{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T07:24:28Z","timestamp":1772004268181,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":109,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,16]],"date-time":"2023-10-16T00:00:00Z","timestamp":1697414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607235","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"564-579","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["Information Flow Tracking for Heterogeneous Compartmentalized Software"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7030-4796","authenticated-orcid":false,"given":"Zahra","family":"Tarkhani","sequence":"first","affiliation":[{"name":"Microsoft, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8954-2428","authenticated-orcid":false,"given":"Anil","family":"Madhavapeddy","sequence":"additional","affiliation":[{"name":"University of Cambridge, United Kingdom"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2019. SGX-OpenSSL. https:\/\/github.com\/sparkly9399\/SGX-OpenSSL."},{"key":"e_1_3_2_1_2_1","unstructured":"2020. Intel Trust Domain Extensions (Intel TDX). https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/articles\/intel-trust-domain-extensions.html."},{"key":"e_1_3_2_1_3_1","unstructured":"2020. OP-TEE. https:\/\/github.com\/OP-TEE. Access Date : 2020-03-28."},{"key":"e_1_3_2_1_4_1","volume-title":"Security engineering","author":"Anderson Ross","unstructured":"Ross Anderson. 2008. Security engineering. John Wiley & Sons."},{"key":"e_1_3_2_1_5_1","volume-title":"Security technology building a secure system using TrustZone technology (white paper). ARM Limited","author":"ARM.","year":"2009","unstructured":"ARM. 2009. Security technology building a secure system using TrustZone technology (white paper). ARM Limited (2009)."},{"key":"e_1_3_2_1_6_1","volume-title":"Architecture Reference Manual","author":"ARM.","year":"2020","unstructured":"ARM. 2012. Architecture Reference Manual; ARMv7-A and ARMv7-R edition. https:\/\/static.docs.arm.com\/ddi0406\/c\/DDI0406C_C_arm_architecture_reference_manual.pdf. Access Date : 2020-5-26."},{"key":"e_1_3_2_1_7_1","volume-title":"SCONE: Secure Linux Containers with Intel SGX.. In OSDI, Vol.\u00a016. 689\u2013703.","author":"Arnautov Sergei","year":"2016","unstructured":"Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O\u2019keeffe, Mark Stillwell, 2016. SCONE: Secure Linux Containers with Intel SGX.. In OSDI, Vol.\u00a016. 689\u2013703."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3102980.3103002"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2799647"},{"key":"e_1_3_2_1_11_1","unstructured":"David Berard. 2018. Kinibi TEE: Trusted Application Exploitation."},{"key":"e_1_3_2_1_12_1","volume-title":"The Guard\u2019s Dilemma: Efficient Code-Reuse Attacks Against Intel SGX. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Biondo Andrea","year":"2018","unstructured":"Andrea Biondo, Mauro Conti, Lucas Davi, Tommaso Frassetto, and Ahmad-Reza Sadeghi. 2018. The Guard\u2019s Dilemma: Efficient Code-Reuse Attacks Against Intel SGX. In 27th USENIX Security Symposium (USENIX Security 18). 1213\u20131227."},{"key":"e_1_3_2_1_13_1","volume-title":"Wedge: Splitting applications into reduced-privilege compartments","author":"Bittau Andrea","year":"2008","unstructured":"Andrea Bittau, Petr Marchenko, Mark Handley, and Brad Karp. 2008. Wedge: Splitting applications into reduced-privilege compartments. In USENIX Association."},{"key":"e_1_3_2_1_14_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Bosamiya Jay","year":"2022","unstructured":"Jay Bosamiya, Wen\u00a0Shih Lim, and Bryan Parno. 2022. Provably-Safe Multilingual Software Sandboxing using WebAssembly. In 31st USENIX Security Symposium (USENIX Security 22). 1975\u20131992."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2784731.2784758"},{"key":"e_1_3_2_1_16_1","volume-title":"Controlled Data Races in Enclaves: Attacks and Detection. In 32nd USENIX Security Symposium (USENIX Security 22)","author":"Chen Sanchuan","year":"2023","unstructured":"Sanchuan Chen, Zhiqiang Lin, and Yinqian Zhang. 