Shruti Tople

Learn More
Web servers are vulnerable to a large class of attacks which can allow network attacker to steal sensitive web content. In this work, we investigate the feasibility of a web server architecture, wherein the vulnerable server VM runs on a trusted cloud. All sensitive web content is made available to the vulnerable server VM in encrypted form, thereby(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this paper, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH(More)
Web browsers isolate web origins, but do not provide direct abstractions to isolate sensitive data and control computation over it within the same origin. As a result, guaranteeing security of sensitive web content requires trusting all code in the browser and client-side applications to be vulnerability-free. In this paper, we propose a new abstraction,(More)
Enclaved execution techniques like Intel SGX guarantee secure execution of applications in presence of a compromised operating system. However, these techniques still rely on the underlying OS for services such as filesystem management. In this paper, we present attacks called syscall-abuse attacks on applications such as OpenSSL and ClamAV in presence of a(More)
Cloud providers are realizing the outsourced database model in the form of database-as-a-service offerings. However, security in terms of data privacy remains an obstacle because data storage and processing are performed on an untrusted cloud. Achieving strong security under additional constraints of functionality and performance is even more challenging ,(More)
—Secure execution of applications on untrusted operating systems is a fundamental security primitive that has been challenging to achieve. In this work, we propose a new architecture feature called PODARCH, which makes it easy to import executables on an OS without risking the target system's security or the execution of the imported application. PODARCH is(More)
Privacy preserving computation is gaining importance. Along with secure computation guarantees, it is essential to hide information leakage through access patterns. Input-oblivious execution is a security property that is crucial to guarantee complete privacy preserving computation. In this work, we present an algorithm-specific approach to achieve(More)
Secure computation on encrypted data stored on untrusted clouds is an important goal. Existing secure arithmetic computation techniques, such as fully homomorphic encryption (FHE) and somewhat homomorphic encryption (SWH), have prohibitive performance and/or storage costs for the majority of practical applications. In this work, we investigate a new secure(More)