{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,12]],"date-time":"2025-07-12T01:06:46Z","timestamp":1752282406015,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":64,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,4,17]],"date-time":"2015-04-17T00:00:00Z","timestamp":1429228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Research Council","award":["307732"],"award-info":[{"award-number":["307732"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,4,17]]},"DOI":"10.1145\/2741948.2741958","type":"proceedings-article","created":{"date-parts":[[2015,4,13]],"date-time":"2015-04-13T12:40:32Z","timestamp":1428928832000},"page":"1-16","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":19,"title":["Guardat"],"prefix":"10.1145","author":[{"given":"Anjo","family":"Vahldiek-Oberwagner","sequence":"first","affiliation":[{"name":"MPI-SWS"}]},{"given":"Eslam","family":"Elnikety","sequence":"additional","affiliation":[{"name":"MPI-SWS"}]},{"given":"Aastha","family":"Mehta","sequence":"additional","affiliation":[{"name":"MPI-SWS"}]},{"given":"Deepak","family":"Garg","sequence":"additional","affiliation":[{"name":"MPI-SWS"}]},{"given":"Peter","family":"Druschel","sequence":"additional","affiliation":[{"name":"MPI-SWS"}]},{"given":"Rodrigo","family":"Rodrigues","sequence":"additional","affiliation":[{"name":"NOVA LINCS\/Nova University of Lisbon"}]},{"given":"Johannes","family":"Gehrke","sequence":"additional","affiliation":[{"name":"Cornell and Microsoft"}]},{"given":"Ansley","family":"Post","sequence":"additional","affiliation":[{"name":"Google"}]}],"member":"320","published-online":{"date-parts":[[2015,4,17]]},"reference":[{"key":"e_1_3_2_2_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1288783.1288788"},{"key":"e_1_3_2_2_2_1","volume-title":"Proc. of the 2nd USENIX FAST","author":"Aguilera M. K.","year":"2003","unstructured":"Aguilera , M. K. , Ji , M. , Lillibridge , M. , MacCormick , J. , Oertli , E. , Andersen , D. G. , Burrows , M. , Mann , T. , and Thekkath , C . Block-level security for network-attached disks . In Proc. of the 2nd USENIX FAST ( 2003 ). Aguilera, M. K., Ji, M., Lillibridge, M., MacCormick, J., Oertli, E., Andersen, D. G., Burrows, M., Mann, T., and Thekkath, C. Block-level security for network-attached disks. In Proc. of the 2nd USENIX FAST (2003)."},{"key":"e_1_3_2_2_3_1","unstructured":"Amazon simple storage service (S3). http:\/\/aws.amazon.com\/s3\/.  Amazon simple storage service (S3). http:\/\/aws.amazon.com\/s3\/."},{"key":"e_1_3_2_2_4_1","unstructured":"Apple Inc. Fusion Drive. https:\/\/support.apple.com\/en-us\/HT202574.  Apple Inc. Fusion Drive. https:\/\/support.apple.com\/en-us\/HT202574."},{"key":"e_1_3_2_2_5_1","volume-title":"ARM Technical White Paper","author":"ARM.","year":"2009","unstructured":"ARM. ARM Security Technology. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.prd29-genc-009492c\/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf , ARM Technical White Paper , 2009 . ARM. ARM Security Technology. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.prd29-genc-009492c\/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf, ARM Technical White Paper, 2009."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2007.18"},{"key":"e_1_3_2_2_7_1","volume-title":"The Keynote trust-management system version 2. See http:\/\/www.ietf.org\/rfc\/rfc2704.txt","author":"Blaze M.","year":"1999","unstructured":"Blaze , M. , Fiegenbaum , J. , and Ioannidis , J . The Keynote trust-management system version 2. See http:\/\/www.ietf.org\/rfc\/rfc2704.txt , 1999 . Blaze, M., Fiegenbaum, J., and Ioannidis, J. The Keynote trust-management system version 2. See http:\/\/www.ietf.org\/rfc\/rfc2704.txt, 1999."