• Publications
  • Influence
Graphene-SGX: A Practical Library OS for Unmodified Applications on SGX
TLDR
This paper demonstrates that a fully-featured library OS can rapidly deploy unmodified applications on SGX with overheads comparable to applications modified to use "shim" layers. Expand
  • 224
  • 54
  • PDF
Intel® Software Guard Extensions (Intel® SGX) Architecture for Oversubscription of Secure Memory in a Virtualized Environment
TLDR
This paper introduces SGX Oversubscription Extensions that add additional instructions and virtualization support to the SGX architecture so that cloud service providers can oversubscribe secure memory in a less complex and more performant manner. Expand
  • 19
  • 4
  • PDF
Intel SGX Enabled Key Manager Service with OpenStack Barbican
TLDR
We propose to build an Intel Software Guard Extension or SGX based software crypto plugin that offers security similar to an HSM with the low cost and scalability of a software based solution. Expand
  • 9
  • 3
  • PDF
Integrating Remote Attestation with Transport Layer Security
TLDR
We seamlessly combine Intel SGX remote attestation with the establishment of a standard Transport Layer Security (TLS) connection. Expand
  • 30
  • 2
  • PDF
User-Guided Device Driver Synthesis
TLDR
We present the design and implementation of a new driver synthesis toolkit, called Termite-2, which combines the power of automation with the flexibility of conventional development. Expand
  • 42
  • 1
  • PDF
Scaling Intel® Software Guard Extensions Applications with Intel® SGX Card
TLDR
We introduce an Intel SGX Card – a purpose built accelerator with three independent CPUs used for offloading security-hungry tasks; several such cards can be attached to one host server. Expand
  • 6
  • 1
Improved Device Driver Reliability Through Verification Reuse
TLDR
We argue that the underlying cause of many driver faults is the separation of two highly-related tasks: device verification and driver development, and this will result in drastic improvement of device-driver quality. Expand
  • 1
  • 1
  • PDF
Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX)
TLDR
In this paper, we describe our experiences with hardening the king of middleboxes - Intrusion Detection Systems (IDS) - using Intel Software Guard Extensions (Intel SGX) technology. Expand
  • 12
  • PDF
Improved device driver reliability through hardware verification reuse
TLDR
We argue that the underlying cause of many driver faults is the separation of two highly-related tasks: device verification and driver development. Expand
  • 10
  • PDF
Device driver synthesis
TLDR
Automatic Device Driver Synthesis is a research collaboration project between Intel and National Information Communications Technology Australia (NICTA that aims to synthesize device drivers automatically using formal OS and device specifications. Expand
  • 1
  • PDF