{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,31]],"date-time":"2026-03-31T09:35:06Z","timestamp":1774949706897,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":68,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,10,2]],"date-time":"2021-10-02T00:00:00Z","timestamp":1633132800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["KA 3171\/9-1"],"award-info":[{"award-number":["KA 3171\/9-1"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,22]]},"DOI":"10.1145\/3464298.3476134","type":"proceedings-article","created":{"date-parts":[[2021,10,3]],"date-time":"2021-10-03T06:07:43Z","timestamp":1633241263000},"page":"91-103","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Experience Paper: sgx-dl"],"prefix":"10.1145","author":[{"given":"Nico","family":"Weichbrodt","sequence":"first","affiliation":[{"name":"TU Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Joshua","family":"Heinemann","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lennart","family":"Almstedt","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pierre-Louis","family":"Aublin","sequence":"additional","affiliation":[{"name":"IIJ Innovation Insitute, Japan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"R\u00fcdiger","family":"Kapitza","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,10,2]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2019a. Azure Confidential Computing. https:\/\/azure.microsoft.com\/en-us\/solutions\/confidential-compute\/. Accessed on 2021-03-21.  2019a. Azure Confidential Computing. https:\/\/azure.microsoft.com\/en-us\/solutions\/confidential-compute\/. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_2_1","unstructured":"2019b. Azure Confidential Computing. https:\/\/docs.microsoft.com\/en-us\/azure\/automanage\/automanage-hotpatch. Accessed on 2021-03-21.  2019b. Azure Confidential Computing. https:\/\/docs.microsoft.com\/en-us\/azure\/automanage\/automanage-hotpatch. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_3_1","unstructured":"2019. Hot Patching SQL Server Engine in Azure SQL Database. https:\/\/techcommunity.microsoft.com\/t5\/azure-sql\/hot-patching-sql-server-engine-in-azure-sql-database\/ba-p\/849700. Accessed on 2021-03-21.  2019. Hot Patching SQL Server Engine in Azure SQL Database. https:\/\/techcommunity.microsoft.com\/t5\/azure-sql\/hot-patching-sql-server-engine-in-azure-sql-database\/ba-p\/849700. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_4_1","unstructured":"2021. Canonical Livepatch Service. https:\/\/ubuntu.com\/security\/livepatch. Accessed on 2021-03-21.  2021. Canonical Livepatch Service. https:\/\/ubuntu.com\/security\/livepatch. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_5_1","volume-title":"OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX. In <i>Network and Distributed System Security Symposium (NDSS'19)<\/i>.","author":"Ahmad Adil","year":"2019","unstructured":"Adil Ahmad , Byunggill Joe , Yuan Xiao , Yinqian Zhang , Insik Shin , and Byoungyoung Lee . 2019 . OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX. In <i>Network and Distributed System Security Symposium (NDSS'19)<\/i>. Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee. 2019. OBFUSCURO: A Commodity Obfuscation Engine on Intel SGX. In <i>Network and Distributed System Security Symposium (NDSS'19)<\/i>."},{"key":"e_1_3_2_1_6_1","volume-title":"SCONE: Secure Linux Containers with Intel SGX. In <i>12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)<\/i>.","author":"Arnautov Sergei","year":"2016","unstructured":"Sergei Arnautov , Bohdan Trach , Franz Gregor , Thomas Knauth , Andre Martin , Christian Priebe , Joshua Lind , Divya Muthukumaran , Dan O'Keeffe , Mark L. Stillwell , David Goltzsche , David Eyers , Rüdiger Kapitza, Peter Pietzuch , and Christof Fetzer . 2016 . SCONE: Secure Linux Containers with Intel SGX. In <i>12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)<\/i>. Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, David Eyers, Rüdiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In <i>12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)<\/i>."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519065.1519085"},{"key":"e_1_3_2_1_8_1","unstructured":"Pierre-Louis Aublin Florian Kelbert Dan O'Keeffe Divya Muthukumaran Christian Priebe Joshua Lind Robert Krahn Christof Fetzer David Eyers and Peter Pietzuch. 