{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,7]],"date-time":"2026-01-07T23:53:39Z","timestamp":1767830019255,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":97,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,3,30]],"date-time":"2025-03-30T00:00:00Z","timestamp":1743292800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-sa\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100006374","name":"Air Force Office of Scientific Research","doi-asserted-by":"publisher","award":["FA9550-24-1-0204"],"award-info":[{"award-number":["FA9550-24-1-0204"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100006374","name":"National Research Foundation Singapore","doi-asserted-by":"publisher","award":["Industry Alignment Fund ? Pre-positioning (IAF-PP) Funding Initiative"],"award-info":[{"award-number":["Industry Alignment Fund ? Pre-positioning (IAF-PP) Funding Initiative"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,3,30]]},"DOI":"10.1145\/3689031.3717464","type":"proceedings-article","created":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T06:25:20Z","timestamp":1742970320000},"page":"1210-1228","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Erebor: A Drop-In Sandbox Solution for Private Data Processing in Untrusted Confidential Virtual Machines"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-3550-696X","authenticated-orcid":false,"given":"Chuqi","family":"Zhang","sequence":"first","affiliation":[{"name":"National University of Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-2116-4954","authenticated-orcid":false,"given":"Rahul","family":"Priolkar","sequence":"additional","affiliation":[{"name":"Arizona State University"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-7833-5208","authenticated-orcid":false,"given":"Yuancheng","family":"Jiang","sequence":"additional","affiliation":[{"name":"National University of Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-7249-277X","authenticated-orcid":false,"given":"Yuan","family":"Xiao","sequence":"additional","affiliation":[{"name":"ShanghaiTech University and Intel Labs"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5309-0391","authenticated-orcid":false,"given":"Mona","family":"Vij","sequence":"additional","affiliation":[{"name":"Intel Labs"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7138-5030","authenticated-orcid":false,"given":"Zhenkai","family":"Liang","sequence":"additional","affiliation":[{"name":"National University of Singapore"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4097-3205","authenticated-orcid":false,"given":"Adil","family":"Ahmad","sequence":"additional","affiliation":[{"name":"Arizona State University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,3,30]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"The apache software foundation \"ab - apache http server benchmark tool\". https:\/\/httpd.apache.org\/docs\/2.4\/programs\/ab.html."},{"key":"e_1_3_2_1_2_1","unstructured":"Branch Target Identification. https:\/\/developer.arm.com\/documentation\/109576\/0100\/Branch-Target-Identification."},{"key":"e_1_3_2_1_3_1","unstructured":"Cambridge analytica and facebook: The scandal and the fallout so far. https:\/\/www.nytimes.com\/2018\/04\/04\/us\/politics\/cambridge-analytica-scandal-fallout.html."},{"key":"e_1_3_2_1_4_1","unstructured":"COCONUT-SVSM on KVM: Progress Plans and Challenges. https:\/\/kvm-forum.qemu.org\/2024\/COCONUT-SVSM_on_KVM__Progress_Plans_and_Chal_KUUSUF7.pdf."},{"key":"e_1_3_2_1_5_1","unstructured":"Confidential compute architecture. https:\/\/www.arm.com\/architecture\/security-features\/arm-confidential-compute-architecture."},{"key":"e_1_3_2_1_6_1","unstructured":"Confidential VMs on Azure. https:\/\/techcommunity.microsoft.com\/t5\/windows-os-platform-blog\/confidential-vms-on-azure\/ba-p\/3836282."