{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,5]],"date-time":"2026-04-05T10:16:29Z","timestamp":1775384189759,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":76,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,10,27]],"date-time":"2019-10-27T00:00:00Z","timestamp":1572134400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1413920, CNS-1812522"],"award-info":[{"award-number":["CNS-1413920, CNS-1812522"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,10,27]]},"DOI":"10.1145\/3341301.3359661","type":"proceedings-article","created":{"date-parts":[[2019,10,21]],"date-time":"2019-10-21T13:34:22Z","timestamp":1571664862000},"page":"97-113","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":17,"title":["Notary"],"prefix":"10.1145","author":[{"given":"Anish","family":"Athalye","sequence":"first","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Adam","family":"Belay","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"M. Frans","family":"Kaashoek","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Robert","family":"Morris","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Nickolai","family":"Zeldovich","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]}],"member":"320","published-online":{"date-parts":[[2019,10,27]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Electrum Bitcoin wallet. https:\/\/electrum.org\/.  Electrum Bitcoin wallet. https:\/\/electrum.org\/."},{"key":"e_1_3_2_1_2_1","unstructured":"KeepKey. https:\/\/shapeshift.io\/keepkey\/.  KeepKey. https:\/\/shapeshift.io\/keepkey\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Ledger hardware wallets. https:\/\/www.ledger.com\/.  Ledger hardware wallets. https:\/\/www.ledger.com\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Trezor. https:\/\/trezor.io\/.  Trezor. https:\/\/trezor.io\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Yubico. https:\/\/www.yubico.com\/.  Yubico. https:\/\/www.yubico.com\/."},{"key":"e_1_3_2_1_6_1","volume-title":"Feb.","author":"Rapport","year":"2019","unstructured":"Rapport de certification ANSSI-CSPN-2019\/03. https:\/\/www.ssi.gouv.ft\/uploads\/2019\/02\/anssi-cspn-2019_03fr.pdf , Feb. 2019 . Rapport de certification ANSSI-CSPN-2019\/03. https:\/\/www.ssi.gouv.ft\/uploads\/2019\/02\/anssi-cspn-2019_03fr.pdf, Feb. 2019."},{"key":"e_1_3_2_1_7_1","volume-title":"Feb.","author":"Ledger","year":"2019","unstructured":"Ledger documentation hub. https:\/\/buildmedia.readthedocs.org\/media\/pdf\/ledger\/latest\/ledger.pdf , Feb. 2019 . Ledger documentation hub. https:\/\/buildmedia.readthedocs.org\/media\/pdf\/ledger\/latest\/ledger.pdf, Feb. 2019."},{"key":"e_1_3_2_1_8_1","volume-title":"Mar.","author":"Web","year":"2019","unstructured":"Web authentication : An API for accessing public key credentials. https:\/\/www.w3.org\/TR\/webauthn\/ , Mar. 2019 . Web authentication: An API for accessing public key credentials. https:\/\/www.w3.org\/TR\/webauthn\/, Mar. 2019."},{"key":"e_1_3_2_1_9_1","volume-title":"Apr.","author":"USB","year":"2019","unstructured":"Web USB API. https:\/\/wicg.github.io\/webusb\/ , Apr. 2019 . WebUSB API. https:\/\/wicg.github.io\/webusb\/, Apr. 2019."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/0167-6423(93)90002-7"},{"key":"e_1_3_2_1_11_1","unstructured":"ABN AMRO. E.dentifier2. https:\/\/www.abnamro.nl\/en\/mobile\/images\/Generiek\/PDFs\/Overig\/edentifier2_usermanual_english.pdf.  ABN AMRO. E.dentifier2. https:\/\/www.abnamro.nl\/en\/mobile\/images\/Generiek\/PDFs\/Overig\/edentifier2_usermanual_english.pdf."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the 2002 IACR Workshop on Cryptographic Hardware and Embedded Systems (CHES)","author":"Agrawal D.","year":"2002","unstructured":"D. Agrawal , B. Archambeault , J. R. Rao , and P. Rohatgi . The EM side-channels) . In Proceedings of the 2002 IACR Workshop on Cryptographic Hardware and Embedded Systems (CHES) , Redwood City, CA , Aug. 2002 . D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi. The EM side-channels). In Proceedings of the 2002 IACR Workshop on Cryptographic Hardware and Embedded Systems (CHES), Redwood City, CA, Aug. 2002."