research-article

LibSEAL: revealing service integrity violations using trusted execution

Authors:

Pierre-Louis Aublin,

Florian Kelbert,

Divya Muthukumaran,

Christian Priebe,

Christof Fetzer,

Peter PietzuchAuthors Info & Claims

EuroSys '18: Proceedings of the Thirteenth EuroSys Conference

Article No.: 24, Pages 1 - 15

https://doi.org/10.1145/3190508.3190547

Published: 23 April 2018 Publication History

Abstract

Users of online services such as messaging, code hosting and collaborative document editing expect the services to uphold the integrity of their data. Despite providers' best efforts, data corruption still occurs, but at present service integrity violations are excluded from SLAs. For providers to include such violations as part of SLAs, the competing requirements of clients and providers must be satisfied. Clients need the ability to independently identify and prove service integrity violations to claim compensation. At the same time, providers must be able to refute spurious claims.

We describe LibSEAL, a SEcure Audit Library for Internet services that creates a non-repudiable audit log of service operations and checks invariants to discover violations of service integrity. LibSEAL is a drop-in replacement for TLS libraries used by services, and thus observes and logs all service requests and responses. It runs inside a trusted execution environment, such as Intel SGX, to protect the integrity of the audit log. Logs are stored using an embedded relational database, permitting service invariant violations to be discovered using simple SQL queries. We evaluate LibSEAL with three popular online services (Git, ownCloud and Dropbox) and demonstrate that it is effective in discovering integrity violations, while reducing throughput by at most 14%.

References

[1]

JabberD 2.x Project. 2017. JabberD 2.x. http://jabberd2.org/. (2017).

[2]

Martín Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. 2005. Control-flow Integrity. In Proceedings of the 12th ACM conference on Computer and communications security (CCS '05). ACM.

Digital Library

[3]

Hussam Abu-Libdeh, Lonnie Princehouse, and Hakim Weatherspoon. 2010. RACS: A Case for Cloud Storage Diversity. In Proceedings of the 1st ACM Symposium on Cloud Computing (SoCC '10). ACM, 229--240.

Digital Library

[4]

Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative Technology for CPU Based Attestation and Sealing. In Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP '13).

[5]

Apache Foundation. 2017. Apache Commons IO. https://commons.apache.org/proper/commons-io/. (2017).

[6]

Apache Foundation. 2017. Apache Commons Lang. https://commons.apache.org/proper/commons-lang/. (2017).

[7]

Apache Foundation. 2017. Apache Commons Math. http://commons.apache.org/proper/commons-math/. (2017).

[8]

Apache Foundation. 2017. Apache Commons Validator. https://commons.apache.org/proper/commons-validator/. (2017).

[9]

Apache Foundation. 2017. Apache Groovy. http://groovy-lang.org/. (2017).

[10]

Apache Foundation. 2017. Apache Sling. https://sling.apache.org/. (2017).

[11]

Apache Foundation. 2017. HTTP server project. (2017).

[12]

Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Dan O'Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, Rüdiger Kapitza, Peter R. Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI' 16, Savannah, GA, USA, November 2-4, 2016.

Digital Library

[13]

Pierre-Louis Aublin, Florian Kelbert, Dan O'Keeffe, Divya Muthukumaran, Christian Priebe, Joshua Lind, Robert Khran, Christof Fetzer, David Eyers, and Peter Pietzuch. 2018. LibSEAL: Revealing Service Integrity Violations Using Trusted Execution. Technical Report 2018/2. Imperial College London. https://www.doc.ic.ac.uk/research/technicalreports/2018/#2

Digital Library

[14]

Blaise Barney. 2016. POSIX Threads Programming. https://computing.llnl.gov/tutorials/pthreads/. (2016).

[15]

Andrew Baumann, Marcus Peinado, and Galen Hunt. 2015. Shielding Applications from an Untrusted Cloud with Haven. ACM Trans. Comput. Syst. 33, 3, Article 8 (Aug. 2015), 8:1--8:26 pages.

Digital Library

[16]

Simon Bradshaw, Christopher Millard, and Ian Walden. 2011. Contracts for Clouds: Comparison and Analysis of the Terms and Conditions of Cloud Computing Services. International Journal of Law and Information Technology (IJLIT '11) 19, 3 (2011), 187.