2018. LibSEAL: Revealing Service Integrity Violations Using Trusted Execution. In <i>Proceedings of the Thirteenth EuroSys Conference (EUROSYS'18)<\/i>.  Pierre-Louis Aublin Florian Kelbert Dan O'Keeffe Divya Muthukumaran Christian Priebe Joshua Lind Robert Krahn Christof Fetzer David Eyers and Peter Pietzuch. 2018. LibSEAL: Revealing Service Integrity Violations Using Trusted Execution. In <i>Proceedings of the Thirteenth EuroSys Conference (EUROSYS'18)<\/i>."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"Michael Backes Thorsten Holz Benjamin Kollenda Philipp Koppe Stefan Nürnberger and Jannik Pewny. 2014. You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code. In <i>Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS'14)<\/i>.  Michael Backes Thorsten Holz Benjamin Kollenda Philipp Koppe Stefan Nürnberger and Jannik Pewny. 2014. You Can Run but You Can't Read: Preventing Disclosure Exploits in Executable Code. In <i>Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS'14)<\/i>.","DOI":"10.1145\/2660267.2660378"},{"key":"e_1_3_2_1_10_1","volume-title":"Shielding Applications from an Untrusted Cloud with Haven. In <i>Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI '14)<\/i>","author":"Baumann Andrew","unstructured":"Andrew Baumann , Marcus Peinado , and Galen Hunt . 2014. Shielding Applications from an Untrusted Cloud with Haven. In <i>Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI '14)<\/i> . Andrew Baumann, Marcus Peinado, and Galen Hunt. 2014. Shielding Applications from an Untrusted Cloud with Haven. In <i>Proceedings of the 11th USENIX Conference on Operating Systems Design and Implementation (OSDI '14)<\/i>."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Marcus Brandenburger Christian Cachin Matthias Lorenz and Rüdiger Kapitza. 2017. Rollback and Forking Detection for Trusted Execution Environments Using Lightweight Collective Memory. In <i>47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN'17)<\/i>.  Marcus Brandenburger Christian Cachin Matthias Lorenz and Rüdiger Kapitza. 2017. Rollback and Forking Detection for Trusted Execution Environments Using Lightweight Collective Memory. In <i>47th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN'17)<\/i>.","DOI":"10.1109\/DSN.2017.45"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Ferdinand Brasser Srdjan Capkun Alexandra Dmitrienko Tommaso Frassetto Kari Kostiainen and Ahmad-Reza Sadeghi. 2019. DR. SGX: automated and adjustable side-channel protection for SGX using data location randomization. In <i>35th Annual Computer Security Applications Conference (AC-SEC'19)<\/i>.  Ferdinand Brasser Srdjan Capkun Alexandra Dmitrienko Tommaso Frassetto Kari Kostiainen and Ahmad-Reza Sadeghi. 2019. DR. SGX: automated and adjustable side-channel protection for SGX using data location randomization. In <i>35th Annual Computer Security Applications Conference (AC-SEC'19)<\/i>.","DOI":"10.1145\/3359789.3359809"},{"key":"e_1_3_2_1_13_1","volume-title":"Locasto","author":"Bratus Sergey","year":"2010","unstructured":"Sergey Bratus , James Oakley , Ashwin Ramaswamy , Sean W. Smith , and Michael E . Locasto . 2010 . Katana : Towards Patching As a Runtime Part of the Compiler-Linker-Loader Toolchain. <i>International Journal of Secure Software Engineering (IJSSE) <\/i> (2010). Sergey Bratus, James Oakley, Ashwin Ramaswamy, Sean W. Smith, and Michael E. Locasto. 2010. Katana: Towards Patching As a Runtime Part of the Compiler-Linker-Loader Toolchain. <i>International Journal of Secure Software Engineering (IJSSE)<\/i> (2010)."},{"key":"e_1_3_2_1_14_1","volume-title":"SecureKeeper: Confidential ZooKeeper using Intel SGX. In <i>Proceedings of the 15th International Middleware Conference (MIDDLEWARE)<\/i>","author":"Brenner Stefan","unstructured":"Stefan Brenner , Colin Wulf , Matthias Lorenz , Nico Weichbrodt , David Goltzsche , Christof Fetzer , Peter Pietzuch , and Rüdiger Kapitza. 2016. SecureKeeper: Confidential ZooKeeper using Intel SGX. In <i>Proceedings of the 15th International Middleware Conference (MIDDLEWARE)<\/i> . Stefan Brenner, Colin Wulf, Matthias Lorenz, Nico Weichbrodt, David Goltzsche, Christof Fetzer, Peter Pietzuch, and Rüdiger Kapitza. 2016. SecureKeeper: Confidential ZooKeeper using Intel SGX. In <i>Proceedings of the 15th International Middleware Conference (MIDDLEWARE)<\/i>."