Mona Vij
YOU?
Author Swipe
View article: Adaptive and Efficient Dynamic Memory Management for Hardware Enclaves
Adaptive and Efficient Dynamic Memory Management for Hardware Enclaves Open
The second version of Intel Software Guard Extensions (Intel SGX), or SGX2, adds dynamic management of enclave memory and threads. The first version required the address space and thread counts to be fixed before execution. The Enclave Dyn…
View article: LATTEO: A Framework to Support Learning Asynchronously Tempered with Trusted Execution and Obfuscation
LATTEO: A Framework to Support Learning Asynchronously Tempered with Trusted Execution and Obfuscation Open
The privacy vulnerabilities of the federated learning (FL) paradigm, primarily caused by gradient leakage, have prompted the development of various defensive measures. Nonetheless, these solutions have predominantly been crafted for and as…
View article: Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud
Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud Open
Foundation Models (FMs) display exceptional performance in tasks such as natural language processing and are being applied across a growing range of disciplines. Although typically trained on large public datasets, FMs are often fine-tuned…
View article: SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification
SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification Open
Effectively mitigating side-channel attacks (SCAs) in Trusted Execution Environments (TEEs) remains challenging despite advances in existing defenses.Current detection-based defenses hinge on observing abnormal victim performance character…
View article: A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs
A Holistic Approach for Trustworthy Distributed Systems with WebAssembly and TEEs Open
Publish/subscribe systems play a key role in enabling communication between numerous devices in distributed and large-scale architectures. While widely adopted, securing such systems often trades portability for additional integrity and at…
View article: MeSHwA: The case for a Memory-Safe Software and Hardware Architecture for Serverless Computing
MeSHwA: The case for a Memory-Safe Software and Hardware Architecture for Serverless Computing Open
Motivated by developer productivity, serverless computing, and microservices have become the de facto development model in the cloud. Microservices decompose monolithic applications into separate functional units deployed individually. Thi…
View article: Cerberus
Cerberus Open
Hardware enclaves rely on a disjoint memory model, which maps each physical\naddress to an enclave to achieve strong memory isolation. However, this\nseverely limits the performance and programmability of enclave programs. While\nsome prio…
View article: Computation offloading to hardware accelerators in Intel SGX and Gramine Library OS
Computation offloading to hardware accelerators in Intel SGX and Gramine Library OS Open
The Intel Software Guard Extensions (SGX) technology enables applications to run in an isolated SGX enclave environment, with elevated confidentiality and integrity guarantees. Gramine Library OS facilitates execution of existing unmodifie…
View article: Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple
Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple Open
We present a practical framework to deploy privacy-preserving machine learning (PPML) applications in untrusted clouds based on a trusted execution environment (TEE). Specifically, we shield unmodified PyTorch ML applications by running th…
View article: Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX)
Snort Intrusion Detection System with Intel Software Guard Extension (Intel SGX) Open
Network Function Virtualization (NFV) promises the benefits of reduced infrastructure, personnel, and management costs by outsourcing network middleboxes to the public or private cloud. Unfortunately, running network functions in the cloud…
View article: Snort Intrusion Detection System with Intel Software Guard Extension\n (Intel SGX)
Snort Intrusion Detection System with Intel Software Guard Extension\n (Intel SGX) Open
Network Function Virtualization (NFV) promises the benefits of reduced\ninfrastructure, personnel, and management costs by outsourcing network\nmiddleboxes to the public or private cloud. Unfortunately, running network\nfunctions in the cl…
View article: Integrating Remote Attestation with Transport Layer Security
Integrating Remote Attestation with Transport Layer Security Open
Intel(R) Software Guard Extensions (Intel(R) SGX) is a promising technology to securely process information in otherwise untrusted environments. An important aspect of Intel SGX is the ability to perform remote attestation to assess the en…
View article: Intel SGX Enabled Key Manager Service with OpenStack Barbican
Intel SGX Enabled Key Manager Service with OpenStack Barbican Open
Protecting data in the cloud continues to gain in importance, with encryption being used to achieve the desired data protection. While there is desire to use encryption, various cloud components do not want to deal with key management, whi…