[17]

Ajay Brahmakshatriya, Piyus Kedia, Derrick Paul McKee, Pratik Bhatu, Deepak Garg, Akash Lal, and Aseem Rastogi. 2017. An Instrumenting Compiler for Enforcing Confidentiality in Low-Level Code. arXiv (2017).

[18]

Nathan Burow, Scott A. Carr, Joseph Nash, Per Larsen, Michael Franz, Stefan Brunthaler, and Mathias Payer. 2017. Control-Flow Integrity: Precision, Security, and Performance. ACM Comput. Surv. 50, 1, Article 16 (April 2017), 16:1--16:33 pages.

Digital Library

[19]

Dell Cameron and Kate Conger. 2017. GOP Data Firm Accidentally Leaks Personal Details of Nearly 200 Million American Voters. https://gizmodo.com/gop-data-firm-accidentally-leaks-personal-details-of-ne-1796211612. (June 2017).

[20]

Scott A Carr and Mathias Payer. 2017. DataShield: Configurable Data Confidentiality and Integrity. In Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security (ASIACCS '17). ACM.

Digital Library

[21]

A. Celesti, F. Tusa, M. Villari, and A. Puliafito. 2010. How to Enhance Cloud Architectures to Enable Cross-Federation. In 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD '10). 337--345.

Digital Library

[22]

Stephen Checkoway and Hovav Shacham. 2013. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface. In Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '13). ACM, New York, NY, USA, 253--264.

Digital Library

[23]

Byung-Gon Chun, Petros Maniatis, Scott Shenker, and John Kubiatowicz. 2007. Attested Append-only Memory: Making Adversaries Stick to Their Word. In ACM SIGOPS Operating Systems Review (OSR '07), Vol. 41. ACM, 189--204.

Digital Library

[24]

CNN. 2013. PayPal Accidentally Credits Man $92 Quadrillion. https://edition.cnn.com/2013/07/17/tech/paypal-error/index.html. (July 2013).

[25]

Cox, Joseph Troy Hunt. 2016. Another Day, Another Hack: Tens of Millions of Neopets Accounts. https://motherboard.vice.com/en_us/article/neopets-hack-another-day-another-hack-tens-of-millions-of-neopets-accounts. (2016).

[26]

Cryptomator. 2017. Cryptomator. https://cryptomator.org. (2017).

[27]

cURL project. 2017. libcurl - the Multiprotocol File Transfer Library. https://curl.haxx.se/libcurl/. (2017).

[28]

CVE 2005. Buffer Overflow In the Jabber 2.x Server (Jabberd), CVE-2004-0953. https://www.cvedetails.com/cve/CVE-2004-0953/. (2005). Accessed: 05-02-2018.

[29]

Tim Dierks and Eric Rescorla. 2008. RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2. (2008). https://tools.ietf.org/html/rfc5246

[30]

Dirk Einecke. 2011. HTTP Headers. https://chrome.google.com/webstore/detail/http-headers/hplfkkmefamockhligfdcfgfnbcdddbg. (2011).

[31]

Idilio Drago, Enrico Bocchi, Marco Mellia, Herman Slatman, and Aiko Pras. 2013. Benchmarking Personal Cloud Storage. In Proceedings of the 2013 Conference on Internet Measurement Conference (IMC '13). ACM, 205--212.

Digital Library

[32]

Dropbox. 2017. About Dropbox. https://www.dropbox.com/about. (2017).

[33]

Dropbox. 2017. Dropbox Terms of Service. https://www.dropbox.com/en_GB/privacy#terms. (2017).

[34]

Facebook. 2017. Facebook. https://www.facebook.com/. (2017).

[35]

Jon Fingas. 2014. Dropbox Bug Wipes Some Users' Files From the Cloud. https://www.engadget.com/2014/10/13/dropbox-selective-sync-bug/. (Oct. 2014).

[36]

Fox-Brewster, Thomas. 2015. Gambling Darling Paysafe Confirms 7.8 Million Customers Hit In Epic Old Hacks. https://goo.gl/xXpkJH. (2015).

