Scott Constable
YOU?
Author Swipe
View article: Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud
Fortify Your Foundations: Practical Privacy and Security for Foundation Model Deployments In The Cloud Open
Foundation Models (FMs) display exceptional performance in tasks such as natural language processing and are being applied across a growing range of disciplines. Although typically trained on large public datasets, FMs are often fine-tuned…
View article: SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification
SENSE: Enhancing Microarchitectural Awareness for TEEs via Subscription-Based Notification Open
Effectively mitigating side-channel attacks (SCAs) in Trusted Execution Environments (TEEs) remains challenging despite advances in existing defenses.Current detection-based defenses hinge on observing abnormal victim performance character…
View article: Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks
Chameleon Cache: Approximating Fully Associative Caches with Random Replacement to Prevent Contention-Based Cache Attacks Open
Randomized, skewed caches (RSCs) such as CEASER-S have recently received much\nattention to defend against contention-based cache side channels. By\nrandomizing and regularly changing the mapping(s) of addresses to cache sets,\nthese techn…
View article: Seeds of SEED: A Side-Channel Resilient Cache Skewed by a Linear Function over a Galois Field
Seeds of SEED: A Side-Channel Resilient Cache Skewed by a Linear Function over a Galois Field Open
Consider a set-associative cache with $p^n$ sets and $p^n$ ways where $p$ is prime and $n>0$. Furthermore, assume that the cache may be shared among $p^n$ mutually distrusting principals that may use the Prime+Probe side-channel attack aga…
View article: STATIC ENFORCEMENT OF TERMINATION-SENSITIVE NONINTERFERENCE USING THE C++ TEMPLATE TYPE SYSTEM
STATIC ENFORCEMENT OF TERMINATION-SENSITIVE NONINTERFERENCE USING THE C++ TEMPLATE TYPE SYSTEM Open
A side channel is an observable attribute of program execution other than explicit communication, e.g., power usage, execution time, or page fault patterns. A side-channel attack occurs when a malicious adversary observes program secrets t…
View article: libOblivious: A C++ Library for Oblivious Data Structures and Algorithms
libOblivious: A C++ Library for Oblivious Data Structures and Algorithms Open
Infrastructure as a service (IaaS) is an enormously beneficial model for centralized data computation and storage. Yet, existing network-layer and hardware-layer security protections do not address a broad category of vulnerabilities known…
View article: Formal Verification of a Modern Boot Loader
Formal Verification of a Modern Boot Loader Open
We introduce the Syracuse Assured Boot Loader Executive (SABLE), a trustworthy secure loader. A trusted boot loader performs a cryptographic measurement (hash) of program code and executes it unconditionally, allowing later-stage software …
View article: A Formally Verified Heap Allocator
A Formally Verified Heap Allocator Open
We present the formal verification of a heap allocator written in C. We use the Isabelle/HOL proof assistant to formally verify the correctness of the heap allocator at the source code level. The C source code of the heap allocator is impo…