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"Sunjay Cauligi Gary Soeller Fraser Brown Brian Johannesmeyer Yunlu Huang Ranjit Jhala and Deian Stefan. 2017. FaCT: A flexible constant-time programming language. In <i>2017 IEEE Cybersecurity Development (SecDev)<\/i>. IEEE 69–76.  Sunjay Cauligi Gary Soeller Fraser Brown Brian Johannesmeyer Yunlu Huang Ranjit Jhala and Deian Stefan. 2017. FaCT: A flexible constant-time programming language. In <i>2017 IEEE Cybersecurity Development (SecDev)<\/i>. IEEE 69–76.","DOI":"10.1109\/SecDev.2017.24"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Guoxing Chen Sanchuan Chen Yuan Xiao Yinqian Zhang Zhiqiang Lin and Ten H Lai. 2019. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution. In <i>2019 IEEE European Symposium on Security and Privacy (EuroS&P'19)<\/i>.  Guoxing Chen Sanchuan Chen Yuan Xiao Yinqian Zhang Zhiqiang Lin and Ten H Lai. 2019. SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution. In <i>2019 IEEE European Symposium on Security and Privacy (EuroS&P'19)<\/i>.","DOI":"10.1109\/EuroSP.2019.00020"},{"key":"e_1_3_2_1_17_1","unstructured":"Alibaba Cloud. 2021. ECS Bare Metal Instance. https:\/\/www.alibabacloud.com\/product\/ebm. Accessed on 2021-04-05.  Alibaba Cloud. 2021. ECS Bare Metal Instance. https:\/\/www.alibabacloud.com\/product\/ebm. Accessed on 2021-04-05."},{"key":"e_1_3_2_1_18_1","unstructured":"Jonathan Corbet. 2014. The initial kGraft submission. https:\/\/lwn.net\/Articles\/596854\/. Accessed on 2019-10-31.  Jonathan Corbet. 2014. The initial kGraft submission. https:\/\/lwn.net\/Articles\/596854\/. Accessed on 2019-10-31."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1327452.1327492"},{"key":"e_1_3_2_1_20_1","unstructured":"Jon Fingas. 2014. Dropbox Bug Wipes Some Users' Files From the Cloud. https:\/\/www.engadget.com\/2014\/10\/13\/dropbox-selective-sync-bug\/. Accessed on 2019-11-02.  Jon Fingas. 2014. Dropbox Bug Wipes Some Users' Files From the Cloud. https:\/\/www.engadget.com\/2014\/10\/13\/dropbox-selective-sync-bug\/. Accessed on 2019-11-02."},{"key":"e_1_3_2_1_21_1","unstructured":"Fortanix. 2019. Fortanix Enclave Development Platform. https:\/\/edp.fortanix.com\/. Accessed on 2019-09-13.  Fortanix. 2019. Fortanix Enclave Development Platform. https:\/\/edp.fortanix.com\/. Accessed on 2019-09-13."},{"key":"e_1_3_2_1_22_1","volume-title":"Foster","author":"Hayden Christopher M.","year":"2012","unstructured":"Christopher M. Hayden , Edward K. Smith , Michail Denchev , Michael Hicks , and Jeffrey S . Foster . 2012 . Kitsune : Efficient, General-purpose Dynamic Software Updating for C. In <i>Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA '12)<\/i>. Christopher M. Hayden, Edward K. Smith, Michail Denchev, Michael Hicks, and Jeffrey S. Foster. 2012. Kitsune: Efficient, General-purpose Dynamic Software Updating for C. In <i>Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA'12)<\/i>."},{"key":"e_1_3_2_1_23_1","unstructured":"Sean Hollister. 2011. Gmail accidentally resetting accounts years of correspondence vanish into the cloud? https:\/\/www.engadget.com\/2011\/02\/27\/gmail-accidentally-resetting-accounts-years-of-correspondence-v\/. Accessed on 2019-11-02.  Sean Hollister. 2011. Gmail accidentally resetting accounts years of correspondence vanish into the cloud? https:\/\/www.engadget.com\/2011\/02\/27\/gmail-accidentally-resetting-accounts-years-of-correspondence-v\/. Accessed on 2019-11-02."},{"key":"e_1_3_2_1_24_1","unstructured":"Intel. 2017. Intel Software Guard Extensions (SGX) Protected Code Loader (PCL). https:\/\/github.com\/intel\/linux-sgx-pcl. Accessed on 2019-08-07.  Intel. 2017. Intel Software Guard Extensions (SGX) Protected Code Loader (PCL). https:\/\/github.com\/intel\/linux-sgx-pcl. Accessed on 2019-08-07."},{"key":"e_1_3_2_1_25_1","unstructured":"Intel. 2018a. Intel Developer Zone - L1 Terminal Fault Software Guidance. https:\/\/software.intel.com\/security-software-guidance\/software-guidance\/l1-terminal-fault. Accessed on 2019-10-31.  Intel. 2018a. Intel Developer Zone - L1 Terminal Fault Software Guidance. https:\/\/software.intel.com\/security-software-guidance\/software-guidance\/l1-terminal-fault. Accessed on 2019-10-31."},{"key":"e_1_3_2_1_26_1","unstructured":"Intel. 2018b. Intel Software Guard Extensions SDK for Linux. https:\/\/01.org\/intel-softwareguard-extensions. Accessed on 2019-08-07.  Intel. 