[37]

Fox-Brewster, Thomas. 2017. Massive WWE Leak Exposes 3 Million Wrestling Fans' Addresses, Ethnicities And More. (July 2017). https://goo.gl/rMyomS

[38]

Craig Gentry. 2009. A Fully Homomorphic Encryption Scheme. Ph.D. Dissertation. Stanford University. Advisor(s) Boneh, Dan. AAI3382729.

Digital Library

[39]

Git 2018. https://git-scm.com/. (2018).

[40]

GitHub. 2017. GitHub. https://www.github.com. (2017).

[41]

GitHub. 2017. GitHub Terms of Service. (2017). https://help.github.com/articles/github-terms-of-service/

[42]

GitLab.com. 2017. About GitLab. https://about.gitlab.com/. (2017).

[43]

GNU project. 2017. The GNU Privacy Guard. https://gnupg.org/. (2017).

[44]

Google. 2011. Gmail. https://www.engadget.com/2011/02/27/gmail-accidentally-resetting-accounts-years-of-correspondence-v/. (Feb. 2011).

[45]

Google. 2017. Google Docs. https://docs.google.com. (2017).

[46]

Google. 2017. Google Drive. https://drive.google.com. (2017).

[47]

Google. 2017. Google Terms of Service. https://www.google.com/intl/en/policies/terms/. (2017).

[48]

Gough, Valient. 2017. EncFS: an Encrypted Filesystem for FUSE. https://vgough.github.io/encfs/. (2017).

[49]

Daniel Gruss, Julian Lettner, Felix Schuster, Olya Ohrimenko, Istvan Haller, and Manuel Costa. 2017. Strong and Efficient Cache Side-Channel Protection Using Hardware Transactional Memory. In Proceedings of the 12th USENIX Security Symposium (USENIX Security '17). USENIX Association.

[50]

Andreas Haeberlen, Petr Kouznetsov, and Peter Druschel. 2007. PeerReview: Practical Accountability for Distributed Systems. In Proceedings of 21th ACM SIGOPS Symposium on Operating Systems Principles (SOSP '07). ACM, 175--188.

Digital Library

[51]

Kun He, Jing Chen, Ruiying Du, Qianhong Wu, Guoliang Xue, and Xiang Zhang. 2016. Deypos: Deduplicatable Dynamic Proof of Storage for Multi-User Environments. IEEE Trans. Comput. 65, 12 (2016), 3631--3645.

Digital Library

[52]

Sean Hollister. 2017. Gmail Accidentally Resetting Accounts, Years of Correspondence Vanish Into the Cloud? https://www.engadget.com/2011/02/27/gmail-accidentally-resetting-accounts-years-of-correspondence-v/. (2017).

[53]

Chris Hourihan and Bryan Cline. 2012. A Look Back: U.S. Healthcare Data Breach Trends. https://hitrustalliance.net/content/uploads/2014/05/HITRUST-Report-U.S.-Healthcare-Data-Breach-Trends.pdf. (2012).

[54]

Hunt, Troy. 2016. Dating the Ginormous MySpace Breach. https://www.troyhunt.com/dating-the-ginormous-myspace-breach/. (2016).

[55]

Gwan-Hwan Hwang and Shih-Kai Fu. 2016. Proof of Violation for Trust and Accountability of Cloud Database Systems. In The 16th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid '16). IEEE, 425--433.

[56]

Intel. 2014. Software Guard Extensions Programming Reference, Ref. 329298-002US. https://software.intel.com/sites/default/files/managed/48/88/329298-002.pdf. (2014).

[57]

Intel. 2016. Intel Software Guard Extensions (Intel SGX) SDK. https://software.intel.com/sgx-sdk. (2016).

[58]

Intel. 2017. Intel SgxSSL library - User Guide. Technical Report.

[59]

Jake Edge. 2018. TLS in the Kernel. https://lwn.net/Articles/666509/. (2018). Accessed: 31-01-2018.

[60]

Dhiru Kholia and Przemysław Węgrzyn. 2013. Looking Inside the (Drop) Box. In Proceedings of the 7th USENIX Conference on Offensive Technologies (WOOT'13). USENIX Association, 9--9.

Digital Library

[61]

Leslie Lamport. 2001. Paxos made simple. ACM Sigact News 32, 4 (2001), 18--25.