},{"key":"e_1_3_2_1_13_1","unstructured":"Apple Inc. iOS security. https:\/\/www.apple.com\/business\/site\/docs\/iOS_Security_Guide.pdf Nov. 2018.  Apple Inc. iOS security. https:\/\/www.apple.com\/business\/site\/docs\/iOS_Security_Guide.pdf Nov. 2018."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629579"},{"key":"e_1_3_2_1_15_1","first-page":"49","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Belay A.","year":"2014","unstructured":"A. Belay , G. Prekas , A. Klimovic , S. Grossman , C. Kozyrakis , and E. Bugnion . IX: A protected dataplane operating system for high throughput and low latency . In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 49 -- 65 , Broomfield, CO , Oct. 2014 . A. Belay, G. Prekas, A. Klimovic, S. Grossman, C. Kozyrakis, and E. Bugnion. IX: A protected dataplane operating system for high throughput and low latency. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 49--65, Broomfield, CO, Oct. 2014."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358310"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/268998.266672"},{"key":"e_1_3_2_1_18_1","unstructured":"J. Carr. NamedManager. https:\/\/github.com\/jethrocarr\/namedmanager.  J. Carr. NamedManager. https:\/\/github.com\/jethrocarr\/namedmanager."},{"key":"e_1_3_2_1_19_1","volume-title":"Oct.","year":"2018","unstructured":"CipherTrace. Cryptocurrency anti-money laundering report. https:\/\/ciphertrace.com\/wp-content\/uploads\/2018\/10\/crypto_aml_report_2018q3.pdf , Oct. 2018 . CipherTrace. Cryptocurrency anti-money laundering report. https:\/\/ciphertrace.com\/wp-content\/uploads\/2018\/10\/crypto_aml_report_2018q3.pdf, Oct. 2018."},{"key":"e_1_3_2_1_20_1","volume-title":"Nov.","author":"Claburn T.","year":"2018","unstructured":"T. Claburn . Check your repos... crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week). https:\/\/www.theregister.co.uk\/2018\/11\/26\/npm_repo_bitcoin_stealer\/ , Nov. 2018 . T. Claburn. Check your repos... crypto-coin-stealing code sneaks into fairly popular NPM lib (2m downloads per week). https:\/\/www.theregister.co.uk\/2018\/11\/26\/npm_repo_bitcoin_stealer\/, Nov. 2018."},{"key":"e_1_3_2_1_21_1","volume-title":"Dec.","year":"2018","unstructured":"CoolStar. Electra. https:\/\/coolstar.org\/electra\/ , Dec. 2018 . CoolStar. Electra. https:\/\/coolstar.org\/electra\/, Dec. 2018."},{"key":"e_1_3_2_1_23_1","first-page":"89","volume-title":"Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Cutler C.","year":"2018","unstructured":"C. Cutler , M. F. Kaashoek , and R. T. Morris . The benefits and costs of writing a POSIX kernel in a high-level language . In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 89 -- 105 , Carlsbad, CA , Oct. 2018 . C. Cutler, M. F. Kaashoek, and R. T. Morris. The benefits and costs of writing a POSIX kernel in a high-level language. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 89--105, Carlsbad, CA, Oct. 2018."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00048"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-78800-3_24"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132782"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3037697.3037739"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243743"},{"key":"e_1_3_2_1_29_1","volume-title":"Dec.","author":"Fleming M.","year":"2017","unstructured":"M. Fleming . A thorough introduction to eBPF. https:\/\/lwn.net\/Articles\/740157\/ , Dec. 2017 . M. Fleming. A thorough introduction to eBPF. https:\/\/lwn.net\/Articles\/740157\/, Dec. 2017."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44371-2_25"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2676726.2676975"},{"key":"e_1_3_2_1_32_1","first-page":"653","volume-title":"Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Gu R.","year":"2016","unstructured":"R. Gu , Z. Shao , H. Chen , X. N. Wu , J. Kim , V. Sj\u00f6berg , and D. Costanzo . CertiKOS: An extensible architecture for building certified concurrent OS kernels . In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 653 -- 669 , Savannah, GA , Nov. 2016 . R. Gu, Z. Shao, H. Chen, X. N. Wu, J. Kim, V. Sj\u00f6berg, and D. Costanzo. CertiKOS: An extensible architecture for building certified concurrent OS kernels. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 653--669, Savannah, GA, Nov. 2016."},{"key":"e_1_3_2_1_33_1","volume-title":"Mar.","author":"Guillemet C.","year":"2018","unstructured":"C. Guillemet . Firmware 1.4 : deep dive into three vulnerabilities which have been fixed. https:\/\/www.ledger.com\/2018\/03\/20\/firmware-1-4-deep-dive-security-fixes\/ , Mar. 2018 . C. Guillemet. Firmware 1.4: deep dive into three vulnerabilities which have been fixed. https:\/\/www.ledger.com\/2018\/03\/20\/firmware-1-4-deep-dive-security-fixes\/, Mar. 2018."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2611765.2611776"},{"key":"e_1_3_2_1_35_1","first-page":"165","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Hawblitzel C.","year":"2014","unstructured":"C. Hawblitzel , J. Howell , J. R. Lorch , A. Narayan , B. Parno , D. Zhang , and B. Zill . Ironclad Apps: End-to-end security via automated full-system verification . In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 165 -- 181 , Broomfield, CO , Oct. 2014 . C. Hawblitzel, J. Howell, J. R. Lorch, A. Narayan, B. Parno, D. Zhang, and B. Zill. Ironclad Apps: End-to-end security via automated full-system verification. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 165--181, Broomfield, CO, Oct. 2014."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/3230627"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132786"},{"key":"e_1_3_2_1_40_1","first-page":"973","volume-title":"Proceedings of the 27th USENIX Security Symposium","author":"Lipp M.","year":"2018","unstructured":"M. Lipp , M. Schwarz , D. Gruss , T. Prescher , W. Haas , A. Fogh , J. Horn , S. Mangard , P. Kocher , D. Genkin , Y. Yarom , and M. Hamburg . Meltdown: Reading kernel memory from user space . In Proceedings of the 27th USENIX Security Symposium , pages 973 -- 990 , Baltimore, MD , Aug. 2018 . M. Lipp, M. Schwarz, D. Gruss, T. Prescher, W. Haas, A. Fogh, J. Horn, S. Mangard, P. Kocher, D. Genkin, Y. Yarom, and M. Hamburg. Meltdown: Reading kernel memory from user space. In Proceedings of the 27th USENIX Security Symposium, pages 973--990, Baltimore, MD, Aug. 2018."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2016.7446082"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3230543.3230582"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 2012 USENIX Annual Technical Conference","author":"Martignoni L.","year":"2012","unstructured":"L. Martignoni , P. Poosankam , M. Zaharia , J. Han , S. McCamant , D. Song , V. Paxson , A. Perrig , S. Shenker , and I. Stoica . Cloud terminal: Secure access to sensitive applications from untrusted systems . In Proceedings of the 2012 USENIX Annual Technical Conference , Boston, MA , June 2012 . L. Martignoni, P. Poosankam, M. Zaharia, J. Han, S. McCamant, D. Song, V. Paxson, A. Perrig, S. Shenker, and I. Stoica. Cloud terminal: Secure access to sensitive applications from untrusted systems. In Proceedings of the 2012 USENIX Annual Technical Conference, Boston, MA, June 2012."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44499-8_6"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/1352592.1352625"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1476589.1476628"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/3132747.3132748"},{"key":"e_1_3_2_1_48_1","first-page":"227","volume-title":"Proceedings of the 2018 USENIX Annual Technical Conference","author":"Oleksenko O.","year":"2018","unstructured":"O. Oleksenko , B. Trach , R. Krahn , M. Silberstein , and C. Fetzer . Varys: Protecting SGX enclaves from practical side-channel attacks . In Proceedings of the 2018 USENIX Annual Technical Conference , pages 227 -- 240 , Boston, MA , July 2018 . O. Oleksenko, B. Trach, R. Krahn, M. Silberstein, and C. Fetzer. Varys: Protecting SGX enclaves from practical side-channel attacks. In Proceedings of the 2018 USENIX Annual Technical Conference, pages 227--240, Boston, MA, July 2018."