},{"key":"e_1_3_2_1_7_1","unstructured":"Control Flow Enforcement Technology (CET). https:\/\/www.intel.com\/content\/dam\/develop\/external\/us\/en\/documents\/catc17-introduction-intel-cet-844137.pdf."},{"key":"e_1_3_2_1_8_1","unstructured":"Control-flow Enforcement Technology (CET) Shadow Stack. https:\/\/docs.kernel.org\/next\/x86\/shstk.html."},{"key":"e_1_3_2_1_9_1","unstructured":"Datadog: Cloud Monitoring as a Service. https:\/\/www.datadoghq.com\/."},{"key":"e_1_3_2_1_10_1","unstructured":"Datavant | the leader in data logistics for healthcare. https:\/\/www.datavant.com\/."},{"key":"e_1_3_2_1_11_1","unstructured":"General data protection regulation. https:\/\/gdpr-info.eu\/."},{"key":"e_1_3_2_1_12_1","unstructured":"Google AI---making AI helpful for everyone. https:\/\/ai.google\/."},{"key":"e_1_3_2_1_13_1","unstructured":"Guest-host-communication interface (ghci) for intel\u00ae trust domain extensions (intel\u00ae tdx). https:\/\/www.intel.com\/content\/www\/us\/en\/content-details\/726790\/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html."},{"key":"e_1_3_2_1_14_1","unstructured":"Hardened usercopy. https:\/\/lwn.net\/Articles\/695991\/."},{"key":"e_1_3_2_1_15_1","unstructured":"Health insurance portability and accountability act of 1996 (hipaa). https:\/\/www.cdc.gov\/phlp\/php\/resources\/health-insurance-portability-and-accountability-act-of-1996-hipaa.html."},{"key":"e_1_3_2_1_16_1","unstructured":"How Azure is ensuring the future of GPUs is confidential. https:\/\/azure.microsoft.com\/en-us\/blog\/how-azure-is-ensuring-the-future-of-gpus-is-confidential\/."},{"key":"e_1_3_2_1_17_1","unstructured":"Intel trust domain extensions (tdx) security review. https:\/\/services.google.com\/fh\/files\/misc\/intel_tdx-_full_report_041423.pdf."},{"key":"e_1_3_2_1_18_1","unstructured":"Intel trusted domain extensions. https:\/\/software.intel.com\/content\/dam\/develop\/external\/us\/en\/documents\/tdx-whitepaper-final9-17.pdf."},{"key":"e_1_3_2_1_19_1","unstructured":"Intel\u00ae tdx connect architecture specification. https:\/\/cdrdv2-public.intel.com\/773614\/intel-tdx-connect-architecture-specification.pdf."},{"key":"e_1_3_2_1_20_1","unstructured":"Kernel self-protection. https:\/\/www.kernel.org\/doc\/html\/v5.0\/security\/self-protection.html."},{"key":"e_1_3_2_1_21_1","unstructured":"KVM: PKS Virtualization support. https:\/\/lwn.net\/Articles\/892541\/."},{"key":"e_1_3_2_1_22_1","unstructured":"Linux svsm (secure vm service module) for secure x86 virtualization in rust. https:\/\/github.com\/AMDESE\/linux-svsm."},{"key":"e_1_3_2_1_23_1","unstructured":"Llama.cpp tutorial: A complete guide to efficient llm inference and implementation. https:\/\/www.datacamp.com\/tutorial\/llama-cpp-tutorial."},{"key":"e_1_3_2_1_24_1","unstructured":"Memory protection keys for the kernel. https:\/\/lwn.net\/Articles\/826554\/."},{"key":"e_1_3_2_1_25_1","unstructured":"Meta llama. https:\/\/ai.meta.com\/research\/publications\/llama-2-open-foundation-and-fine-tuned-chat-models\/."},{"key":"e_1_3_2_1_26_1","unstructured":"OCR With Google AI. https:\/\/cloud.google.com\/use-cases\/ocr."},{"key":"e_1_3_2_1_27_1","unstructured":"Open virtual machine firmware (ovmf) status report. https:\/\/www.linux-kvm.org\/downloads\/lersek\/ovmf-whitepaper-c770f8c.txt."},{"key":"e_1_3_2_1_28_1","unstructured":"OpenHCL: Evolving Azure's virtualization model. https:\/\/lpc.events\/event\/18\/contributions\/1862\/."},{"key":"e_1_3_2_1_29_1","unstructured":"Paravirtualization (pv). https:\/\/wiki.xenproject.org\/wiki\/Paravirtualization_(PV)."},{"key":"e_1_3_2_1_30_1","unstructured":"Permission indirection and permission overlay extensions. https:\/\/developer.arm.com\/documentation\/102376\/0200\/Permission-indirection-and-permission-overlay-extensions."},{"key":"e_1_3_2_1_31_1","unstructured":"petewarden\/c_hashmap."