[62]

Selena Larson. 2017. Verizon Data of 6 Million Users Leaked Online. http://money.cnn.com/2017/07/12/technology/verizon-data-leaked-online/index.html. (July 2017).

[63]

Dave Levin, John R. Douceur, Jacob R. Lorch, and Thomas Moscibroda. 2009. TrInc: Small Trusted Hardware for Large Distributed Systems. In Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation (NSDI '09). USENIX Association, 1--14.

Digital Library

[64]

Jinyuan Li, Maxwell N Krohn, David Mazieres, and Dennis E Shasha. 2004. Secure Untrusted Data Repository (SUNDR). In OSDI '04.

Digital Library

[65]

lthread. 2017. lthread, a Multicore Enabled Coroutine Library Written in C. https://github.com/halayli/lthread. (2017).

[66]

Prince Mahajan, Srinath Setty, Sangmin Lee, Allen Clement, Lorenzo Alvisi, Mike Dahlin, and Michael Walfish. 2011. Depot: Cloud Storage With Minimal Trust. ACM Transactions on Computer Systems (TOCS '11) 29, 4 (2011), 12.

Digital Library

[67]

Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. 2017. ROTE: Rollback Protection for Trusted Execution. IACR Cryptology ePrint Archive 2017 (2017), 48.

[68]

mbed TLS 2017. TLS for SGX: a Port of mbedtls. https://github.com/bl4ck5un/mbedtls-SGX. (Feb. 2017).

[69]

Microsoft. 2017. Azure. https://www.microsoft.com/windowsazure. (2017).

[70]

Microsoft. 2017. Office 365. https://www.office.com/. (2017).

[71]

Rene Millman. 2014. OneDrive Users Hit by File Corruption Bug. http://www.cloudpro.co.uk/iaas/cloud-storage/4437/onedrive-users-hit-by-file-corruption-bug. (Aug. 2014).

[72]

MySpace. 2016. MySpace blog. https://myspace.com/pages/blog. (2016).

[73]

S. Nepal, S. Chen, J. Yao, and D. Thilakanathan. 2011. DIaaS: Data Integrity as a Service in the Cloud. In IEEE 4th International Conference on Cloud Computing (CLOUD '11). 308--315.

Digital Library

[74]

H. Nguyen, B. Acharya, R. Ivanov, A. Haeberlen, L. T. X. Phan, O. Sokolsky, J. Walker, J. Weimer, W. Hanson, and I. Lee. 2016. Cloud-Based Secure Logger for Medical Devices. In IEEE 1st International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE '16). 89--94.

[75]

OnePlus forums. 2018. Credit Card Fraud. https://forums.oneplus.net/threads/credit-card-fraud.747206/. (Jan. 2018).

[76]

Diego Ongaro and John K Ousterhout. 2014. In Search of an Understandable Consensus Algorithm. In USENIX Annual Technical Conference (USENIX ATC '14). USENIX Association, 305--319.

Digital Library

[77]

OpenBSD Project. 2016. LibreSSL. https://www.libressl.org/. (2016).

[78]

Meni Orenbach, Pavel Lifshits, Marina Minkin, and Mark Silberstein. 2017. Eleos: ExitLess OS Services for SGX Enclaves. In Proceedings of the 12th European Conference on Computer Systems (EuroSys '17). ACM, 238--253.

Digital Library

[79]

ownCloud 2018. ownCloud.org. https://owncloud.org/. (2018).

[80]

ownCloud Documents is Collaborative Editing of Rich-text Documents 2017. https://github.com/owncloud/documents. (2017).

[81]

Bryan Parno, Jacob R Lorch, John R Douceur, James Mickens, and Jonathan M McCune. 2011. Memoir: Practical state continuity for protected modules. In Security and Privacy (S&P '11), IEEE Symposium on. IEEE, 379--394.

Digital Library

[82]

PayPal 2018. PayPal. http://paypal.com/. (Feb. 2018).

[83]

Raluca Ada Popa, Jacob R. Lorch, David Molnar, Helen J. Wang, and Li Zhuang. 2011. Enabling Security in Cloud Storage SLAs with CloudProof. In Proceedings of the 2011 USENIX Technical Conference (USENIX ATC'11). USENIX Association.