2018b. Intel Software Guard Extensions SDK for Linux. https:\/\/01.org\/intel-softwareguard-extensions. Accessed on 2019-08-07."},{"key":"e_1_3_2_1_27_1","unstructured":"Intel. 2018c. Intel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits. https:\/\/software.intel.com\/sites\/default\/files\/180204_SGX_SDK_Developer_Guidance_v1.0.pdf. Accessed on 2019-10-30.  Intel. 2018c. Intel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits. https:\/\/software.intel.com\/sites\/default\/files\/180204_SGX_SDK_Developer_Guidance_v1.0.pdf. Accessed on 2019-10-30."},{"key":"e_1_3_2_1_28_1","unstructured":"Pratheek Karnati. 2018. Data-in-use protection on IBM Cloud using Intel SGX . https:\/\/www.ibm.com\/cloud\/blog\/data-use-protection-ibm-cloud-using-intel-sgx. Accessed on 2021-04-05.  Pratheek Karnati. 2018. Data-in-use protection on IBM Cloud using Intel SGX . https:\/\/www.ibm.com\/cloud\/blog\/data-use-protection-ibm-cloud-using-intel-sgx. Accessed on 2021-04-05."},{"key":"e_1_3_2_1_29_1","unstructured":"Thomas Knauth Michael Steiner Somnath Chakrabarti Li Lei Cedric Xing and Mona Vij. 2018. Integrating Remote Attestation with Transport Layer Security. (2018). http:\/\/arxiv.org\/abs\/1801.05863  Thomas Knauth Michael Steiner Somnath Chakrabarti Li Lei Cedric Xing and Mona Vij. 2018. Integrating Remote Attestation with Transport Layer Security. (2018). http:\/\/arxiv.org\/abs\/1801.05863"},{"key":"e_1_3_2_1_30_1","volume-title":"Spectre Attacks: Exploiting Speculative Execution. <i>arXiv:1801.01203<\/i&gt","author":"Kocher Paul","year":"2018","unstructured":"Paul Kocher , Daniel Genkin , Daniel Gruss , Werner Haas , Mike Hamburg , Moritz Lipp , Stefan Mangard , Thomas Prescher , Michael Schwarz , and Yuval Yarom . 2018 . Spectre Attacks: Exploiting Speculative Execution. <i>arXiv:1801.01203<\/i&gt ; (2018). Paul Kocher, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. <i>arXiv:1801.01203<\/i> (2018)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"crossref","unstructured":"Sebastian Krieter Tobias Thiem and Thomas Leich. 2019. Using Dynamic Software Product Lines to Implement Adaptive SGX-enabled Systems. In <i>Proceedings of the 13th International Workshop on Variability Modelling of Software-Intensive Systems (VAMOS'19)<\/i>.  Sebastian Krieter Tobias Thiem and Thomas Leich. 2019. Using Dynamic Software Product Lines to Implement Adaptive SGX-enabled Systems. In <i>Proceedings of the 13th International Workshop on Variability Modelling of Software-Intensive Systems (VAMOS'19)<\/i>.","DOI":"10.1145\/3302333.3302340"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"crossref","unstructured":"Moritz Lipp Andreas Kogler David Oswald Michael Schwarz Catherine Easdon Claudio Canella and Daniel Gruss. 2020. With Great Power Comes Great Leakage: Software-based Power Side-Channel Attacks on x86. (2020).  Moritz Lipp Andreas Kogler David Oswald Michael Schwarz Catherine Easdon Claudio Canella and Daniel Gruss. 2020. With Great Power Comes Great Leakage: Software-based Power Side-Channel Attacks on x86. (2020).","DOI":"10.1109\/SP40001.2021.00063"},{"key":"e_1_3_2_1_33_1","volume-title":"Imperial College London","author":"Team LSDS","year":"2018","unstructured":"LSDS Team , Imperial College London . 2018 . github: sgx-lkl. https:\/\/github.com\/lsds\/sgx-lkl. Accessed on 2019-10-30. LSDS Team, Imperial College London. 2018. github: sgx-lkl. https:\/\/github.com\/lsds\/sgx-lkl. Accessed on 2019-10-30."},{"key":"e_1_3_2_1_34_1","unstructured":"Sébastien Martinez Fabien Dagnat and Jérémy Buisson. 2013. Prototyping DSU Techniques Using Python. In <i>5th Workshop on Hot Topics in Software Upgrades (HotSWUp'13)<\/i>.  Sébastien Martinez Fabien Dagnat and Jérémy Buisson. 2013. Prototyping DSU Techniques Using Python. In <i>5th Workshop on Hot Topics in Software Upgrades (HotSWUp'13)<\/i>."},{"key":"e_1_3_2_1_35_1","volume-title":"ROTE: Rollback Protection for Trusted Execution. In <i>26th USENIX Security Symposium (USENIX Security'17)<\/i>.","author":"Matetic Sinisa","year":"2017","unstructured":"Sinisa Matetic , Mansoor Ahmed , Kari Kostiainen , Aritra Dhar , David Sommer , Arthur Gervais , Ari Juels , and Srdjan Capkun . 2017 . ROTE: Rollback Protection for Trusted Execution. In <i>26th USENIX Security Symposium (USENIX Security'17)<\/i>. Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. 2017. ROTE: Rollback Protection for Trusted Execution. In <i>26th USENIX Security Symposium (USENIX Security'17)<\/i>."