},{"key":"e_1_3_2_2_8_1","volume-title":"https:\/\/btrfs.wiki.kernel.org\/index.php\/Main_Page","author":"Btrfs","year":"2014","unstructured":"Btrfs . Btrfs. https:\/\/btrfs.wiki.kernel.org\/index.php\/Main_Page , 2014 . Btrfs. Btrfs. https:\/\/btrfs.wiki.kernel.org\/index.php\/Main_Page, 2014."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2010.90"},{"key":"e_1_3_2_2_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455821"},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1920261.1920296"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"crossref","unstructured":"Cooper D. Santesson S. Farrell S. Boeyen S. Housley R. and Polk W. Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280. http:\/\/www.ietf.org\/rfc\/rfc5280.txt 2008.  Cooper D. Santesson S. Farrell S. Boeyen S. Housley R. and Polk W. Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280. http:\/\/www.ietf.org\/rfc\/rfc5280.txt 2008.","DOI":"10.17487\/rfc5280"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"publisher","DOI":"10.5555\/829514.830540"},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.5555\/1306871.1306901"},{"key":"e_1_3_2_2_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2385603.2385608"},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.28"},{"key":"e_1_3_2_2_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/291069.291029"},{"key":"e_1_3_2_2_19_1","volume-title":"Proc. of the 8th USENIX OSDI","author":"Gunawi H. S.","year":"2008","unstructured":"Gunawi , H. S. , Rajimwale , A. , Arpaci-Dusseau , A. C. , and Arpaci-Dusseau , R. H . Sqck: A declarative file system checker . In Proc. of the 8th USENIX OSDI ( 2008 ). Gunawi, H. S., Rajimwale, A., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Sqck: A declarative file system checker. In Proc. of the 8th USENIX OSDI (2008)."},{"key":"e_1_3_2_2_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2008.8"},{"key":"e_1_3_2_2_21_1","volume-title":"Proc. of the 3rd USENIX Virtual Machine Research And Technology Symposium","author":"Haldar V.","year":"2004","unstructured":"Haldar , V. , Chandra , D. , and Franz , M . Semantic remote attestation: A virtual machine directed approach to trusted computing . In Proc. of the 3rd USENIX Virtual Machine Research And Technology Symposium ( 2004 ). Haldar, V., Chandra, D., and Franz, M. Semantic remote attestation: A virtual machine directed approach to trusted computing. In Proc. of the 3rd USENIX Virtual Machine Research And Technology Symposium (2004)."},{"key":"e_1_3_2_2_23_1","volume-title":"Proc. of the USENIX Winter Technical Conference","author":"Hitz D.","year":"1994","unstructured":"Hitz , D. , Lau , J. , and Malcolm , M . File system design for an NFS file server appliance . In Proc. of the USENIX Winter Technical Conference ( 1994 ). Hitz, D., Lau, J., and Malcolm, M. File system design for an NFS file server appliance. In Proc. of the USENIX Winter Technical Conference (1994)."},{"key":"e_1_3_2_2_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2451116.2451146"},{"key":"e_1_3_2_2_25_1","unstructured":"Intel Corp. AESNI library. http:\/\/software.intel.com\/en-us\/articles\/download-the-intel-aesni-sample-library 2011.  Intel Corp. AESNI library. http:\/\/software.intel.com\/en-us\/articles\/download-the-intel-aesni-sample-library 2011."},{"key":"e_1_3_2_2_26_1","volume-title":"http:\/\/download.intel.com\/embedded\/processor\/whitepaper\/327457.pdf","author":"Intel Corp. Fast SHA256.","year":"2012","unstructured":"Intel Corp. Fast SHA256. http:\/\/download.intel.com\/embedded\/processor\/whitepaper\/327457.pdf , 2012 . Intel Corp. Fast SHA256. http:\/\/download.intel.com\/embedded\/processor\/whitepaper\/327457.pdf, 2012."