Digital Library

[84]

Christian Priebe, Divya Muthukumaran, Dan O' Keeffe, David Eyers, Brian Shand, Ruediger Kapitza, and Peter Pietzuch. 2014. CloudSafetyNet: Detecting Data Leakage Between Cloud Tenants. In Proceedings of the 6th Edition of the ACM Workshop on Cloud Computing Security (CCSW '14). ACM, 117--128.

Digital Library

[85]

I. Ray, K. Belyaev, M. Strizhov, D. Mulamba, and M. Rajaram. 2013. Secure Logging as a Service - Delegating Log Management to the Cloud. IEEE Systems Journal 7, 2 (June 2013), 323--334.

[86]

Reddit.com. 2016. Unauthorized Access Related to LinkedIn / Myspace Leaks? https://www.reddit.com/r/teamviewer/comments/4m5hle/unauthorized_access_related_to_linkedin_myspace. (2016).

[87]

Will Reese. 2008. Nginx: the High-Performance Web Server and Reverse Proxy. Linux journal 2008, 173 (2008), 2.

Digital Library

[88]

Savard, Daniel and Co, Nikolas. 2011. Live HTTP headers. https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/. (2011).

[89]

J. Schiffman, Y. Sun, H. Vijayakumar, and T. Jaeger. 2013. Cloud Verifier: Verifiable Auditing Service for IaaS Clouds. In IEEE Ninth World Congress on Services (SERVICES '13). 239--246.

Digital Library

[90]

Joshua Schiffman, Hayawardh Vijayakumar, and Trent Jaeger. 2012. Verifying System Integrity by Proxy. Springer Berlin Heidelberg, 179--200.

Digital Library

[91]

Simon Sharwood. 2017. GitLab.com Melts Down After Wrong Directory Deleted, Backups Fail. https://www.theregister.co.uk/2017/02/01/gitlab_data_loss/?mt=1486066707837. (Feb. 2017).

[92]

Youngjoo Shin, Dongyoung Koo, and Junbeom Hur. 2017. A Survey of Secure Data Deduplication Schemes for Cloud Storage Systems. ACM Computing Surveys (CSUR '17) 49, 4 (2017), 74.

Digital Library

[93]

Benjamin H Sigelman, Luiz Andre Barroso, Mike Burrows, Pat Stephenson, Manoj Plakal, Donald Beaver, Saul Jaspan, and Chandan Shanbhag. 2010. Dapper, a Large-scale Distributed Systems Tracing Infrastructure. Technical Report. Technical report, Google.

[94]

Slack Project. 2017. Slack. https://slack.com/. (2017).

[95]

Livio Soares and Michael Stumm. 2010. FlexSC: Flexible System Call Scheduling With Exception-less System Calls. In Proceedings of the 9th USENIX conference on Operating Systems Design and implementation (OSDI '10). USENIX Association.

Digital Library

[96]

SQLite Project. 2017. SQLite. https://www.sqlite.org/. (2017).

[97]

Squid Project. 2016. Squid Proxy. http://www.squid-cache.org/. (2016).

[98]

Raoul Strackx and Frank Piessens. 2016. Ariadne: A Minimal Approach to State Continuity. In 25th USENIX Security Symposium (USENIX Security '16). USENIX.

[99]

Stripe 2018. Stripe. https://stripe.com/. (Feb. 2018).

[100]

Sync. 2017. Sync. https://www.sync.com. (2017).

[101]

Santiago Torres-Arias, Anil Kumar Ammula, Reza Curtmola, and Justin Cappos. 2016. On Omitting Commits and Committing Omissions: Preventing Git Metadata Tampering That (Re)introduces Software Vulnerabilities. https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/torres-arias. In 25th USENIX Security Symposium (USENIX Security '16). USENIX Association, 379--395.

[102]

B. Wang, B. Li, and H. Li. 2014. Oruta: privacy-preserving Public Auditing for Shared Data in the Cloud. In Proceedings of the IEEE Transactions on Cloud Computing conference (TCC '14) 2, 1 (Jan 2014), 43--56.

[103]

B. Wang, B. Li, and H. Li. 2015. Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud. Proceedings of the IEEE Transactions on Services Computing (TSC '15) 8, 1 (Jan 2015), 92--106.