},{"key":"e_1_3_2_1_36_1","volume-title":"II.","author":"Matsakis Nicholas D.","year":"2014","unstructured":"Nicholas D. Matsakis and Felix S . Klock , II. 2014 . The Rust Language. In <i>Proceedings of the 2014 ACM SIGAda Annual Conference on High Integrity Language Technology (HILT '14)<\/i>. Nicholas D. Matsakis and Felix S. Klock, II. 2014. The Rust Language. In <i>Proceedings of the 2014 ACM SIGAda Annual Conference on High Integrity Language Technology (HILT'14)<\/i>."},{"key":"e_1_3_2_1_37_1","unstructured":"Microsoft. 2019. Hot patching SQL Server Engine in Azure SQL Database. https:\/\/azure.microsoft.com\/en-us\/blog\/hot-patching-sql-server-engine-in-azure-sql-database\/. Accessed on 2021-03-21.  Microsoft. 2019. Hot patching SQL Server Engine in Azure SQL Database. https:\/\/azure.microsoft.com\/en-us\/blog\/hot-patching-sql-server-engine-in-azure-sql-database\/. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_38_1","unstructured":"Jack Moffitt. 2018. libstrophe - An XMPP library for C. http:\/\/strophe.im\/libstrophe\/. Accessed on 2019-10-31.  Jack Moffitt. 2018. libstrophe - An XMPP library for C. http:\/\/strophe.im\/libstrophe\/. Accessed on 2019-10-31."},{"key":"e_1_3_2_1_39_1","volume-title":"Daniel Gruss, and Frank Piessens.","author":"Murdock Kit","year":"2020","unstructured":"Kit Murdock , David Oswald , Flavio D Garcia , Jo Van Bulck , Daniel Gruss, and Frank Piessens. 2020 . Plundervolt : Software-based Fault Injection Attacks against Intel SGX. In <i>Proceedings of the 41st IEEE Symposium on Security and Privacy (S &P’20)<\/i>. Kit Murdock, David Oswald, Flavio D Garcia, Jo Van Bulck, Daniel Gruss, and Frank Piessens. 2020. Plundervolt: Software-based Fault Injection Attacks against Intel SGX. In <i>Proceedings of the 41st IEEE Symposium on Security and Privacy (S&P’20)<\/i>."},{"key":"e_1_3_2_1_40_1","unstructured":"Dan O'Keeffe Divya Muthukumaran Pierre-Louis Aublin Florian Kelbert Christian Priebe Josh Lind Huanzhou Zhu and Peter Pietzuch. 2018. github: spectre-attack-sgx. https:\/\/github.com\/lsds\/spectre-attack-sgx. Accessed on 2019-10-30.  Dan O'Keeffe Divya Muthukumaran Pierre-Louis Aublin Florian Kelbert Christian Priebe Josh Lind Huanzhou Zhu and Peter Pietzuch. 2018. github: spectre-attack-sgx. https:\/\/github.com\/lsds\/spectre-attack-sgx. Accessed on 2019-10-30."},{"key":"e_1_3_2_1_41_1","unstructured":"Oracle. 2021. Oracle RDBMS Online Patching Aka Hot Patching. https:\/\/support.oracle.com\/knowledge\/Oracle%20Database%20Products\/761111_1.html. Accessed on 2021-03-21.  Oracle. 2021. Oracle RDBMS Online Patching Aka Hot Patching. https:\/\/support.oracle.com\/knowledge\/Oracle%20Database%20Products\/761111_1.html. Accessed on 2021-03-21."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"crossref","unstructured":"Meni Orenbach Andrew Baumann and Mark Silberstein. 2020. Autarky: closing controlled channels with self-paging enclaves. In <i>Proceedings of the Fifteenth European Conference on Computer Systems (EuroSys '20)<\/i>.  Meni Orenbach Andrew Baumann and Mark Silberstein. 2020. Autarky: closing controlled channels with self-paging enclaves. In <i>Proceedings of the Fifteenth European Conference on Computer Systems (EuroSys '20)<\/i>.","DOI":"10.1145\/3342195.3387541"},{"key":"e_1_3_2_1_43_1","unstructured":"Meni Orenbach Yan Michalevsky Christof Fetzer and Mark Silberstein. 2019. CoSMIX: a compiler-based system for secure memory instrumentation and execution in enclaves. In <i>2019 USENIX Annual Technical Conference (USENIX ATC '19)<\/i>.  Meni Orenbach Yan Michalevsky Christof Fetzer and Mark Silberstein. 2019. CoSMIX: a compiler-based system for secure memory instrumentation and execution in enclaves. In <i>2019 USENIX Annual Technical Conference (USENIX ATC '19)<\/i>."},{"key":"e_1_3_2_1_44_1","volume-title":"Mobile Software Agents: An Overview. <i&gt","author":"Pham Vu Anh","year":"1998","unstructured":"Vu Anh Pham and Ahmed Karmouch . 1998. Mobile Software Agents: An Overview. <i&gt ; IEEE Communications Magazine <\/i> ( 1998 ). Vu Anh Pham and Ahmed Karmouch. 1998. Mobile Software Agents: An Overview. <i>IEEE Communications Magazine<\/i> (1998)."},{"key":"e_1_3_2_1_45_1","unstructured":"Josh Poimboeuf. 2014. kpatch: dynamic kernel patching. https:\/\/lwn.net\/Articles\/597123\/.  Josh Poimboeuf. 