},{"key":"e_1_3_2_1_32_1","unstructured":"Run LLMs on CPU with Amazon SageMaker Real-time Inference. https:\/\/community.aws\/content\/2eazHYzSfcY9flCGKsuGjpwqq1B\/run-llms-on-cpu-with-amazon-sagemaker-real-time-inference."},{"key":"e_1_3_2_1_33_1","unstructured":"Shadow stacks for 64-bit arm systems. https:\/\/lwn.net\/SubscriberLink\/940403\/c4561635ec6d8881\/."},{"key":"e_1_3_2_1_34_1","unstructured":"tdx.c. https:\/\/elixir.bootlin.com\/linux\/v6.6\/source\/arch\/x86\/coco\/tdx\/tdx.c#L614."},{"key":"e_1_3_2_1_35_1","unstructured":"User Interrupts - A faster way to signal. https:\/\/lpc.events\/event\/11\/contributions\/985\/attachments\/756\/1417\/User_Jnterrupts_LPC_2021.pdf."},{"key":"e_1_3_2_1_36_1","unstructured":"What is image segmentation? https:\/\/www.ibm.com\/topics\/image-segmentation."},{"key":"e_1_3_2_1_37_1","unstructured":"Windows 11 Security Book: Powerful security by design. https:\/\/www.microsoft.com\/content\/dam\/microsoft\/final\/en-us\/microsoft-brand\/documents\/MSFT-Windows11-Security-book_Sept2023.pdf."},{"key":"e_1_3_2_1_38_1","unstructured":"Yolov5. https:\/\/pytorch.org\/hub\/ultralytics_yolov5\/."},{"key":"e_1_3_2_1_39_1","volume-title":"https:\/\/github.com\/01org\/linux-sgx","year":"2016","unstructured":"01org. Intel(r) software guard extensions for linux* os (source code). https:\/\/github.com\/01org\/linux-sgx, 2016."},{"key":"e_1_3_2_1_40_1","volume-title":"Byoungyoung Lee. Obfuscuro: A Commodity Obfuscation Engine for Intel SGX. In Proceedings of the 2019 Annual Network and Distributed System Security Symposium (NDSS)","author":"Ahmad Adil","year":"2019","unstructured":"Adil Ahmad, Byunggill Joe, Yuan Xiao, Yinqian Zhang, Insik Shin, and Byoungyoung Lee. Obfuscuro: A Commodity Obfuscation Engine for Intel SGX. In Proceedings of the 2019 Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2019."},{"key":"e_1_3_2_1_41_1","volume-title":"Byoungyoung Lee. Chancel: Efficient Multi-client Isolation Under Adversarial Programs. In Proceedings of the 2021 Annual Network and Distributed System Security Symposium (NDSS)","author":"Ahmad Adil","year":"2021","unstructured":"Adil Ahmad, Juhee Kim, Jaebaek Seo, Insik Shin, Pedro Fonseca, and Byoungyoung Lee. Chancel: Efficient Multi-client Isolation Under Adversarial Programs. In Proceedings of the 2021 Annual Network and Distributed System Security Symposium (NDSS), 2021."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2018.23284"},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems","volume":"4","author":"Ahmad Adil","year":"2024","unstructured":"Adil Ahmad, Botong Ou, Congyu Liu, Xiaokuan Zhang, and Pedro Fonseca. Veil: A protected services framework for confidential virtual machines. In Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 4, 2024."},{"key":"e_1_3_2_1_44_1","unstructured":"AMD. AMD SEV-SNP: Strengthening SEV with Integrity Protections and More. https:\/\/www.amd.com\/system\/files\/TechDocs\/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23009"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.5555\/2685048.2685070"},{"key":"e_1_3_2_1_47_1","first-page":"9","author":"Cerruto Francesca","year":"2022","unstructured":"Francesca Cerruto, Stefano Cirillo, Domenico Desiato, Simone Michele Gambardella, and Giuseppe Polese. Social network data analysis to highlight privacy threats in sharing data. Journal of Big Data, 9, 2022.","journal-title":"Journal of Big Data"},{"key":"e_1_3_2_1_48_1","volume-title":"Srinivas Devadas. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In Proceedings of the 25th USENIX Security Symposium (Security)","author":"Costan Victor","year":"2016","unstructured":"Victor Costan, Ilia A Lebedev, and Srinivas Devadas. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In Proceedings of the 25th USENIX Security Symposium (Security), 2016."