery. http:\/\/www.celeryproject.org."},{"key":"e_1_3_2_1_3_1","unstructured":"CVE Details. http:\/\/www.cvedetails.com\/vulnerability-list.  CVE Details. http:\/\/www.cvedetails.com\/vulnerability-list."},{"key":"e_1_3_2_1_4_1","unstructured":"Docker. http:\/\/docker.com.  Docker. http:\/\/docker.com."},{"key":"e_1_3_2_1_5_1","unstructured":"Recent zero-day exploits. https:\/\/www.fireeye.com\/current-threats\/ recent-zero-day-attacks.html.  Recent zero-day exploits. https:\/\/www.fireeye.com\/current-threats\/ recent-zero-day-attacks.html."},{"key":"e_1_3_2_1_6_1","unstructured":"Flask. http:\/\/flask.pocoo.org.  Flask. http:\/\/flask.pocoo.org."},{"key":"e_1_3_2_1_7_1","unstructured":"Gitlab security vulnerabilities. https:\/\/www.cvedetails.com\/ vulnerability-list\/vendor_id-13074\/Gitlab.html.  Gitlab security vulnerabilities. https:\/\/www.cvedetails.com\/ vulnerability-list\/vendor_id-13074\/Gitlab.html."},{"key":"e_1_3_2_1_8_1","unstructured":"20\n    famous websites vulnerable to cross site scripting (XSS) attack. http:\/\/thehackernews.com\/2011\/09\/20-famous-websitesvulnerable- to-cross.html.  20 famous websites vulnerable to cross site scripting (XSS) attack. http:\/\/thehackernews.com\/2011\/09\/20-famous-websitesvulnerable- to-cross.html."},{"key":"e_1_3_2_1_9_1","unstructured":"HITRUST alliance. https:\/\/hitrustalliance.net. {10} Linux Containers. http:\/\/linuxcontainers.org.  HITRUST alliance. https:\/\/hitrustalliance.net. {10} Linux Containers. http:\/\/linuxcontainers.org."},{"key":"e_1_3_2_1_10_1","unstructured":"Mattermost security updates. https:\/\/about.mattermost.com\/securityupdates\/.  Mattermost security updates. https:\/\/about.mattermost.com\/securityupdates\/."},{"key":"e_1_3_2_1_11_1","unstructured":"Mustache. http:\/\/mustache.github.io.  Mustache. http:\/\/mustache.github.io."},{"key":"e_1_3_2_1_12_1","unstructured":"OWASP top ten project. https:\/\/www.owasp.org\/index.php\/OWASP_ Top_Ten_Project.  OWASP top ten project. https:\/\/www.owasp.org\/index.php\/OWASP_ Top_Ten_Project."},{"key":"e_1_3_2_1_13_1","unstructured":"React - a JavaScript library for building user interfaces. http:\/\/facebook. github.io\/react.  React - a JavaScript library for building user interfaces. http:\/\/facebook. github.io\/react."},{"key":"e_1_3_2_1_14_1","unstructured":"Redis. http:\/\/redis.io.  Redis. http:\/\/redis.io."},{"key":"e_1_3_2_1_15_1","volume-title":"https:\/\/en.wikipedia.org\/wiki\/ Comparison_of_web_template_engines (accessed","author":"Comparison","year":"2017","unstructured":"Comparison of web template engines. https:\/\/en.wikipedia.org\/wiki\/ Comparison_of_web_template_engines (accessed Aug 2017 ). Comparison of web template engines. https:\/\/en.wikipedia.org\/wiki\/ Comparison_of_web_template_engines (accessed Aug 2017)."},{"key":"e_1_3_2_1_16_1","unstructured":"RFC 6455 - the websocket protocol. https:\/\/tools.ietf.org\/html\/rfc6455.  RFC 6455 - the websocket protocol. https:\/\/tools.ietf.org\/html\/rfc6455."},{"key":"e_1_3_2_1_17_1","unstructured":"Wikipedia - SQL Injection. https:\/\/en.wikipedia.org\/wiki\/SQL_ injection#Examples.  Wikipedia - SQL Injection. https:\/\/en.wikipedia.org\/wiki\/SQL_ injection#Examples."},{"key":"e_1_3_2_1_18_1","unstructured":"The security flaws at the heart of the Panama Papers. http:\/\/www.wired.co.uk\/article\/panama-papers-mossack-fonsecawebsite- security-problems.  The security flaws at the heart of the Panama Papers. http:\/\/www.wired.co.uk\/article\/panama-papers-mossack-fonsecawebsite- security-problems."},{"key":"e_1_3_2_1_19_1","unstructured":"WSGI. http:\/\/wsgi.org.  WSGI. http:\/\/wsgi.org."},{"key":"e_1_3_2_1_20_1","volume-title":"Computer Security -- ESORICS","author":"Akhawe D.","year":"2013","unstructured":"D. Akhawe , F. Li , W. He , P. Saxena , and D. Song . Data-confined HTML5 applications . In Computer Security -- ESORICS , 2013 . D. Akhawe, F. Li,W. He, P. Saxena, and D. Song. Data-confined HTML5 applications. In Computer Security -- ESORICS, 2013."