Publications
Chosen filters:
Chosen filters:
CHERI-TrEE: Flexible enclaves on capability machines KU Leuven
This paper studies the integration of two successful hardware-supported security mechanisms: capabilities and enclaved execution. Capabilities are a powerful and flexible security mechanism for implementing fine-grained memory access control and compartmentalizing untrusted or buggy software components. Capabilities have a long history but have gained significant momentum recently, as evidenced by ARM’s experimental Morello processor that ...
End-to-End Security for Distributed Event-Driven Enclave Applications on Heterogeneous TEEs KU Leuven
This article presents an approach to provide strong assurance of the secure execution of distributed event-driven applications on shared infrastructures, while relying on a small Trusted Computing Base. We build upon and extend security primitives provided by Trusted Execution Environments (TEEs) to guarantee authenticity and integrity properties of applications, and to secure control of input and output devices. More specifically, we guarantee ...
Two Parametricities Versus Three Universal Types KU Leuven
The formal calculus System F models the essence of polymorphism and abstract data types, features that exist in many programming languages. The calculus’ core property is parametricity: a theorem expressing the language’s abstractions and validating important principles like information hiding and modularity.When System F is combined with features like recursive types, mutable state, continuations or exceptions, the formulation of parametricity ...