2014. kpatch: dynamic kernel patching. https:\/\/lwn.net\/Articles\/597123\/."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"crossref","unstructured":"Christian Priebe Kapil Vaswani and Manuel Costa. 2018. EnclaveDB – A Secure Database using SGX. In <i>To appear in the Proceedings of the IEEE Symposium on Security & Privacy (2018)<\/i>. https:\/\/www.microsoft.com\/en-us\/research\/publication\/enclavedb-a-secure-database-using-sgx\/  Christian Priebe Kapil Vaswani and Manuel Costa. 2018. EnclaveDB – A Secure Database using SGX. In <i>To appear in the Proceedings of the IEEE Symposium on Security & Privacy (2018)<\/i>. https:\/\/www.microsoft.com\/en-us\/research\/publication\/enclavedb-a-secure-database-using-sgx\/","DOI":"10.1109\/SP.2018.00025"},{"key":"e_1_3_2_1_47_1","volume-title":"Sara Bouchenak, Gaël Thomas, and Rüdiger Kapitza.","author":"Sartakov Vasily A","year":"2018","unstructured":"Vasily A Sartakov , Stefan Brenner , Sonia Ben Mokhtar , Sara Bouchenak, Gaël Thomas, and Rüdiger Kapitza. 2018 a. <i>E<\/i>Actors: Fast and flexible trusted computing using SGX. In <i>Proceedings of the 19th International Middleware Conference (Middleware '18)<\/i>. Vasily A Sartakov, Stefan Brenner, Sonia Ben Mokhtar, Sara Bouchenak, Gaël Thomas, and Rüdiger Kapitza. 2018a. <i>E<\/i>Actors: Fast and flexible trusted computing using SGX. In <i>Proceedings of the 19th International Middleware Conference (Middleware'18)<\/i>."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"crossref","unstructured":"Vasily A Sartakov Nico Weichbrodt Sebastian Krieter Thomas Leich and Rüdiger Kapitza. 2018b. STANlite–a database engine for secure data processing at rack-scale level. In <i>Proceedings of the Sixth International Conference on Cloud Engineering (IC2E'18)<\/i>.  Vasily A Sartakov Nico Weichbrodt Sebastian Krieter Thomas Leich and Rüdiger Kapitza. 2018b. STANlite–a database engine for secure data processing at rack-scale level. In <i>Proceedings of the Sixth International Conference on Cloud Engineering (IC2E'18)<\/i>.","DOI":"10.1109\/IC2E.2018.00024"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"crossref","unstructured":"Felix Schuster Manuel Costa Cédric Fournet Christos Gkantsidis Marcus Peinado Gloria Mainar-Ruiz and Mark Russinovich. 2015. VC3: Trustworthy Data Analytics in the Cloud using SGX. In <i>2015 IEEE Symposium on Security and Privacy (S&P'15)<\/i>.  Felix Schuster Manuel Costa Cédric Fournet Christos Gkantsidis Marcus Peinado Gloria Mainar-Ruiz and Mark Russinovich. 2015. VC3: Trustworthy Data Analytics in the Cloud using SGX. In <i>2015 IEEE Symposium on Security and Privacy (S&P'15)<\/i>.","DOI":"10.1109\/SP.2015.10"},{"key":"e_1_3_2_1_50_1","volume-title":"Julian Stecklina, Thomas Prescher, and Daniel Gruss.","author":"Schwarz Michael","year":"2019","unstructured":"Michael Schwarz , Moritz Lipp , Daniel Moghimi , Jo Van Bulck , Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019 . ZombieLoad: Cross-Privilege- Boundary Data Sampling . <i>arXiv:1905.05726<\/i> (2019). Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019. ZombieLoad: Cross-Privilege-Boundary Data Sampling. <i>arXiv:1905.05726<\/i> (2019)."},{"key":"e_1_3_2_1_51_1","volume-title":"Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim.","author":"Seo Jaebaek","year":"2017","unstructured":"Jaebaek Seo , Byoungyoung Lee , Seong Min Kim , Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim. 2017 . SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In <i>Network and Distributed System Security Symposium (NDSS '17)<\/i>. Jaebaek Seo, Byoungyoung Lee, Seong Min Kim, Ming-Wei Shih, Insik Shin, Dongsu Han, and Taesoo Kim. 2017. SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs. In <i>Network and Distributed System Security Symposium (NDSS'17)<\/i>."},{"key":"e_1_3_2_1_52_1","unstructured":"Simon Sharwood. 2017. GitLab.com Melts Down After Wrong Directory Deleted Backups Fail. https:\/\/www.theregister.co.uk\/2017\/02\/01\/gitlab_data_loss\/?mt=1486066707837. Accessed on 2019-11-02.  Simon Sharwood. 2017. GitLab.com Melts Down After Wrong Directory Deleted Backups Fail. https:\/\/www.theregister.co.uk\/2017\/02\/01\/gitlab_data_loss\/?mt=1486066707837. Accessed on 2019-11-02."},{"key":"e_1_3_2_1_53_1","unstructured":"Mingwei Shih. 2019. <i>Securing Intel SGX against Side-channel Attacks via Load-time Synthesis<\/i>. Ph.D. Dissertation. Georgia Institute of Technology.  