},{"key":"e_1_3_2_1_21_1","volume-title":"SCONE: Secure Linux Containers with Intel SGX. In Symp. on Operating Systems Design and Implementation (OSDI)","author":"Arnautov S.","year":"2016","unstructured":"S. Arnautov , B. Trach , F. Gregor , T. Knauth , A. Martin , C. Priebe , J. Lind , D. Muthukumaran , D. O'Keeffe , M. L. Stillwell , D. Goltzsche , D. Eyers , R. Kapitza , P. Pietzuch , and C. Fetzer . SCONE: Secure Linux Containers with Intel SGX. In Symp. on Operating Systems Design and Implementation (OSDI) , Nov. 2016 . S. Arnautov, B. Trach, F. Gregor, T. Knauth, A. Martin, C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe, M. L. Stillwell, D. Goltzsche, D. Eyers, R. Kapitza, P. Pietzuch, and C. Fetzer. SCONE: Secure Linux Containers with Intel SGX. In Symp. on Operating Systems Design and Implementation (OSDI), Nov. 2016."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866341"},{"key":"e_1_3_2_1_23_1","volume-title":"Multiple facets for dynamic information flow","author":"Austin T. H.","year":"2012","unstructured":"T. H. Austin and C. Flanagan . Multiple facets for dynamic information flow . Jan. 2012 . T. H. Austin and C. Flanagan. Multiple facets for dynamic information flow. Jan. 2012."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/1924943.1924957"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1555754.1555777"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346322"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382201"},{"key":"e_1_3_2_1_28_1","volume-title":"ACM Symp. on Cloud Computing (SoCC)","author":"Cheng R.","year":"2016","unstructured":"R. Cheng , W. Scott , P. Ellenbogen , J. Howell , F. Roesner , A. Krishnamurthy , and T. Anderson . Radiatus: Strong user isolation for scalable web applications . In ACM Symp. on Cloud Computing (SoCC) , Oct. 2016 . R. Cheng, W. Scott, P. Ellenbogen, J. Howell, F. Roesner, A. Krishnamurthy, and T. Anderson. Radiatus: Strong user isolation for scalable web applications. In ACM Symp. on Cloud Computing (SoCC), Oct. 2016."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250662.1250722"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/365230.365252"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.15"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/11787006_1"},{"key":"e_1_3_2_1_34_1","volume-title":"Labels and Event Processes in the Asbestos Operating System","author":"Efstathopoulos P.","year":"2005","unstructured":"P. Efstathopoulos , M. Krohn , S. VanDeBogart , C. Frey , D. Ziegler , E. Kohler , D. Mazi\u00e8res , F. Kaashoek , and R. Morris . Labels and Event Processes in the Asbestos Operating System . Oct. 2005 . P. Efstathopoulos, M. Krohn, S. VanDeBogart, C. Frey, D. Ziegler, E. Kohler, D. Mazi\u00e8res, F. Kaashoek, and R. Morris. Labels and Event Processes in the Asbestos Operating System. Oct. 2005."},{"key":"e_1_3_2_1_35_1","volume-title":"USENIX Security Symposium","author":"Feldman A. J.","year":"2012","unstructured":"A. J. Feldman , A. Blankstein , M. J. Freedman , and E. W. Felten . Social networking with frientegrity: privacy and integrity with an untrusted provider . In USENIX Security Symposium , Aug. 2012 . A. J. Feldman, A. Blankstein, M. J. Freedman, and E. W. Felten. Social networking with frientegrity: privacy and integrity with an untrusted provider. In USENIX Security Symposium, Aug. 2012."},{"key":"e_1_3_2_1_36_1","volume-title":"IBM Research Division","author":"Felter W.","year":"2014","unstructured":"W. Felter , A. Ferreira , R. Rajamony , and J. Rubio . An updated performance comparison of virtual machines and linux containers. Technical report , IBM Research Division , July 2014 . W. Felter, A. Ferreira, R. Rajamony, and J. Rubio. An updated performance comparison of virtual machines and linux containers. Technical report, IBM Research Division, July 2014."