2023. Controlled Data Races in Enclaves: Attacks and Detection. In 32nd USENIX Security Symposium (USENIX Security 22)."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1353535.1346284"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.12"},{"key":"e_1_3_2_1_19_1","unstructured":"Winnie Cheng Dan\u00a0RK Ports David Schultz Victoria Popic Aaron Blankstein James Cowling Dorothy Curtis Liuba Shrira and Barbara Liskov. 2012. Abstractions for usable information flow control in Aeolus. In Presented as part of the 2012 USENIX Annual Technical Conference (USENIX ATC 12). 139\u2013151."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1273463.1273490"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 29th USENIX Conference on Security Symposium. 841\u2013858","author":"Cloosters Tobias","year":"2020","unstructured":"Tobias Cloosters, Michael Rodler, and Lucas Davi. 2020. TeeRex: discovery and exploitation of memory corruption vulnerabilities in SGX enclaves. In Proceedings of the 29th USENIX Conference on Security Symposium. 841\u2013858."},{"key":"e_1_3_2_1_22_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Cloosters Tobias","year":"2022","unstructured":"Tobias Cloosters, Johannes Willbold, Thorsten Holz, and Lucas Davi. 2022. { SGXFuzz} : Efficiently Synthesizing Nested Structures for { SGX} Enclave Fuzzing. In 31st USENIX Security Symposium (USENIX Security 22). 3147\u20133164."},{"key":"e_1_3_2_1_23_1","unstructured":"Intel Corporation. 2019. Intel Software Guard Extensions for Linux OS. https:\/\/github.com\/intel\/linux-sgx. Access Date :2019-03-01."},{"key":"e_1_3_2_1_24_1","unstructured":"Microsoft Corporation. 2019. Open Enclave SDK. https:\/\/github.com\/openenclave\/openenclave. Access Date :2019-08-12."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2619091"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243743"},{"key":"e_1_3_2_1_28_1","unstructured":"Charles Garc\u00eda-Tobin. 2021. Unlocking the power of data with ARM CCA. https:\/\/community.arm.com\/arm-community-blogs\/b\/architectures-and-processors-blog\/posts\/unlocking-the-power-of-data-with-arm-cca?_ga=2.220985304.13311694.1639690475-1159947857.1639439044."},{"key":"e_1_3_2_1_29_1","volume-title":"10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12)","author":"Giffin B","year":"2012","unstructured":"Daniel\u00a0B Giffin, Amit Levy, Deian Stefan, David Terei, David Mazieres, John\u00a0C Mitchell, and Alejandro Russo. 2012. Hails: Protecting data privacy in untrusted web applications. In 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12). 47\u201360."},{"key":"e_1_3_2_1_30_1","unstructured":"GlobalPlatform. 2018. GlobalPlatform Security Task ForceRoot of Trust Definitions and Requirements. Available at: https:\/\/globalplatform.org\/wp-content\/uploads\/2018\/06\/GP_RoT_Definitions_and_Requirements_v1.0.1_PublicRelease_CC.pdf."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/2983990.2984002"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2019.00028"},{"key":"e_1_3_2_1_33_1","volume-title":"Asylo: An open and flexible framework for enclave applications","year":"2018","unstructured":"Google. 2018. Asylo: An open and flexible framework for enclave applications. http:\/\/web.archive.org\/web\/20080207010024http:\/\/www.808multimedia.com\/winnt\/kernel.htm."},{"key":"e_1_3_2_1_34_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Gu Jinyu","year":"2022","unstructured":"Jinyu Gu, Bojun Zhu, Mingyu Li, Wentai Li, Yubin Xia, and Haibo Chen. 2022. A { Hardware-Software} Co-design for Efficient { Intra-Enclave} Isolation. In 31st USENIX Security Symposium (USENIX Security 22). 3129\u20133145."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/3081333.3081349"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813611"},{"key":"e_1_3_2_1_37_1","volume-title":"Chiron: Privacy-preserving Machine Learning as a Service. arXiv preprint arXiv:1803.05961","author":"Hunt Tyler","year":"2018","unstructured":"Tyler Hunt, Congzheng Song, Reza Shokri, Vitaly Shmatikov, and Emmett Witchel. 