Mingwei Shih. 2019. <i>Securing Intel SGX against Side-channel Attacks via Load-time Synthesis<\/i>. Ph.D. Dissertation. Georgia Institute of Technology."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"crossref","unstructured":"Ming-Wei Shih Sangho Lee Taesoo Kim and Marcus Peinado. 2017. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs. In <i>Network and Distributed System Security Symposium (NDSS'17)<\/i>.  Ming-Wei Shih Sangho Lee Taesoo Kim and Marcus Peinado. 2017. T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs. In <i>Network and Distributed System Security Symposium (NDSS'17)<\/i>.","DOI":"10.14722\/ndss.2017.23193"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"crossref","unstructured":"Rodolfo Silva Pedro Barbosa and Andrey Brito. 2017. DynSGX: A Privacy Preserving Toolset for Dynamically Loading Functions into Intel (R) SGX Enclaves. In <i>2017 IEEE International Conference on Cloud Computing Technology and Science (CloudCom'17)<\/i>.  Rodolfo Silva Pedro Barbosa and Andrey Brito. 2017. DynSGX: A Privacy Preserving Toolset for Dynamically Loading Functions into Intel (R) SGX Enclaves. In <i>2017 IEEE International Conference on Cloud Computing Technology and Science (CloudCom'17)<\/i>.","DOI":"10.1109\/CloudCom.2017.42"},{"key":"e_1_3_2_1_56_1","volume-title":"What you get is what you C: Controlling side effects in mainstream C compilers. In <i>2018 IEEE European Symposium on Security and Privacy (EuroS&P)<\/i>","author":"Simon Laurent","unstructured":"Laurent Simon , David Chisnall , and Ross Anderson . 2018. What you get is what you C: Controlling side effects in mainstream C compilers. In <i>2018 IEEE European Symposium on Security and Privacy (EuroS&P)<\/i> . IEEE , 1–15. Laurent Simon, David Chisnall, and Ross Anderson. 2018. What you get is what you C: Controlling side effects in mainstream C compilers. In <i>2018 IEEE European Symposium on Security and Privacy (EuroS&P)<\/i>. IEEE, 1–15."},{"key":"e_1_3_2_1_57_1","volume-title":"Ariadne: A Minimal Approach to State Continuity. In <i>25th USENIX Security Symposium (USENIX Security'16)<\/i>.","author":"Strackx Raoul","year":"2016","unstructured":"Raoul Strackx and Frank Piessens . 2016 . Ariadne: A Minimal Approach to State Continuity. In <i>25th USENIX Security Symposium (USENIX Security'16)<\/i>. Raoul Strackx and Frank Piessens. 2016. Ariadne: A Minimal Approach to State Continuity. In <i>25th USENIX Security Symposium (USENIX Security'16)<\/i>."},{"key":"e_1_3_2_1_58_1","unstructured":"The Rust Embedded Resources Team. 2019. A nostd Rust Environment. https:\/\/rust-embedded.github.io\/book\/intro\/no-std.html. Accessed on 2019-09-13.  The Rust Embedded Resources Team. 2019. A nostd Rust Environment. https:\/\/rust-embedded.github.io\/book\/intro\/no-std.html. Accessed on 2019-09-13."},{"key":"e_1_3_2_1_59_1","unstructured":"The Apache Software Foundation. 2019a. ab - Apache HTTP server benchmarking tool. https:\/\/httpd.apache.org\/docs\/current\/programs\/ab.html. Accessed on 2019-10-31.  The Apache Software Foundation. 2019a. ab - Apache HTTP server benchmarking tool. https:\/\/httpd.apache.org\/docs\/current\/programs\/ab.html. Accessed on 2019-10-31."},{"key":"e_1_3_2_1_60_1","unstructured":"The Apache Software Foundation. 2019b. Apache HTTP Server Project. https:\/\/httpd.apache.org\/. Accessed on 2019-08-12.  The Apache Software Foundation. 2019b. Apache HTTP Server Project. https:\/\/httpd.apache.org\/. Accessed on 2019-08-12."},{"key":"e_1_3_2_1_61_1","unstructured":"Chia-Che Tsai Donald E Porter and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In <i>2017 USENIX Annual Technical Conference (USENIX ATC'17)<\/i>.  Chia-Che Tsai Donald E Porter and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In <i>2017 USENIX Annual Technical Conference (USENIX ATC'17)<\/i>."},{"key":"e_1_3_2_1_62_1","volume-title":"FORESHADOW: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In <i>Proceedings of the 27th USENIX Security Symposium. (USENIX Security'18)<\/i>.","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . FORESHADOW: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In <i>Proceedings of the 27th USENIX Security Symposium. (USENIX Security'18)<\/i>. Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. FORESHADOW: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In <i>Proceedings of the 27th USENIX Security Symposium. (USENIX Security'18)<\/i>."