{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,19]],"date-time":"2026-03-19T14:39:36Z","timestamp":1773931176180,"version":"3.50.1"},"reference-count":14,"publisher":"Association for Computing Machinery (ACM)","issue":"6","license":[{"start":{"date-parts":[[2021,5,24]],"date-time":"2021-05-24T00:00:00Z","timestamp":1621814400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2021,6]]},"abstract":"<jats:p>Extending hardware-enforced cryptographic protection to data while in use.<\/jats:p>","DOI":"10.1145\/3453930","type":"journal-article","created":{"date-parts":[[2021,5,24]],"date-time":"2021-05-24T17:58:51Z","timestamp":1621879131000},"page":"54-61","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":30,"title":["Toward confidential cloud computing"],"prefix":"10.1145","volume":"64","author":[{"given":"Mark","family":"Russinovich","sequence":"first","affiliation":[{"name":"Microsoft Azure"}]},{"given":"Manuel","family":"Costa","sequence":"additional","affiliation":[{"name":"Microsoft Research Cambridge"}]},{"given":"C\u00e9dric","family":"Fournet","sequence":"additional","affiliation":[{"name":"Microsoft Research"}]},{"given":"David","family":"Chisnall","sequence":"additional","affiliation":[{"name":"Microsoft Research Cambridge"}]},{"given":"Antoine","family":"Delignat-Lavaud","sequence":"additional","affiliation":[{"name":"Microsoft Research Cambridge"}]},{"given":"Sylvan","family":"Clebsch","sequence":"additional","affiliation":[{"name":"Microsoft Research Cambridge"}]},{"given":"Kapil","family":"Vaswani","sequence":"additional","affiliation":[{"name":"Microsoft Research"}]},{"given":"Vikas","family":"Bhatia","sequence":"additional","affiliation":[{"name":"Azure"}]}],"member":"320","published-online":{"date-parts":[[2021,5,24]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"AWS Nitro Enclaves. AWS; https:\/\/aws.amazon.com\/ec2\/nitro\/nitro-enclaves\/.  AWS Nitro Enclaves. AWS; https:\/\/aws.amazon.com\/ec2\/nitro\/nitro-enclaves\/."},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the 11th Usenix Symp. Operating Systems Design and Implementation","author":"Baumann A.","unstructured":"Baumann , A. , Peinado , M. , Hunt , G. Shielding applications from an untrusted cloud with Haven . In Proceedings of the 11th Usenix Symp. Operating Systems Design and Implementation , 2014; https:\/\/www.usenix.org\/conference\/osdi14\/technical-sessions\/presentation\/baumann. Baumann, A., Peinado, M., Hunt, G. Shielding applications from an untrusted cloud with Haven. In Proceedings of the 11th Usenix Symp. Operating Systems Design and Implementation, 2014; https:\/\/www.usenix.org\/conference\/osdi14\/technical-sessions\/presentation\/baumann."},{"key":"e_1_2_1_3_1","volume-title":"Speculative load hardening. LLVM Compiler Infrastructure","author":"Carruth C.","year":"2018","unstructured":"Carruth , C. Speculative load hardening. LLVM Compiler Infrastructure , 2018 ; https:\/\/llvm.org\/docs\/SpeculativeLoadHardening.html. Carruth, C. Speculative load hardening. LLVM Compiler Infrastructure, 2018; https:\/\/llvm.org\/docs\/SpeculativeLoadHardening.html."},{"key":"e_1_2_1_4_1","unstructured":"Confidential Consortium Framework. GitHub; https:\/\/github.com\/microsoft\/CCF.  Confidential Consortium Framework. GitHub; https:\/\/github.com\/microsoft\/CCF."},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of the 25th Usenix Security Symp.","author":"Ohrimenko O.","unstructured":"Ohrimenko , O. et al. Oblivious multi-party machine learning on trusted processors . In Proceedings of the 25th Usenix Security Symp. , 2016; 619--636; https:\/\/dl.acm.org\/doi\/10.5555\/3241094.3241143. Ohrimenko, O. et al. Oblivious multi-party machine learning on trusted processors. In Proceedings of the 25th Usenix Security Symp., 2016; 619--636; https:\/\/dl.acm.org\/doi\/10.5555\/3241094.3241143."},{"key":"e_1_2_1_6_1","unstructured":"Open Enclave SDK. GitHub; https:\/\/github.com\/openenclave\/openenclave.  Open Enclave SDK. GitHub; https:\/\/github.com\/openenclave\/openenclave."},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the 2018 IEEE Symp. Security and Privacy; https:\/\/ieeexplore.ieee.org\/document\/8418608","author":"Priebe C.","unstructured":"Priebe , C. , Vaswani , K. and Costa , M . EnclaveDB: a secure database using SGX . In Proceedings of the 2018 IEEE Symp. Security and Privacy; https:\/\/ieeexplore.ieee.org\/document\/8418608 . Priebe, C., Vaswani, K. and Costa, M. EnclaveDB: a secure database using SGX. In Proceedings of the 2018 IEEE Symp. Security and Privacy; https:\/\/ieeexplore.ieee.org\/document\/8418608."