},{"key":"e_1_3_2_1_37_1","volume-title":"Symp. on Operating Systems Design and Implementation (OSDI)","author":"Giffin D. B.","year":"2012","unstructured":"D. B. Giffin , A. Levy , D. Stefan , D. Terei , J. Mitchell , D. Mazi\u00e8res , and A. Russo . Hails: Protecting data privacy in untrusted web applications . In Symp. on Operating Systems Design and Implementation (OSDI) , Oct. 2012 . D. B. Giffin, A. Levy, D. Stefan, D. Terei, J. Mitchell, D. Mazi\u00e8res, and A. Russo. Hails: Protecting data privacy in untrusted web applications. In Symp. on Operating Systems Design and Implementation (OSDI), Oct. 2012."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.1982.10014"},{"key":"e_1_3_2_1_39_1","volume-title":"Symp. on Operating Systems Design and Implementation (OSDI)","author":"Hunt T.","year":"2016","unstructured":"T. Hunt , Z. Zhu , Y. Xu , S. Peter , and E. Witchel . Ryoan: A distributed sandbox for untrusted computation on secret data . In Symp. on Operating Systems Design and Implementation (OSDI) , Nov. 2016 . T. Hunt, Z. Zhu, Y. Xu, S. Peter, and E. Witchel. Ryoan: A distributed sandbox for untrusted computation on secret data. In Symp. on Operating Systems Design and Implementation (OSDI), Nov. 2016."},{"key":"e_1_3_2_1_40_1","unstructured":"Intel Software Guard Extensions Programming Reference. Intel Oct. 2014.  Intel Software Guard Extensions Programming Reference. Intel Oct. 2014."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_3_2_1_42_1","volume-title":"MIT","author":"Krohn M.","year":"2008","unstructured":"M. Krohn . Information Flow Control for Secure Web Sites. PhD thesis , MIT , 2008 . M. Krohn. Information Flow Control for Secure Web Sites. PhD thesis, MIT, 2008."},{"key":"e_1_3_2_1_43_1","volume-title":"USENIX Symp. on Networked Systems Design and Implementation (NSDI)","author":"Lee S.","year":"2013","unstructured":"S. Lee , E. L. Wong , D. Goel , M. Dahlin , and V. Shmatikov . - Box: A platform for privacy-preserving apps . In USENIX Symp. on Networked Systems Design and Implementation (NSDI) , Apr. 2013 . S. Lee, E. L. Wong, D. Goel, M. Dahlin, and V. Shmatikov. - Box: A platform for privacy-preserving apps. In USENIX Symp. on Networked Systems Design and Implementation (NSDI), Apr. 2013."},{"key":"e_1_3_2_1_44_1","volume-title":"Digital Press","author":"Levy H. M.","year":"1984","unstructured":"H. M. Levy . Capability-Based Computer Systems . Digital Press , 1984 . H. M. Levy. Capability-Based Computer Systems. Digital Press, 1984."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2007.367856"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629606"},{"key":"e_1_3_2_1_47_1","volume-title":"USENIX Annual Technical Conf. (ATC)","author":"Loscocco P.","year":"2001","unstructured":"P. Loscocco and S. Smalley . Integrating flexible support for security policies into the linux operating system . In USENIX Annual Technical Conf. (ATC) , 2001 . P. Loscocco and S. Smalley. Integrating flexible support for security policies into the linux operating system. In USENIX Annual Technical Conf. (ATC), 2001."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1217299.1217302"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1559845.1559850"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2213836.2213876"},{"key":"e_1_3_2_1_51_1","volume-title":"USENIX Security Symposium","author":"Nadkarni A.","year":"2016","unstructured":"A. Nadkarni , B. Andow , W. Enck , and S. Jha . Practical DIFC enforcement on Android . In USENIX Security Symposium , Aug. 2016 . A. Nadkarni, B. Andow, W. Enck, and S. Jha. Practical DIFC enforcement on Android. In USENIX Security Symposium, Aug. 2016."