},{"key":"e_1_3_2_2_27_1","unstructured":"Intel Corp. Software Guard Extension Programming Reference. http:\/\/software.intel.com\/sites\/default\/files\/329298-001.pdf 2012.  Intel Corp. Software Guard Extension Programming Reference. http:\/\/software.intel.com\/sites\/default\/files\/329298-001.pdf 2012."},{"key":"e_1_3_2_2_28_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884431"},{"key":"e_1_3_2_2_29_1","volume-title":"Proc. of the 10th USENIX OSDI","author":"Kotla R.","year":"2012","unstructured":"Kotla , R. , Rodeheffer , T. , Roy , I. , Stuedi , P. , and Wester , B . Pasture: Secure offline data access using commodity trusted hardware . In Proc. of the 10th USENIX OSDI ( 2012 ). Kotla, R., Rodeheffer, T., Roy, I., Stuedi, P., and Wester, B. Pasture: Secure offline data access using commodity trusted hardware. In Proc. of the 10th USENIX OSDI (2012)."},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294293"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.5555\/645773.667961"},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095818"},{"key":"e_1_3_2_2_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043563"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2003.1222722"},{"key":"e_1_3_2_2_36_1","unstructured":"OASIS. eXtensible Access Control Markup Language (XACML). Online at http:\/\/www.oasis-open.org\/committees\/xacml.  OASIS. eXtensible Access Control Markup Language (XACML). Online at http:\/\/www.oasis-open.org\/committees\/xacml."},{"key":"e_1_3_2_2_37_1","unstructured":"OCZ Technology Inc. Deneva 2 data sheet. http:\/\/ocz.com\/enterprise\/download\/product-briefs\/deneva2_cs_slc_product_brief.pdf 2011.  OCZ Technology Inc. Deneva 2 data sheet. http:\/\/ocz.com\/enterprise\/download\/product-briefs\/deneva2_cs_slc_product_brief.pdf 2011."},{"key":"e_1_3_2_2_38_1","volume-title":"http:\/\/www.openssl.org\/docs\/crypto\/crypto.html","author":"Open SSL","year":"2012","unstructured":"Open SSL Cryptographic library. http:\/\/www.openssl.org\/docs\/crypto\/crypto.html , 2012 . OpenSSL Cryptographic library. http:\/\/www.openssl.org\/docs\/crypto\/crypto.html, 2012."},{"key":"e_1_3_2_2_39_1","unstructured":"Oracle Corporation. Solaris ZFS. http:\/\/www.oracle.com\/us\/products\/servers-storage\/storage\/storage-software\/031857.htm.  Oracle Corporation. Solaris ZFS. http:\/\/www.oracle.com\/us\/products\/servers-storage\/storage\/storage-software\/031857.htm."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.32"},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1880022.1880024"},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/11737414_10"},{"key":"e_1_3_2_2_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.928624"},{"key":"e_1_3_2_2_44_1","unstructured":"Samsung. 830 SSD data sheet. http:\/\/www.samsung.com\/us\/system\/consumer\/product\/mz\/7p\/c1\/mz7pc128nam\/830.pdf 2011.  Samsung. 830 SSD data sheet. http:\/\/www.samsung.com\/us\/system\/consumer\/product\/mz\/7p\/c1\/mz7pc128nam\/830.pdf 2011."},{"key":"e_1_3_2_2_45_1","volume-title":"Proc. of the 21st USENIX Security Symposium","author":"Santos N.","year":"2012","unstructured":"Santos , N. , Rodrigues , R. , Gummadi , K. P. , and Saroiu , S . Policy-sealed data: A new abstraction for building trusted cloud services . In Proc. of the 21st USENIX Security Symposium ( 2012 ). Santos, N., Rodrigues, R., Gummadi, K. P., and Saroiu, S. Policy-sealed data: A new abstraction for building trusted cloud services. In Proc. of the 21st USENIX Security Symposium (2012)."},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/1952982.1952990"},{"key":"e_1_3_2_2_47_1","unstructured":"Seagate Technology LLC. Kinetic Open Storage Platform. http:\/\/www.seagate.com\/solutions\/cloud\/data-center-cloud\/platforms.  