2018. Chiron: Privacy-preserving Machine Learning as a Service. arXiv preprint arXiv:1803.05961 (2018)."},{"key":"e_1_3_2_1_38_1","unstructured":"Intel. 2016. Overview of Intel Software Guard Extensions Instructions and Data Structures. https:\/\/software.intel.com\/en-us\/blogs\/2016\/06\/10\/overview-of-intel-software-guard-extensions-instructions-and-data-structures."},{"key":"e_1_3_2_1_39_1","unstructured":"Intel. 2019. Intel\u00ae 64 and IA-32 Architectures Software Developer\u2019s Manual. https:\/\/software.intel.com\/sites\/default\/files\/managed\/39\/c5\/325462-sdm-vol-1-2abcd-3abcd.pdf"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"crossref","unstructured":"Jin\u00a0Soo Jang Sunjune Kong Minsu Kim Daegyeong Kim and Brent\u00a0Byunghoon Kang. 2015. SeCReT: Secure Channel between Rich Execution Environment and Trusted Execution Environment.. In NDSS.","DOI":"10.14722\/ndss.2015.23189"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3593856.3595892"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40203-6_43"},{"key":"e_1_3_2_1_43_1","volume-title":"USENIX Security Symposium. 223\u2013238","author":"Kaloper-Mersinjak David","year":"2015","unstructured":"David Kaloper-Mersinjak, Hannes Mehnert, Anil Madhavapeddy, and Peter Sewell. 2015. Not-Quite-So-Broken TLS: Lessons in Re-Engineering a Security Protocol Specification and Implementation.. In USENIX Security Symposium. 223\u2013238."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3384217.3386399"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378486"},{"key":"e_1_3_2_1_46_1","volume-title":"USENIX Annual Technical Conference, FREENIX Track. 273\u2013284","author":"Kilpatrick Douglas","year":"2003","unstructured":"Douglas Kilpatrick. 2003. Privman: A Library for Partitioning Applications.. In USENIX Annual Technical Conference, FREENIX Track. 273\u2013284."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNET.2018.2868054"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/3492321.3519582"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1145\/1772690.1772747"},{"key":"e_1_3_2_1_50_1","unstructured":"Alex Krizhevsky. 2009. The CIFAR-100 dataset. https:\/\/www.cs.toronto.edu\/\u00a0kriz\/cifar.html. Access Date : 2020-5-26."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"crossref","unstructured":"Maxwell Krohn Alexander Yip Micah Brodsky Natan Cliffer M\u00a0Frans Kaashoek Eddie Kohler and Robert Morris. 2007. Information flow control for standard OS abstractions. In ACM SIGOPS Operating Systems Review Vol.\u00a041. ACM 321\u2013334.","DOI":"10.1145\/1323293.1294293"},{"key":"e_1_3_2_1_52_1","volume-title":"USENIX Annual Technical Conference, General Track. 185\u2013198","author":"Krohn N","year":"2004","unstructured":"Maxwell\u00a0N Krohn. 2004. Building Secure High-Performance Web Services with OKWS.. In USENIX Annual Technical Conference, General Track. 185\u2013198."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3342195.3387532"},{"key":"e_1_3_2_1_54_1","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Lee Jaehyuk","year":"2017","unstructured":"Jaehyuk Lee, Jinsoo Jang, Yeongjin Jang, Nohyun Kwak, Yeseul Choi, Changho Choi, Taesoo Kim, Marcus Peinado, and Brent\u00a0Byunghoon Kang. 2017. Hacking in darkness: Return-oriented programming against secure enclaves. In 26th USENIX Security Symposium (USENIX Security 17). 523\u2013539."},{"key":"e_1_3_2_1_55_1","volume-title":"Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software. arXiv preprint arXiv:2212.12904","author":"Lefeuvre Hugo","year":"2022","unstructured":"Hugo Lefeuvre, Vlad-Andrei B\u0103doiu, Yi Chien, Felipe Huici, Nathan Dautenhahn, and Pierre Olivier. 2022. Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software. arXiv preprint arXiv:2212.12904 (2022)."},{"key":"e_1_3_2_1_56_1","volume-title":"Glamdring: Automatic application partitioning for Intel SGX. In USENIX.","author":"Lind Joshua","year":"2017","unstructured":"Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O\u2019Keeffe, P Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, R\u00fcdiger Kapitza, 2017. Glamdring: Automatic application partitioning for Intel SGX. In USENIX."