},{"key":"e_1_3_2_1_49_1","volume-title":"ACM SIGARCH Computer Architecture News","author":"Criswell John","year":"2014","unstructured":"John Criswell, Nathan Dautenhahn, and Vikram Adve. Virtual ghost: Protecting applications from Hostile Operating Systems. ACM SIGARCH Computer Architecture News, 2014."},{"key":"e_1_3_2_1_50_1","volume-title":"Vikram Adve. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP)","author":"Criswell John","year":"2007","unstructured":"John Criswell, Andrew Lenharth, Dinakar Dhurjati, and Vikram Adve. Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems. In Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP), Stevenson, WA, October 2007."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2694344.2694386"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3560592"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/3471621.3471849"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3339809"},{"key":"e_1_3_2_1_56_1","volume-title":"Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment -","volume":"9721","author":"Gruss Daniel","year":"2016","unstructured":"Daniel Gruss, Cl\u00e9mentine Maurice, Klaus Wagner, and Stefan Mangard. Flush+flush: A fast and stealthy cache attack. In Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Volume 9721, 2016."},{"key":"e_1_3_2_1_57_1","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Gruss Daniel","year":"2015","unstructured":"Daniel Gruss, Raphael Spreitzer, and Stefan Mangard. Cache template attacks: Automating attacks on inclusive Last-Level caches. In 24th USENIX Security Symposium (USENIX Security 15), 2015."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24046"},{"key":"e_1_3_2_1_59_1","volume-title":"Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Hof Alexander Van't","year":"2022","unstructured":"Alexander Van't Hof and Jason Nieh. BlackBox: A Container Security Monitor for Protecting Containers on Untrusted Operating Systems. In Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Carlsbad, CA, July 2022."},{"key":"e_1_3_2_1_60_1","volume-title":"Emmett Witchel. Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Hunt Tyler","year":"2016","unstructured":"Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel. Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), Savannah, GA, November 2016."},{"key":"e_1_3_2_1_61_1","volume-title":"AMD x86 memory encryption technologies","author":"Kaplan David","year":"2016","unstructured":"David Kaplan. AMD x86 memory encryption technologies. Austin, TX, August 2016. USENIX Association."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00002"},{"key":"e_1_3_2_1_63_1","volume-title":"Mona Vij. Gramine-TDX: A Lightweight OS Kernel for Confidential VMs. In Proceedings of the ACM conference on Computer and Communications Security (CCS)","author":"Kuvaiskii Dmitrii","year":"2024","unstructured":"Dmitrii Kuvaiskii, Dimitrios Stavrakakis, Kailun Qin, Cedric Xing, Pramod Bhatotia, and Mona Vij. Gramine-TDX: A Lightweight OS Kernel for Confidential VMs. In Proceedings of the ACM conference on Computer and Communications Security (CCS), 2024."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-15255-9_4"},{"key":"e_1_3_2_1_65_1","volume-title":"10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12)","author":"Kyrola Aapo","year":"2012","unstructured":"Aapo Kyrola, Guy Blelloch, and Carlos Guestrin. GraphChi: LargeScale graph computation on just a PC. In 10th USENIX Symposium on Operating Systems Design and Implementation (OSDI 12), 2012."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489240"},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.5555\/3241189.3241233"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA52012.2021.00032"},{"key":"e_1_3_2_1_69_1","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security 18), 2018."