},{"key":"e_1_3_2_1_49_1","unstructured":"Pangu Team. Pangu jailbreak. http:\/\/en.pangu.io\/ July 2016.  Pangu Team. Pangu jailbreak. http:\/\/en.pangu.io\/ July 2016."},{"key":"e_1_3_2_1_50_1","first-page":"1","volume-title":"Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Peter S.","year":"2014","unstructured":"S. Peter , J. Li , I. Zhang , D. R. K. Ports , D. Woos , A. Krishnamurthy , T. Anderson , and T. Roscoe . Arrakis: The operating system is the control plane . In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 1 -- 16 , Broomfield, CO , Oct. 2014 . S. Peter, J. Li, I. Zhang, D. R. K. Ports, D. Woos, A. Krishnamurthy, T. Anderson, and T. Roscoe. Arrakis: The operating system is the control plane. In Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 1--16, Broomfield, CO, Oct. 2014."},{"key":"e_1_3_2_1_51_1","first-page":"221","volume-title":"Proceedings of the 21st USENIX Security Symposium","author":"Rahmati A.","year":"2012","unstructured":"A. Rahmati , M. Salajegheh , D. E. Holcomb , J. Sorber , W. P. Burleson , and K. Fu . TARDIS: Time and remanence decay in SRAM to implement secure protocols on embedded devices without clocks . In Proceedings of the 21st USENIX Security Symposium , pages 221 -- 236 , Bellevue, WA , Aug. 2012 . A. Rahmati, M. Salajegheh, D. E. Holcomb, J. Sorber, W. P. Burleson, and K. Fu. TARDIS: Time and remanence decay in SRAM to implement secure protocols on embedded devices without clocks. In Proceedings of the 21st USENIX Security Symposium, pages 221--236, Bellevue, WA, Aug. 2012."},{"key":"e_1_3_2_1_52_1","volume-title":"Aug.","author":"Team Riscure","year":"2018","unstructured":"Riscure Team . Hacking the ultra-secure hardware cryptowal-let. https:\/\/www.riscure.com\/blog\/hacking-ultra-secure-hardware-cryptowallet\/ , Aug. 2018 . Riscure Team. Hacking the ultra-secure hardware cryptowal-let. https:\/\/www.riscure.com\/blog\/hacking-ultra-secure-hardware-cryptowallet\/, Aug. 2018."},{"key":"e_1_3_2_1_53_1","volume-title":"Oct.","author":"Security RSA","year":"2015","unstructured":"RSA Security . RSA SecurID hardware tokens. https:\/\/www.rsa.com\/content\/dam\/en\/data-sheet\/rsa-securid-hardware-tokens.pdf , Oct. 2015 . RSA Security. RSA SecurID hardware tokens. https:\/\/www.rsa.com\/content\/dam\/en\/data-sheet\/rsa-securid-hardware-tokens.pdf, Oct. 2015."},{"key":"e_1_3_2_1_54_1","volume-title":"Jan.","author":"Rutkowska J.","year":"2010","unstructured":"J. Rutkowska and R. Wojtczuk . Qubes OS architecture. https:\/\/www.qubes-os.org\/attachment\/wiki\/QubesArchitecture\/arch-spec-0.3.pdf , Jan. 2010 . J. Rutkowska and R. Wojtczuk. Qubes OS architecture. https:\/\/www.qubes-os.org\/attachment\/wiki\/QubesArchitecture\/arch-spec-0.3.pdf, Jan. 2010."},{"issue":"9","key":"e_1_3_2_1_55_1","first-page":"1278","volume":"63","author":"Saltzer J. H.","year":"1975","unstructured":"J. H. Saltzer and M. D. Schroeder . The protection of information in computer systems. Proceedings of the IEEE , 63 ( 9 ): 1278 -- 1308 , Sept. 1975 . J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278--1308, Sept. 1975.","journal-title":"The protection of information in computer systems. Proceedings of the IEEE"},{"key":"e_1_3_2_1_56_1","volume-title":"June","year":"2018","unstructured":"SatoshiLabs. Details about the security updates in Trezor One firmware 1.6.2. https:\/\/blog.trezor.io\/details-about-the-security-updates-in-trezor-one-firmware-1-6-2-a3b25b668e98 , June 2018 . SatoshiLabs. Details about the security updates in Trezor One firmware 1.6.2. https:\/\/blog.trezor.io\/details-about-the-security-updates-in-trezor-one-firmware-1-6-2-a3b25b668e98, June 2018."},{"key":"e_1_3_2_1_57_1","volume-title":"Aug.","year":"2018","unstructured":"SatoshiLabs. Trezor one: Firmware update 1.6.3. https:\/\/blog.trezor.io\/trezor-one-firmware-update-1-6-3-73894c0506d , Aug. 2018 . SatoshiLabs. Trezor one: Firmware update 1.6.3. https:\/\/blog.trezor.io\/trezor-one-firmware-update-1-6-3-73894c0506d, Aug. 2018."