},{"key":"e_1_3_2_1_57_1","volume-title":"Light-Weight Contexts: An OS Abstraction for Safety and Performance. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)","author":"Litton James","year":"2016","unstructured":"James Litton, Anjo Vahldiek-Oberwagner, Eslam Elnikety, Deepak Garg, Bobby Bhattacharjee, and Peter Druschel. 2016. Light-Weight Contexts: An OS Abstraction for Safety and Performance. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16). 49\u201364."},{"key":"e_1_3_2_1_58_1","volume-title":"BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments.. In NDSS.","author":"Machiry Aravind","year":"2017","unstructured":"Aravind Machiry, Eric Gustafson, Chad Spensky, Christopher Salls, Nick Stephens, Ruoyu Wang, Antonio Bianchi, Yung\u00a0Ryn Choe, Christopher Kruegel, and Giovanni Vigna. 2017. BOOMERANG: Exploiting the Semantic Gap in Trusted Execution Environments.. In NDSS."},{"key":"e_1_3_2_1_59_1","series-title":"Jan 2018","volume-title":"The Wolf In SGX Clothing. Bluehat IL","author":"Marschalek Marion","year":"2018","unstructured":"Marion Marschalek. 2018. The Wolf In SGX Clothing. Bluehat IL (Jan 2018) (2018)."},{"key":"e_1_3_2_1_60_1","unstructured":"Yerzhan Mazhkenov. 2019. SGX-SQLite. https:\/\/github.com\/yerzhan7\/SGX_SQLite.git."},{"key":"e_1_3_2_1_61_1","first-page":"279","article-title":"lmbench: Portable tools for performance analysis.. In USENIX annual technical conference","author":"McVoy W","year":"1996","unstructured":"Larry\u00a0W McVoy, Carl Staelin, 1996. lmbench: Portable tools for performance analysis.. In USENIX annual technical conference. San Diego, CA, USA, 279\u2013294.","journal-title":"San Diego, CA, USA"},{"key":"e_1_3_2_1_62_1","volume-title":"EnclaveDom: Privilege separation for large-TCB applications in trusted execution environments. arXiv preprint arXiv:1907.13245","author":"Melara S","year":"2019","unstructured":"Marcela\u00a0S Melara, Michael\u00a0J Freedman, and Mic Bowman. 2019. EnclaveDom: Privilege separation for large-TCB applications in trusted execution environments. arXiv preprint arXiv:1907.13245 (2019)."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/3386901.3388946"},{"key":"e_1_3_2_1_64_1","volume-title":"SoK: Machine Learning with Confidential Computing. arXiv preprint arXiv:2208.10134","author":"Mo Fan","year":"2022","unstructured":"Fan Mo, Zahra Tarkhani, and Hamed Haddadi. 2022. SoK: Machine Learning with Confidential Computing. arXiv preprint arXiv:2208.10134 (2022)."},{"key":"e_1_3_2_1_65_1","volume-title":"USENIX Security Symposium. ACM Berkeley, CA, 17\u201331","author":"Morris James","year":"2002","unstructured":"James Morris, Stephen Smalley, and Greg Kroah-Hartman. 2002. Linux security modules: General security support for the linux kernel. In USENIX Security Symposium. ACM Berkeley, CA, 17\u201331."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"crossref","unstructured":"Andrew\u00a0C Myers and Barbara Liskov. 1997. A decentralized model for information flow control. In SOSP Vol.\u00a097. Citeseer 129\u2013142.","DOI":"10.1145\/269005.266669"},{"key":"e_1_3_2_1_67_1","volume-title":"Jif: Java information flow. Software release. Located at http:\/\/www. cs. cornell. edu\/jif 2005","author":"Myers C","year":"2001","unstructured":"Andrew\u00a0C Myers, Lantian Zheng, Steve Zdancewic, Stephen Chong, and Nathaniel Nystrom. 2001. Jif: Java information flow. Software release. Located at http:\/\/www. cs. cornell. edu\/jif 2005 (2001)."},{"key":"e_1_3_2_1_68_1","volume-title":"25th USENIX Security Symposium (USENIX Security 16)","author":"Nadkarni Adwait","year":"2016","unstructured":"Adwait Nadkarni, Benjamin Andow, William Enck, and Somesh Jha. 2016. Practical { DIFC} Enforcement on Android. In 25th USENIX Security Symposium (USENIX Security 16). 1119\u20131136."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489252"},{"key":"e_1_3_2_1_70_1","volume-title":"USENIX Security symposium. 33\u201349","author":"Ning Zhenyu","year":"2017","unstructured":"Zhenyu Ning and Fengwei Zhang. 