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.21"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.32"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1807167.1807247"},{"key":"e_1_3_2_1_55_1","volume-title":"USENIX Symp. on Networked Systems Design and Implementation (NSDI)","author":"Roy I.","year":"2010","unstructured":"I. Roy , S. T. Setty , A. Kilzer , V. Shmatikov , and E. Witchel . Airavat: Security and privacy for mapreduce . In USENIX Symp. on Networked Systems Design and Implementation (NSDI) , Apr. 2010 . I. Roy, S. T. Setty, A. Kilzer, V. Shmatikov, and E. Witchel. Airavat: Security and privacy for mapreduce. In USENIX Symp. on Networked Systems Design and Implementation (NSDI), Apr. 2010."},{"key":"e_1_3_2_1_56_1","unstructured":"B. Russell. KVM and Docker LXC Benchmarking with Open- Stack. http:\/\/bodenr.blogspot.com\/2014\/05\/kvm-and-docker-lxcbenchmarking- with.html.  B. Russell. KVM and Docker LXC Benchmarking with Open- Stack. http:\/\/bodenr.blogspot.com\/2014\/05\/kvm-and-docker-lxcbenchmarking- with.html."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/1655148.1655155"},{"key":"e_1_3_2_1_59_1","volume-title":"NAI Labs","author":"Smalley S.","year":"2001","unstructured":"S. Smalley , C. Vance , and W. Salamon . Implementing SELinux as a Linux Security Module. Technical report , NAI Labs , Dec. 2001 . S. Smalley, C. Vance, and W. Salamon. Implementing SELinux as a Linux Security Module. Technical report, NAI Labs, Dec. 2001."},{"key":"e_1_3_2_1_60_1","volume-title":"Symp. on Operating Systems Design and Implementation (OSDI)","author":"Stefan D.","year":"2014","unstructured":"D. Stefan , E. Z. Yang , P. Marchenko , A. Russo , D. Herman , B. Karp , and D. Mazi\u00e8res . Protecting users by confining javascript with COWL . In Symp. on Operating Systems Design and Implementation (OSDI) , Oct. 2014 . D. Stefan, E. Z. Yang, P. Marchenko, A. Russo, D. Herman, B. Karp, and D. Mazi\u00e8res. Protecting users by confining javascript with COWL. In Symp. on Operating Systems Design and Implementation (OSDI), Oct. 2014."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420985"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1142\/S0218488502001648"},{"key":"e_1_3_2_1_63_1","volume-title":"Proceedings of the 7th USENIX Workshop on Hot Topics in Security","author":"Tiwari M.","year":"2012","unstructured":"M. Tiwari , P. Mohan , A. Osheroff , H. Alkaff , E. Shi , E. Love , D. Song , and K. Asanovi?. Context-centric security . In Proceedings of the 7th USENIX Workshop on Hot Topics in Security , Aug. 2012 . M. Tiwari, P. Mohan, A. Osheroff, H. Alkaff, E. Shi, E. Love, D. Song, and K. Asanovi?. Context-centric security. In Proceedings of the 7th USENIX Workshop on Hot Topics in Security, Aug. 2012."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046660.2046671"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.5555\/2665671.2665741"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064197"},{"key":"e_1_3_2_1_67_1","author":"Volpano D.","year":"2009","unstructured":"D. Volpano , G. Smith , and C. Irvine . A sound type system for secure flow analysis. Journal of Computer Security , Sept. 2009 . D. Volpano, G. Smith, and C. Irvine. A sound type system for secure flow analysis. Journal of Computer Security, Sept. 2009.","journal-title":"Journal of Computer Security"},{"key":"e_1_3_2_1_68_1","volume-title":"USENIX Security Symposium","author":"Watson R. N. M.","year":"2010","unstructured":"R. N. M. Watson , J. Anderson , B. Laurie , and K. Kennaway . Capsicum: practical capabilities for UNIX . In USENIX Security Symposium , Aug. 2010 . R. N. M. Watson, J. Anderson, B. Laurie, and K. Kennaway. Capsicum: practical capabilities for UNIX. In USENIX Security Symposium, Aug. 2010."