Shruti Tople

Learn More
Web servers are vulnerable to a large class of attacks which can allow network attacker to steal sensitive web content. In this work, we investigate the feasibility of a web server architecture, wherein the vulnerable server VM runs on a trusted cloud. All sensitive web content is made available to the vulnerable server VM in encrypted form, thereby(More)
Web browsers isolate web origins, but do not provide direct abstractions to isolate sensitive data and control computation over it within the same origin. As a result, guaranteeing security of sensitive web content requires trusting all code in the browser and client-side applications to be vulnerability-free. In this paper, we propose a new abstraction,(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this paper, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH(More)
Privacy preserving computation is gaining importance. Along with secure computation guarantees, it is essential to hide information leakage through access patterns. Input-oblivious execution is a security property that is crucial to guarantee complete privacy preserving computation. In this work, we present an algorithm-specific approach to achieve(More)
Enclaved execution techniques like Intel SGX guarantee secure execution of applications in presence of a compromised operating system. However, these techniques still rely on the underlying OS for services such as filesystem management. In this paper, we present attacks called syscall-abuse attacks on applications such as OpenSSL and ClamAV in presence of a(More)
Deep learning in a collaborative setting is emerging as a cornerstone of many upcoming applications, wherein untrusted users collaborate to generate more accurate models. From the security perspective , this opens collaborative deep learning to poisoning attacks , wherein adversarial users deliberately alter their inputs to mis-train the model. These(More)
Cloud providers are realizing the outsourced database model in the form of database-as-a-service offerings. However, security in terms of data privacy remains an obstacle because data storage and processing are performed on an untrusted cloud. Achieving strong security under additional constraints of functionality and performance is even more challenging ,(More)
—Intel SGX, a new security capability in emerging CPUs, allows user-level application code to execute in hardware-isolated enclaves. Enclave memory is isolated from all other software on the system, even from the privileged OS or hypervi-sor. While being a promising hardware-rooted building block, enclaves have severely limited capabilities, such as no(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this work, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH is(More)