},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1145\/3627106.3627113"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_3_2_1_72_1","volume-title":"USENIX 1996 Annual Technical Conference (USENIX ATC 96)","author":"McVoy Larry","year":"1996","unstructured":"Larry McVoy and Carl Staelin. lmbench: Portable tools for performance analysis. In USENIX 1996 Annual Technical Conference (USENIX ATC 96), 1996."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00057"},{"key":"e_1_3_2_1_74_1","volume-title":"2018 USENIX Annual Technical Conference (USENIX ATC 18)","author":"Oleksenko Oleksii","year":"2018","unstructured":"Oleksii Oleksenko, Bohdan Trach, Robert Krahn, Mark Silberstein, and Christof Fetzer. Varys: Protecting SGX enclaves from practical Side-Channel attacks. In 2018 USENIX Annual Technical Conference (USENIX ATC 18), 2018."},{"key":"e_1_3_2_1_75_1","volume-title":"Binoy Ravindran. The Case for Intra-Unikernel Isolation. In The 10th Workshop on Systems for Post-Moore Architectures","author":"Olivier Pierre","year":"2020","unstructured":"Pierre Olivier, Antonio Barbalace, and Binoy Ravindran. The Case for Intra-Unikernel Isolation. In The 10th Workshop on Systems for Post-Moore Architectures, 2020."},{"key":"e_1_3_2_1_76_1","volume-title":"Mark Silberstein. Autarky: Closing Controlled Channels with Self-Paging Enclaves. In Proceedings of the 15th European Conference on Computer Systems (EuroSys)","author":"Orenbach Meni","year":"2020","unstructured":"Meni Orenbach, Andrew Baumann, and Mark Silberstein. Autarky: Closing Controlled Channels with Self-Paging Enclaves. In Proceedings of the 15th European Conference on Computer Systems (EuroSys), 2020."},{"key":"e_1_3_2_1_77_1","volume-title":"Proceedings of the 24th USENIX Security Symposium (Security)","author":"Rane Ashay","year":"2015","unstructured":"Ashay Rane, Calvin Lin, and Mohit Tiwari. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In Proceedings of the 24th USENIX Security Symposium (Security), Washington, DC, August 2015."},{"key":"e_1_3_2_1_78_1","volume-title":"Andrin Bertschi, and Shweta Shinde. Heckler: Breaking confidential vms with malicious interrupts. CoRR, abs\/2404.03387","author":"Schl\u00fcter Benedict","year":"2024","unstructured":"Benedict Schl\u00fcter, Supraja Sridhara Mark Kuhne, Andrin Bertschi, and Shweta Shinde. Heckler: Breaking confidential vms with malicious interrupts. CoRR, abs\/2404.03387, 2024."},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00262"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/3337167.3337175"},{"key":"e_1_3_2_1_81_1","volume-title":"Proceedings of the 25th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS)","author":"Shen Youren","year":"2020","unstructured":"Youren Shen, Hongliang Tian, Yu Chen, Kang Chen, Runji Wang, Yi Xu, Yubin Xia, and Shoumeng Yan. Occlum: Secure and Efficient Multitasking Inside a Single Enclave of Intel SGX. In Proceedings of the 25th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2020."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690247"},{"key":"e_1_3_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1145\/3381052.3381326"},{"key":"e_1_3_2_1_84_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945466"},{"key":"e_1_3_2_1_85_1","volume-title":"Donald E Porter. Cooperation and Security Isolation of Library OSes for Multi-Process Applications. In Proceedings of the 9th European Conference on Computer Systems (EuroSys)","author":"Tsai Chia-Che","year":"2014","unstructured":"Chia-Che Tsai, Kumar Saurabh Arora, Nehal Bandi, Bhushan Jain, William Jannen, Jitin John, Harry A Kalodner, Vrushali Kulkarni, Daniela Oliveira, and Donald E Porter. Cooperation and Security Isolation of Library OSes for Multi-Process Applications. In Proceedings of the 9th European Conference on Computer Systems (EuroSys), Amsterdam, The Netherlands, April 2014."},{"key":"e_1_3_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1145\/2901318.2901341"},{"key":"e_1_3_2_1_87_1","volume-title":"Mona Vij. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In Proceedings of the 2017 USENIX Annual Technical Conference (ATC)","author":"Tsai Chia-Che","year":"2017","unstructured":"Chia-Che Tsai, Donald E Porter, and Mona Vij. Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX. In Proceedings of the 2017 USENIX Annual Technical Conference (ATC), Santa Clara, CA, June 2017."},{"key":"e_1_3_2_1_88_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Vahldiek-Oberwagner Anjo","year":"2019","unstructured":"Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, and Deepak Garg. ERIM: Secure, efficient in-process isolation with protection keys (MPK). In 28th USENIX Security Symposium (USENIX Security 19), 2019."},{"key":"e_1_3_2_1_89_1","volume-title":"The road to trust: Building enclaves within confidential vms","author":"Wang Wenhao","year":"2024","unstructured":"Wenhao Wang, Linke Song, Benshan Mei, Shuang Liu, Shijun Zhao, Shoumeng Yan, XiaoFeng Wang, Dan Meng, and Rui Hou. The road to trust: Building enclaves within confidential vms, 2024."},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00261"},{"key":"e_1_3_2_1_91_1","doi-asserted-by":"crossref","unstructured":"David S Wishart Craig Knox An Chi Guo Savita Shrivastava Murtaza Hassanali Paul Stothard Zhan Chang and Jennifer Woolsey. Drugbank: A comprehensive resource for in silico drug discovery and exploration. Nucleic acids research 34(suppl 1):D668-D672 2006.","DOI":"10.1093\/nar\/gkj067"},{"key":"e_1_3_2_1_92_1","doi-asserted-by":"publisher","DOI":"10.1145\/3548606.3559344"},{"key":"e_1_3_2_1_93_1","volume-title":"Proceedings of the 30th IEEE Symposium on Security and Privacy (Oakland)","author":"Yee Bennet","year":"2009","unstructured":"Bennet Yee, David Sehr, Gregory Dardyk, J Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. Native client: A sandbox for portable, untrusted x86 native code. In Proceedings of the 30th IEEE Symposium on Security and Privacy (Oakland), Oakland, CA, May 2009."},{"key":"e_1_3_2_1_94_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.25"},{"key":"e_1_3_2_1_95_1","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3690188"},{"key":"e_1_3_2_1_96_1","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Zhao Shixuan","year":"2023","unstructured":"Shixuan Zhao, Pinshen Xu, Guoxing Chen, Mengya Zhang, Yinqian Zhang, and Zhiqiang Lin. Reusable enclaves for confidential serverless computing. In 32nd USENIX Security Symposium (USENIX Security 23), 2023."},{"key":"e_1_3_2_1_97_1","volume-title":"18th USENIX Symposium on Operating Systems Design and Implementation (OSDI 24)","author":"Zhou Ziqiao","year":"2024","unstructured":"Ziqiao Zhou, Anjali, Weiteng Chen, Sishuai Gong, Chris Hawblitzel, and Weidong Cui. VeriSMo: A verified security module for confidential VMs. In 18th USENIX Symposium on Operating Systems Design and Implementation (OSDI 24), 2024."}],"event":{"name":"EuroSys '25: Twentieth European Conference on Computer Systems","location":"Rotterdam Netherlands","acronym":"EuroSys '25","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the Twentieth European Conference on Computer Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689031.3717464","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3689031.3717464","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,21]],"date-time":"2025-08-21T11:19:33Z","timestamp":1755775173000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3689031.3717464"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,30]]},"references-count":97,"alternative-id":["10.1145\/3689031.3717464","10.1145\/3689031"],"URL":"https:\/\/doi.org\/10.1145\/3689031.3717464","relation":{},"subject":[],"published":{"date-parts":[[2025,3,30]]},"assertion":[{"value":"2025-03-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}