Seagate Technology LLC. Kinetic Open Storage Platform. http:\/\/www.seagate.com\/solutions\/cloud\/data-center-cloud\/platforms."},{"key":"e_1_3_2_2_49_1","unstructured":"Seagate Technology LLC. Barracuda Data Sheet. http:\/\/www.seagate.com\/files\/staticfiles\/docs\/pdf\/datasheet\/disc\/barracuda-xt-ds1696.3-1102us.pdf 2011.  Seagate Technology LLC. Barracuda Data Sheet. http:\/\/www.seagate.com\/files\/staticfiles\/docs\/pdf\/datasheet\/disc\/barracuda-xt-ds1696.3-1102us.pdf 2011."},{"key":"e_1_3_2_2_50_1","unstructured":"Seagate Technology LLC. Momentus XT Data Sheet. http:\/\/www.seagate.com\/docs\/pdf\/datasheet\/disc\/ds_momentus_xt.pdf 2012.  Seagate Technology LLC. Momentus XT Data Sheet. http:\/\/www.seagate.com\/docs\/pdf\/datasheet\/disc\/ds_momentus_xt.pdf 2012."},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043580"},{"key":"e_1_3_2_2_52_1","volume-title":"Proc. of the 7th USENIX OSDI","author":"Sivathanu G.","year":"2006","unstructured":"Sivathanu , G. , Sundararaman , S. , and Zadok , E . Type-safe disks . In Proc. of the 7th USENIX OSDI ( 2006 ). Sivathanu, G., Sundararaman, S., and Zadok, E. Type-safe disks. In Proc. of the 7th USENIX OSDI (2006)."},{"key":"e_1_3_2_2_53_1","volume-title":"Proc. of the 2nd USENIX FAST","author":"Sivathanu M.","year":"2003","unstructured":"Sivathanu , M. , Prabhakaran , V. , Popovici , F. I. , Denehy , T. E. , Arpaci-Dusseau , A. C. , and Arpaci-Dusseau , R. H . Semantically-smart disk systems . In Proc. of the 2nd USENIX FAST ( 2003 ). Sivathanu, M., Prabhakaran, V., Popovici, F. I., Denehy, T. E., Arpaci-Dusseau, A. C., and Arpaci-Dusseau, R. H. Semantically-smart disk systems. In Proc. of the 2nd USENIX FAST (2003)."},{"key":"e_1_3_2_2_54_1","unstructured":"Storage Work Group of the Trusted Computing Group. Self-encrypting drives take off for strong data protection. http:\/\/www.trustedcomputinggroup.org\/community\/2010\/03\/selfencrypting_drives_take_off_for_strong_data_protection 2011.  Storage Work Group of the Trusted Computing Group. Self-encrypting drives take off for strong data protection. http:\/\/www.trustedcomputinggroup.org\/community\/2010\/03\/selfencrypting_drives_take_off_for_strong_data_protection 2011."},{"key":"e_1_3_2_2_55_1","unstructured":"Storage Work Group of the Trusted Computing Group. TCG storage architecture core specification. http:\/\/www.trustedcomputinggroup.org\/resources\/tcg_storage_architecture_core_specification 2011.  Storage Work Group of the Trusted Computing Group. TCG storage architecture core specification. http:\/\/www.trustedcomputinggroup.org\/resources\/tcg_storage_architecture_core_specification 2011."},{"key":"e_1_3_2_2_56_1","volume-title":"Proc. of the 4th USENIX OSDI","author":"Strunk J. D.","year":"2000","unstructured":"Strunk , J. D. , Goodson , G. R. , Scheinholtz , M. L. , Soules , C. A. N. , and Ganger , G. R . Self-securing storage: Protecting data in compromised systems . In Proc. of the 4th USENIX OSDI ( 2000 ). Strunk, J. D., Goodson, G. R., Scheinholtz, M. L., Soules, C. A. N., and Ganger, G. R. Self-securing storage: Protecting data in compromised systems. In Proc. of the 4th USENIX OSDI (2000)."},{"key":"e_1_3_2_2_57_1","volume-title":"http:\/\/iscsitarget.sourceforge.net\/","author":"The SCSI","year":"2011","unstructured":"The i SCSI Enterprise Target project. http:\/\/iscsitarget.sourceforge.net\/ , 2011 . The iSCSI Enterprise Target project. http:\/\/iscsitarget.sourceforge.net\/, 2011."