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3307650.3322246"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of the 2019 Intern. Symp. Computer Architecture; https:\/\/www.researchgate.net\/publication\/333755760_Efficient_Invisible_Speculative_Execution_through_Selective_Delay_and_Value_Prediction.","author":"Sakalis C.","unstructured":"Sakalis , C. et al. Efficient invisible speculative execution through selective delay and value prediction . In Proceedings of the 2019 Intern. Symp. Computer Architecture; https:\/\/www.researchgate.net\/publication\/333755760_Efficient_Invisible_Speculative_Execution_through_Selective_Delay_and_Value_Prediction. Sakalis, C. et al. Efficient invisible speculative execution through selective delay and value prediction. In Proceedings of the 2019 Intern. Symp. Computer Architecture; https:\/\/www.researchgate.net\/publication\/333755760_Efficient_Invisible_Speculative_Execution_through_Selective_Delay_and_Value_Prediction."},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of the 2010 IEEE Symp. Security and Privacy, 38--54; https:\/\/dl.acm.org\/doi\/10","author":"Schuster F.","year":"2015","unstructured":"Schuster , F. et al. VC3: trustworthy data analytics in the cloud using SGX . In Proceedings of the 2010 IEEE Symp. Security and Privacy, 38--54; https:\/\/dl.acm.org\/doi\/10 .1109\/SP. 2015 .10. Schuster, F. et al. VC3: trustworthy data analytics in the cloud using SGX. In Proceedings of the 2010 IEEE Symp. Security and Privacy, 38--54; https:\/\/dl.acm.org\/doi\/10.1109\/SP.2015.10."},{"key":"e_1_2_1_11_1","unstructured":"SGX-LKL. GitHub; https:\/\/github.com\/lsds\/sgx-lkl.  SGX-LKL. GitHub; https:\/\/github.com\/lsds\/sgx-lkl."},{"key":"e_1_2_1_12_1","volume-title":"Proceedings of the 13th Usenix Symp. Operating Systems Design and Implementation","author":"Volos S.","unstructured":"Volos , S. et al. Graviton: Trusted execution environments on GPUs . In Proceedings of the 13th Usenix Symp. Operating Systems Design and Implementation , 2018; https:\/\/www.usenix.org\/system\/files\/osdi18-volos.pdf. Volos, S. et al. Graviton: Trusted execution environments on GPUs. In Proceedings of the 13th Usenix Symp. Operating Systems Design and Implementation, 2018; https:\/\/www.usenix.org\/system\/files\/osdi18-volos.pdf."},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of the 28th Usenix Security Symposium","author":"Werner M.","unstructured":"Werner , M. et al. ScatterCache: Thwarting cache attacks via cache set randomization . Proceedings of the 28th Usenix Security Symposium , 2019; https:\/\/www.usenix.org\/system\/files\/sec19-werner.pdf. Werner, M. et al. ScatterCache: Thwarting cache attacks via cache set randomization. Proceedings of the 28th Usenix Security Symposium, 2019; https:\/\/www.usenix.org\/system\/files\/sec19-werner.pdf."},{"key":"e_1_2_1_14_1","volume-title":"Proceedings of the 51st Annual IEEE\/ACM Intern. Symp. Microarchitecture","author":"Yan M.","unstructured":"Yan , M. et al. InvisiSpec: Making speculative execution invisible in the cache hierarchy . In Proceedings of the 51st Annual IEEE\/ACM Intern. Symp. Microarchitecture , 2018; https:\/\/iacoma.cs.uiuc.edu\/iacoma-papers\/micro18.pdf. Yan, M. et al. InvisiSpec: Making speculative execution invisible in the cache hierarchy. In Proceedings of the 51st Annual IEEE\/ACM Intern. Symp. Microarchitecture, 2018; https:\/\/iacoma.cs.uiuc.edu\/iacoma-papers\/micro18.pdf."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3453930","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3453930","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:17:42Z","timestamp":1750191462000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3453930"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,24]]},"references-count":14,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2021,6]]}},"alternative-id":["10.1145\/3453930"],"URL":"https:\/\/doi.org\/10.1145\/3453930","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"value":"0001-0782","type":"print"},{"value":"1557-7317","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,24]]},"assertion":[{"value":"2021-05-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}