2017. Ninja: Towards Transparent Tracing and Debugging on ARM.. In USENIX Security symposium. 33\u201349."},{"key":"e_1_3_2_1_71_1","unstructured":"NXP. 2022. ASUG-i.MX Android Security User\u2019s Guide. https:\/\/www.nxp.com\/docs\/en\/user-guide\/IMX_ANDROID_SECURITY_USERS_GUIDE.pdf."},{"key":"e_1_3_2_1_72_1","volume-title":"Language Support for Secure Software Development with Enclaves. In IEEE Computer Security Foundations Symposium (CSF","author":"Oak Aditya","year":"2021","unstructured":"Aditya Oak, Amir\u00a0M Ahmadian, Musard Balliu, and Guido Salvaneschi. 2021. Language Support for Secure Software Development with Enclaves. In IEEE Computer Security Foundations Symposium (CSF 2021)."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA45697.2020.00069"},{"key":"e_1_3_2_1_74_1","volume-title":"libmpk: Software Abstraction for Intel Memory Protection Keys. arXiv preprint arXiv:1811.07276","author":"Park Soyeon","year":"2018","unstructured":"Soyeon Park, Sangho Lee, Wen Xu, Hyungon Moon, and Taesoo Kim. 2018. libmpk: Software Abstraction for Intel Memory Protection Keys. arXiv preprint arXiv:1811.07276 (2018)."},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"crossref","unstructured":"Donald\u00a0E Porter Silas Boyd-Wickizer Jon Howell Reuben Olinsky and Galen\u00a0C Hunt. 2011. Rethinking the library OS from the top down. In ACM SIGPLAN Notices Vol.\u00a046. ACM 291\u2013304.","DOI":"10.1145\/1961296.1950399"},{"key":"e_1_3_2_1_76_1","unstructured":"Christian Priebe Divya Muthukumaran Joshua Lind Huanzhou Zhu Shujie Cui Vasily\u00a0A. Sartakov and Peter Pietzuch. 2020. SGX-LKL: Securing the Host OS Interface for Trusted Execution. arxiv:1908.11143\u00a0[cs.OS]"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542484"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453930"},{"key":"e_1_3_2_1_79_1","volume-title":"Landlock LSM: toward unprivileged sandboxing. Linux Security Summit","author":"Sala\u00fcn Micka\u00ebl","year":"2017","unstructured":"Micka\u00ebl Sala\u00fcn. 2017. Landlock LSM: toward unprivileged sandboxing. Linux Security Summit (2017)."},{"key":"e_1_3_2_1_80_1","volume-title":"Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246","author":"Salem Ahmed","year":"2018","unstructured":"Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, and Michael Backes. 2018. Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246 (2018)."},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378462"},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/2654822.2541949"},{"key":"e_1_3_2_1_83_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Schrammel David","year":"2020","unstructured":"David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, and Daniel Gruss. 2020. Donky: Domain keys\u2013efficient in-process isolation for RISC-V and x86. In 29th USENIX Security Symposium (USENIX Security 20). 1677\u20131694."},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22038-9_9"},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-019-0042-y"},{"key":"e_1_3_2_1_86_1","volume-title":"White Paper","author":"AMD","year":"2020","unstructured":"AMD SEV-SNP. 2020. Strengthening VM isolation with integrity protection and more. White Paper, January (2020)."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378469"},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.41"},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1145\/2908080.2908113"},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-29615-4_16"},{"key":"e_1_3_2_1_91_1","volume-title":"Horizontal Privilege Escalation in Trusted Applications. In 29th USENIX Security Symposium (USENIX Security 20)","author":"Suciu Darius","year":"2020","unstructured":"Darius Suciu, Stephen McLaughlin, Laurent Simon, and Radu Sion. 2020. Horizontal Privilege Escalation in Trusted Applications. In 29th USENIX Security Symposium (USENIX Security 20)."},{"key":"e_1_3_2_1_92_1","volume-title":"Secure Programming with Dispersed Compartments. Ph.\u00a0D. Dissertation","author":"Tarkhani Zahra","unstructured":"Zahra Tarkhani. 