},{"key":"e_1_3_2_1_58_1","volume-title":"Dec.","year":"2018","unstructured":"SatoshiLabs. Details about the security updates in Trezor One firmware 1.7.2. https:\/\/blog.trezor.io\/details-about-the-security-updates-in-trezor-one-firmware-1-7-2-3c97adbf121e , Dec. 2018 . SatoshiLabs. Details about the security updates in Trezor One firmware 1.7.2. https:\/\/blog.trezor.io\/details-about-the-security-updates-in-trezor-one-firmware-1-7-2-3c97adbf121e, Dec. 2018."},{"key":"e_1_3_2_1_59_1","volume-title":"Mar.","author":"Seaborn M.","year":"2015","unstructured":"M. Seaborn and T. Dullien . Exploiting the DRAM rowhammer bug to gain kernel privileges. https:\/\/googleprojectzero.blogspot.com\/2015\/03\/exploiting-dram-rowhammer-bug-to-gain.html , Mar. 2015 . M. Seaborn and T. Dullien. Exploiting the DRAM rowhammer bug to gain kernel privileges. https:\/\/googleprojectzero.blogspot.com\/2015\/03\/exploiting-dram-rowhammer-bug-to-gain.html, Mar. 2015."},{"key":"e_1_3_2_1_60_1","first-page":"287","volume-title":"Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Sigurbjarnarson H.","year":"2018","unstructured":"H. Sigurbjarnarson , L. Nelson , B. Castro-Karney , J. Bornholt , E. Torlak , and X. Wang . Nickel: A framework for design and verification of information flow control systems . In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 287 -- 306 , Carlsbad, CA , Oct. 2018 . H. Sigurbjarnarson, L. Nelson, B. Castro-Karney, J. Bornholt, E. Torlak, and X. Wang. Nickel: A framework for design and verification of information flow control systems. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 287--306, Carlsbad, CA, Oct. 2018."},{"key":"e_1_3_2_1_61_1","volume-title":"Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Soares L.","year":"2010","unstructured":"L. Soares and M. Stumm . FlexSC: Flexible system call scheduling with exception-less system calls . In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , Vancouver, Canada , Oct. 2010 . L. Soares and M. Stumm. FlexSC: Flexible system call scheduling with exception-less system calls. In Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Vancouver, Canada, Oct. 2010."},{"key":"e_1_3_2_1_62_1","first-page":"u2f","author":"Srinivas S.","year":"2016","unstructured":"S. Srinivas , D. Balfanz , E. Tiffany , and A. Czeskis . Universal 2nd Factor (U2F) overview. https:\/\/fidoalliance.org\/specs\/fido-u2f-v1.1-id- 2016 0915Zfido- u2f -overview-v1.1-id-20160915.pdf, Sept. 2016. S. Srinivas, D. Balfanz, E. Tiffany, and A. Czeskis. Universal 2nd Factor (U2F) overview. https:\/\/fidoalliance.org\/specs\/fido-u2f-v1.1-id-20160915Zfido-u2f-overview-v1.1-id-20160915.pdf, Sept. 2016.","journal-title":"Universal 2nd Factor (U2F) overview. https:\/\/fidoalliance.org\/specs\/fido-u2f-v1.1-id-"},{"key":"e_1_3_2_1_63_1","first-page":"77","volume-title":"Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Tang Y.","year":"2012","unstructured":"Y. Tang , P. Ames , S. Bhamidipati , A. Bijlani , R. Geambasu , and N. Sarda . CleanOS: Limiting mobile data exposure with idle eviction . In Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 77 -- 91 , Hollywood, CA , Oct. 2012 . Y. Tang, P. Ames, S. Bhamidipati, A. Bijlani, R. Geambasu, and N. Sarda. CleanOS: Limiting mobile data exposure with idle eviction. In Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 77--91, Hollywood, CA, Oct. 2012."},{"key":"e_1_3_2_1_64_1","volume-title":"Apr.","author":"Thomas A.","year":"2019","unstructured":"A. Thomas and J. Segura . Electrum Bitcoin wallets under siege. https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/electrum-bitcoin-wallets-under-siege\/ , Apr. 2019 . A. Thomas and J. Segura. Electrum Bitcoin wallets under siege. https:\/\/blog.malwarebytes.com\/cybercrime\/2019\/04\/electrum-bitcoin-wallets-under-siege\/, Apr. 2019."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594340"},{"key":"e_1_3_2_1_66_1","unstructured":"Trusted Computing Group. Trusted Platform Module. https:\/\/www.trustedcomputinggroup.org\/groups\/tpm\/.  Trusted Computing Group. Trusted Platform Module. https:\/\/www.trustedcomputinggroup.org\/groups\/tpm\/."