},{"key":"e_1_3_2_2_59_1","volume-title":"Costs of security in the PFS file system. Tech. rep., Computing and Information Science","author":"Walsh K.","year":"2012","unstructured":"Walsh , K. , and Schneider , F. B . Costs of security in the PFS file system. Tech. rep., Computing and Information Science , Cornell University , 2012 . Walsh, K., and Schneider, F. B. Costs of security in the PFS file system. Tech. rep., Computing and Information Science, Cornell University, 2012."},{"key":"e_1_3_2_2_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/1352592.1352602"},{"key":"e_1_3_2_2_62_1","volume-title":"Proc. of the USENIX ATC","author":"Weinhold C.","year":"2011","unstructured":"Weinhold , C. , and H\u00e4rtig , H . jVPFS: Adding robustness to a secure stacked file system with untrusted local storage components . In Proc. of the USENIX ATC ( 2011 ). Weinhold, C., and H\u00e4rtig, H. jVPFS: Adding robustness to a secure stacked file system with untrusted local storage components. In Proc. of the USENIX ATC (2011)."},{"key":"e_1_3_2_2_63_1","unstructured":"Wikimedia Foundation. Image Dump. http:\/\/archive.org\/details\/wikimedia-image-dump-2005-11 2005.  Wikimedia Foundation. Image Dump. http:\/\/archive.org\/details\/wikimedia-image-dump-2005-11 2005."},{"key":"e_1_3_2_2_64_1","unstructured":"Wikimedia Foundation. Static HTML dump. http:\/\/dumps.wikimedia.org\/ 2008.  Wikimedia Foundation. Static HTML dump. http:\/\/dumps.wikimedia.org\/ 2008."},{"key":"e_1_3_2_2_65_1","first-page":"2012","volume-title":"Page view statistics","author":"Wikimedia Foundation","year":"2012","unstructured":"Wikimedia Foundation . Page view statistics April 2012 . http:\/\/dumps.wikimedia.org\/other\/pagecounts-raw\/2012\/ 2012 - 2004 \/, 2012. Wikimedia Foundation. Page view statistics April 2012. http:\/\/dumps.wikimedia.org\/other\/pagecounts-raw\/2012\/2012-04\/, 2012."},{"key":"e_1_3_2_2_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/174613.174614"},{"key":"e_1_3_2_2_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272996.1273033"},{"key":"e_1_3_2_2_68_1","volume-title":"Proc. of USENIX ATC","author":"Xu Y.","year":"2014","unstructured":"Xu , Y. , Dunn , A. M. , Hofmann , O. S. , Lee , M. Z. , Mehdi , S. A. , and Witchel , E . Application-defined decentralized access control . In Proc. of USENIX ATC ( 2014 ). Xu, Y., Dunn, A. M., Hofmann, O. S., Lee, M. Z., Mehdi, S. A., and Witchel, E. Application-defined decentralized access control. In Proc. of USENIX ATC (2014)."},{"key":"e_1_3_2_2_69_1","volume-title":"Proc. of 7th USENIX OSDI","author":"Zeldovich N.","year":"2006","unstructured":"Zeldovich , N. , Boyd-Wickizer , S. , Kohler , E. , and Mazi\u00e8res , D . Making information flow explicit in HiStar . In Proc. of 7th USENIX OSDI ( 2006 ). Zeldovich, N., Boyd-Wickizer, S., Kohler, E., and Mazi\u00e8res, D. Making information flow explicit in HiStar. In Proc. of 7th USENIX OSDI (2006)."}],"event":{"name":"EuroSys '15: Tenth EuroSys Conference 2015","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems"],"location":"Bordeaux France","acronym":"EuroSys '15"},"container-title":["Proceedings of the Tenth European Conference on Computer Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2741948.2741958","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2741948.2741958","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:37Z","timestamp":1750227157000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2741948.2741958"}},"subtitle":["enforcing data policies at the storage layer"],"short-title":[],"issued":{"date-parts":[[2015,4,17]]},"references-count":64,"alternative-id":["10.1145\/2741948.2741958","10.1145\/2741948"],"URL":"https:\/\/doi.org\/10.1145\/2741948.2741958","relation":{},"subject":[],"published":{"date-parts":[[2015,4,17]]},"assertion":[{"value":"2015-04-17","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}