},{"key":"e_1_3_2_1_63_1","volume-title":"LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In <i>41th IEEE Symposium on Security and Privacy (S&P'20)<\/i>.","author":"Bulck Jo Van","year":"2020","unstructured":"Jo Van Bulck , Daniel Moghimi , Michael Schwarz , Moritz Lipp , Marina Minkin , Daniel Genkin , Yarom Yuval , Berk Sunar , Daniel Gruss , and Frank Piessens . 2020 . LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In <i>41th IEEE Symposium on Security and Privacy (S&P'20)<\/i>. Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yarom Yuval, Berk Sunar, Daniel Gruss, and Frank Piessens. 2020. LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In <i>41th IEEE Symposium on Security and Privacy (S&P'20)<\/i>."},{"key":"e_1_3_2_1_64_1","unstructured":"Jo Van Bulck Nico Weichbrodt Rüdiger Kapitza Frank Piessens and Raoul Strackx. 2017. Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In <i>26th USENIX Security Symposium (USENIX Security'17)<\/i>.  Jo Van Bulck Nico Weichbrodt Rüdiger Kapitza Frank Piessens and Raoul Strackx. 2017. Telling Your Secrets Without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In <i>26th USENIX Security Symposium (USENIX Security'17)<\/i>."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"crossref","unstructured":"Stephan van Schaik Marina Minkin Andrew Kwong Daniel Genkin and Yuval Yarom. 2020. CacheOut: Leaking Data on Intel CPUs via Cache Evictions. https:\/\/cacheoutattack.com\/.  Stephan van Schaik Marina Minkin Andrew Kwong Daniel Genkin and Yuval Yarom. 2020. CacheOut: Leaking Data on Intel CPUs via Cache Evictions. https:\/\/cacheoutattack.com\/.","DOI":"10.1109\/SP40001.2021.00064"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"crossref","unstructured":"Huibo Wang Pei Wang Yu Ding Mingshen Sun Yiming Jing Ran Duan Long Li Yulong Zhang Tao Wei and Zhiqiang Lin. 2019. Towards Memory Safe Enclave Programming with Rust-SGX. In <i>ACM SIGSAC Conference on Computer and Communications Security (CCS'19)<\/i>.  Huibo Wang Pei Wang Yu Ding Mingshen Sun Yiming Jing Ran Duan Long Li Yulong Zhang Tao Wei and Zhiqiang Lin. 2019. Towards Memory Safe Enclave Programming with Rust-SGX. In <i>ACM SIGSAC Conference on Computer and Communications Security (CCS'19)<\/i>.","DOI":"10.1145\/3319535.3354241"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"crossref","unstructured":"Nico Weichbrodt Anil Kurmus Peter Pietzuch and Rüdiger Kapitza. 2016. AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves. In <i>European Symposium on Research in Computer Security (ESORICS'16)<\/i>.  Nico Weichbrodt Anil Kurmus Peter Pietzuch and Rüdiger Kapitza. 2016. AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves. In <i>European Symposium on Research in Computer Security (ESORICS'16)<\/i>.","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"e_1_3_2_1_68_1","volume-title":"Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In <i&gt","author":"Xu Yuanzhong","unstructured":"Yuanzhong Xu , Weidong Cui , and Marcus Peinado . 2015. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In <i&gt ;IEEE Symposium on Security and Privacy (IEEE S &P'15)<\/i>. Yuanzhong Xu, Weidong Cui, and Marcus Peinado. 2015. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In <i>IEEE Symposium on Security and Privacy (IEEE S&P'15)<\/i>."}],"event":{"name":"Middleware '21: 22nd International Middleware Conference","location":"Qu\u00e9bec city Canada","acronym":"Middleware '21","sponsor":["ACM Association for Computing Machinery","USENIX Assoc USENIX Assoc","IFIP"]},"container-title":["Proceedings of the 22nd International Middleware Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3464298.3476134","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3464298.3476134","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:15Z","timestamp":1750191135000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3464298.3476134"}},"subtitle":["dynamic loading and hot-patching for secure applications"],"short-title":[],"issued":{"date-parts":[[2021,10,2]]},"references-count":68,"alternative-id":["10.1145\/3464298.3476134","10.1145\/3464298"],"URL":"https:\/\/doi.org\/10.1145\/3464298.3476134","relation":{},"subject":[],"published":{"date-parts":[[2021,10,2]]},"assertion":[{"value":"2021-10-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}