Efficient and secure in-process isolation is in great demand, as evidenced in the shift
towards JavaScript and the recent revival of memory protection keys. Yet, state-of-the-art …

Firefox and other major browsers rely on dozens of third-party libraries to render audio,
video, images, and other content. These libraries are a frequent source of vulnerabilities. To …

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor
to enclave mode which protects it from introspection. While the enclave mode strongly …

Least-privilege separation decomposes applications into compartments limited to accessing
only what they need. When compartmentalizing existing software, many approaches neglect …

A μ-kernel is an operating system (OS) paradigm that facilitates a strong cybersecurity
posture for embedded systems. Unlike a monolithic OS such as Linux, a μ-kernel reduces …

Software libraries can freely access the program's entire address space, and also inherit its
system-level privileges. This lack of separation regularly leads to security-critical incidents …

Decomposing large systems into smaller components with limited privileges has long been
recognized as an effective means to minimize the impact of exploits. Despite historical roots …

There has been interest in mechanisms that enable the secure use of legacy code to
implement trusted code in a Trusted Execution Environment (TEE), such as Intel SGX …

Confidential cloud computing enables cloud tenants to distrust their service provider.
Achieving confidential computing solutions that provide concrete security guarantees …

Compartmentalization decomposes a program into separate parts with mediated
interactions through compartment interfaces---hiding information that would otherwise be …