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.9"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/2741948.2741966"},{"key":"e_1_3_2_1_71_1","volume-title":"USENIX Symp. on Networked Systems Design and Implementation (NSDI)","author":"Xu Y.","year":"2016","unstructured":"Y. Xu and E. Witchel . Earp: Principled storage, sharing, and protection for mobile apps . In USENIX Symp. on Networked Systems Design and Implementation (NSDI) , Mar. 2016 . Y. Xu and E. Witchel. Earp: Principled storage, sharing, and protection for mobile apps. In USENIX Symp. on Networked Systems Design and Implementation (NSDI), Mar. 2016."},{"key":"e_1_3_2_1_72_1","volume-title":"USENIX Annual Technical Conf. (ATC)","author":"Xu Y.","year":"2014","unstructured":"Y. Xu , A. M. Dunn , O. S. Hofmann , M. Z. Lee , S. A. Mehdi , and E. Witchel . Application-defined decentralized access control . In USENIX Annual Technical Conf. (ATC) , June 2014 . Y. Xu, A. M. Dunn, O. S. Hofmann, M. Z. Lee, S. A. Mehdi, and E. Witchel. Application-defined decentralized access control. In USENIX Annual Technical Conf. (ATC), June 2014."},{"key":"e_1_3_2_1_73_1","volume-title":"Alanguage for automatically enforcing privacy policies","author":"Yang J.","year":"2012","unstructured":"J. Yang , K. Yessenov , and A. Solar-Lezama . Alanguage for automatically enforcing privacy policies . Jan. 2012 . J. Yang, K. Yessenov, and A. Solar-Lezama. Alanguage for automatically enforcing privacy policies. Jan. 2012."},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629604"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.5555\/872752.873524"},{"key":"e_1_3_2_1_76_1","volume-title":"Making Information Flow Explicit in HiStar. In Symp. on Operating Systems Design and Implementation (OSDI)","author":"Zeldovich N.","year":"2006","unstructured":"N. Zeldovich , S. Boyd-Wickizer , E. Kohler , and D. Mazi\u00e8res . Making Information Flow Explicit in HiStar. In Symp. on Operating Systems Design and Implementation (OSDI) , Nov. 2006 . N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazi\u00e8res. Making Information Flow Explicit in HiStar. In Symp. on Operating Systems Design and Implementation (OSDI), Nov. 2006."},{"key":"e_1_3_2_1_77_1","volume-title":"Symp. on Operating Systems Design and Implementation (OSDI)","author":"Zeldovich N.","year":"2008","unstructured":"N. Zeldovich , H. Kannan , M. Dalton , and C. Kozyrakis . Hardware enforcement of application security policies using tagged memory . In Symp. on Operating Systems Design and Implementation (OSDI) , Dec. 2008 . N. Zeldovich, H. Kannan, M. Dalton, and C. Kozyrakis. Hardware enforcement of application security policies using tagged memory. In Symp. on Operating Systems Design and Implementation (OSDI), Dec. 2008."},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813711"}],"event":{"name":"ASPLOS '18: Architectural Support for Programming Languages and Operating Systems","location":"Williamsburg VA USA","acronym":"ASPLOS '18","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages","SIGOPS ACM Special Interest Group on Operating Systems","SIGARCH ACM Special Interest Group on Computer Architecture","SIGBED ACM Special Interest Group on Embedded Systems"]},"container-title":["Proceedings of the Twenty-Third International Conference on Architectural Support for Programming Languages and Operating Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3173162.3173213","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3173162.3173213","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3173162.3173213","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:26:23Z","timestamp":1750199183000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3173162.3173213"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,19]]},"references-count":77,"alternative-id":["10.1145\/3173162.3173213","10.1145\/3173162"],"URL":"https:\/\/doi.org\/10.1145\/3173162.3173213","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/3296957.3173213","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2018,3,19]]},"assertion":[{"value":"2018-03-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}