},{"key":"e_1_3_2_1_67_1","first-page":"687","volume-title":"Proceedings of the 23rd USENIX Security Symposium","author":"Varadarajan V.","year":"2014","unstructured":"V. Varadarajan , T. Ristenpart , and M. M. Swift . Scheduler-based defenses against cross-VM side-channels . In Proceedings of the 23rd USENIX Security Symposium , pages 687 -- 702 , San Diego, CA , Aug. 2014 . V. Varadarajan, T. Ristenpart, and M. M. Swift. Scheduler-based defenses against cross-VM side-channels. In Proceedings of the 23rd USENIX Security Symposium, pages 687--702, San Diego, CA, Aug. 2014."},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-30921-2_3"},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOCS.2012.24"},{"key":"e_1_3_2_1_70_1","volume-title":"Privileged architecture. https:\/\/riscv.org\/specifications\/privileged-isa\/","author":"Waterman A.","year":"2019","unstructured":"A. Waterman and K. Asanovic . The RISC-V instruction set manual , volume II : Privileged architecture. https:\/\/riscv.org\/specifications\/privileged-isa\/ , June 2019 . A. Waterman and K. Asanovic. The RISC-V instruction set manual, volume II: Privileged architecture. https:\/\/riscv.org\/specifications\/privileged-isa\/, June 2019."},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.5555\/2337159.2337213"},{"key":"e_1_3_2_1_72_1","volume-title":"https:\/\/github.com\/cliffordwolf\/picorv32","author":"Wolf C.","year":"2019","unstructured":"C. Wolf . PicoRV32 - a size-optimized RISC-V CPU. https:\/\/github.com\/cliffordwolf\/picorv32 , 2019 . C. Wolf. PicoRV32 - a size-optimized RISC-V CPU. https:\/\/github.com\/cliffordwolf\/picorv32, 2019."},{"key":"e_1_3_2_1_73_1","volume-title":"http:\/\/www.clifford.at\/yosys\/","author":"Wolf C.","year":"2019","unstructured":"C. Wolf . Yosys Open S Ynthesis Suite . http:\/\/www.clifford.at\/yosys\/ , 2019 . C. Wolf. Yosys Open SYnthesis Suite. http:\/\/www.clifford.at\/yosys\/, 2019."},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516741"},{"key":"e_1_3_2_1_77_1","first-page":"616","volume-title":"Proceedings of the 23rd IEEE Symposium on Security and Privacy","author":"Zhou Z.","year":"2002","unstructured":"Z. Zhou , V. D. Gligor , J. Newsome , and J. M. McCune . Building verifiable trusted path on commodity x86 computers . In Proceedings of the 23rd IEEE Symposium on Security and Privacy , pages 616 -- 630 , Oakland, CA , May 2002 . Z. Zhou, V. D. Gligor, J. Newsome, and J. M. McCune. Building verifiable trusted path on commodity x86 computers. In Proceedings of the 23rd IEEE Symposium on Security and Privacy, pages 616--630, Oakland, CA, May 2002."},{"key":"e_1_3_2_1_78_1","first-page":"308","volume-title":"Proceedings of the 25th IEEE Symposium on Security and Privacy","author":"Zhou Z.","year":"2004","unstructured":"Z. Zhou , M. Yu , and V. D. Gligor . Dancing with giants: Wimpy kernels for on-demand isolated I\/O . In Proceedings of the 25th IEEE Symposium on Security and Privacy , pages 308 -- 323 , Oakland, CA , May 2004 . Z. Zhou, M. Yu, and V. D. Gligor. Dancing with giants: Wimpy kernels for on-demand isolated I\/O. In Proceedings of the 25th IEEE Symposium on Security and Privacy, pages 308--323, Oakland, CA, May 2004."}],"event":{"name":"SOSP '19: ACM SIGOPS 27th Symposium on Operating Systems Principles","location":"Huntsville Ontario Canada","acronym":"SOSP '19","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems","USENIX Assoc USENIX Assoc"]},"container-title":["Proceedings of the 27th ACM Symposium on Operating Systems Principles"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3341301.3359661","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3341301.3359661","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:12:56Z","timestamp":1750201976000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3341301.3359661"}},"subtitle":["a device for secure transaction approval"],"short-title":[],"issued":{"date-parts":[[2019,10,27]]},"references-count":76,"alternative-id":["10.1145\/3341301.3359661","10.1145\/3341301"],"URL":"https:\/\/doi.org\/10.1145\/3341301.3359661","relation":{},"subject":[],"published":{"date-parts":[[2019,10,27]]},"assertion":[{"value":"2019-10-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}