2022. Secure Programming with Dispersed Compartments. Ph.\u00a0D. Dissertation. University of Cambridge."},{"key":"e_1_3_2_1_93_1","volume-title":"Enclave-aware compartmentalization and secure sharing with sirius. arXiv preprint arXiv:2009.01869","author":"Tarkhani Zahra","year":"2020","unstructured":"Zahra Tarkhani and Anil Madhavapeddy. 2020. Enclave-aware compartmentalization and secure sharing with sirius. arXiv preprint arXiv:2009.01869 (2020)."},{"key":"e_1_3_2_1_94_1","volume-title":"uTiles: Efficient Intra-Process Privilege Enforcement of Memory Regions. arXiv preprint arXiv:2004.04846","author":"Tarkhani Zahra","year":"2020","unstructured":"Zahra Tarkhani and Anil Madhavapeddy. 2020. uTiles: Efficient Intra-Process Privilege Enforcement of Memory Regions. arXiv preprint arXiv:2004.04846 (2020)."},{"key":"e_1_3_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.1145\/3301418.3313945"},{"key":"e_1_3_2_1_96_1","volume-title":"Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17)","author":"Tsai Chia-Che","year":"2017","unstructured":"Chia-Che Tsai, Donald\u00a0E Porter, and Mona Vij. 2017. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). 645\u2013658."},{"key":"e_1_3_2_1_97_1","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Tsai Chia-Che","year":"2020","unstructured":"Chia-Che Tsai, Jeongseok Son, Bhushan Jain, John McAvey, Raluca\u00a0Ada Popa, and Donald\u00a0E Porter. 2020. Civet: An efficient java partitioning framework for hardware enclaves. In 29th USENIX Security Symposium (USENIX Security 20). 505\u2013522."},{"key":"e_1_3_2_1_98_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Vahldiek-Oberwagner Anjo","year":"2019","unstructured":"Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno\u00a0O Duarte, Michael Sammler, Peter Druschel, and Deepak Garg. 2019. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). In 28th USENIX Security Symposium (USENIX Security 19). 1221\u20131238."},{"key":"e_1_3_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363206"},{"key":"e_1_3_2_1_100_1","volume-title":"Confidential Deep Learning: Executing Proprietary Models on Untrusted Devices. arXiv preprint arXiv:1908.10730","author":"VanNostrand M","year":"2019","unstructured":"Peter\u00a0M VanNostrand, Ioannis Kyriazis, Michelle Cheng, Tian Guo, and Robert\u00a0J Walls. 2019. Confidential Deep Learning: Executing Proprietary Models on Untrusted Devices. arXiv preprint arXiv:1908.10730 (2019)."},{"key":"e_1_3_2_1_101_1","doi-asserted-by":"publisher","DOI":"10.1145\/3290389"},{"key":"e_1_3_2_1_102_1","doi-asserted-by":"publisher","DOI":"10.1145\/3492321.3519553"},{"key":"e_1_3_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1145\/2093548.2093572"},{"key":"e_1_3_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.9"},{"key":"e_1_3_2_1_105_1","unstructured":"Jinpeng Wei and Calton Pu. 2005. TOCTTOU Vulnerabilities in UNIX-Style File Systems: An Anatomical Study.. In FAST Vol.\u00a05. 12\u201312."},{"key":"e_1_3_2_1_106_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"e_1_3_2_1_107_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"},{"key":"e_1_3_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267308.1267327"},{"key":"e_1_3_2_1_109_1","unstructured":"Nickolai Zeldovich Silas Boyd-Wickizer and David Mazieres. 2008. Securing Distributed Systems with Information Flow Control.. In NSDI Vol.\u00a08. 293\u2013308."},{"key":"e_1_3_2_1_110_1","unstructured":"Fan Zhang. 2019. SGX-mbedtls. https:\/\/github.com\/bl4ck5un\/mbedtls-SGX."}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Hong Kong China","acronym":"RAID 2023"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607235","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607235","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:35Z","timestamp":1750178255000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607235"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":109,"alternative-id":["10.1145\/3607199.3607235","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607235","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}