[104]

B. Wang, H. Li, and M. Li. 2013. Privacy-preserving Public Auditing for Shared Cloud Data Supporting Group Dynamics. In Proceedings of the IEEE International Conference on Communications conference (ICC '13).

Digital Library

[105]

C. Wang, Q. Wang, K. Ren, and W. Lou. 2010. Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing. In Proceedings of the IEEE Conference on Computer Communications (INFOCOM '10). 1--9.

Digital Library

[106]

Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A Gunter. 2017. Leaky Cauldron on the Dark Land: Understanding Memory Side-channel Hazards in SGX. In Proceedings of the 2017 ACM Conference on Computer and Communications Security (CCS '17). ACM, 2421--2434.

Digital Library

[107]

Washington Post. 2017. A Mysterious Message is Locking Google Docs Users Out of Their Files. https://goo.gl/9ffD9r. (Oct. 2017).

[108]

Nico Weichbrodt, Anil Kurmus, Peter Pietzuch, and Rüdiger Kapitza. 2016. AsyncShock: Exploiting synchronisation bugs in Intel SGX enclaves. In European Symposium on Research in Computer Security. Springer, 440--457.

[109]

WhatsApp. 2018. https://www.whatsapp.com/. (Feb. 2018).

[110]

WolfSSL. 2016. WolfSSL at IDF. https://www.wolfssl.com/wolfSSL/Blog/Entries/2016/8/11_wolfSSL_At_IDF.html. (August 2016).

[111]

Victoria Woollaston. 2014. Has Gmail Lost YOUR Emails? Glitch Causes Thousands of Users to Accidentally Delete Messages and Report Others as Spam. http://www.dailymail.co.uk/sciencetech/article-2548010/Has-Gmail-lost-YOUR-emails-Glitch-causes-thousands-users-accidentally-delete-messages-report-spam.html. (Jan. 2014).

[112]

XMPP working group. 2018. eXtensible Messaging and Presence Protocol. http://xmpp.org. (2018). Accessed: 31-01-2018.

[113]

Yuanzhong Xu, Weidong Cui, and Marcus Peinado. 2015. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In 2015 IEEE Symposium on Security and Privacy (S&P '15). IEEE, 640--656.

Digital Library

[114]

S. Zawoad, A. K. Dutta, and R. Hasan. 2016. Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service. IEEE Transactions on Dependable and Secure Computing (TDSC '16) 13, 2 (March 2016), 148--162.

Digital Library

[115]

Qingji Zheng and Shouhuai Xu. 2012. Secure and Efficient Proof of Storage with Deduplication. In Proceedings of the 2nd ACM conference on Data and Application Security and Privacy (CODASPY '12). ACM, 1--12.

Digital Library

Cited By

Pratama Hartono ABrito AFetzer C(2024)CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing2024 IEEE 17th International Conference on Cloud Computing (CLOUD)10.1109/CLOUD62652.2024.00026(141-152)Online publication date: 7-Jul-2024
https://doi.org/10.1109/CLOUD62652.2024.00026
Sun JLi SXu JHuang J(2023)The Security War in File Systems: An Empirical Study from A Vulnerability-centric PerspectiveACM Transactions on Storage10.1145/360602019:4(1-26)Online publication date: 3-Oct-2023
https://dl.acm.org/doi/10.1145/3606020
Paju AJaved MNurmi JSavimäki JMcGillion BBrumley B(2023)SoK: A Systematic Review of TEE Usage for Developing Trusted ApplicationsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600169(1-15)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600169
Show More Cited By

Index Terms

LibSEAL: revealing service integrity violations using trusted execution
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Process model-based atomic service discovery and composition of composite semantic web services using web ontology language for services OWL-S

Web Service composition has become indispensable as a single web service cannot satisfy complex functional requirements. Composition of services has received much interest to support business-to-business B2B or enterprise application integration. An ...
Daios: Efficient Dynamic Web Service Invocation

Systems based on the service-oriented architecture (SOA) paradigm must be able to bind to arbitrary Web services at runtime. However, current service frameworks are predominantly used through precompiled service-access components, which are invariably ...
SSWiM: A Semantic Service, Wrapper and Invocation Manager
CECANDEEE '08: Proceedings of the 2008 10th IEEE Conference on E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services

Integrating service description, discovery, and invocation functionalities presents several fundamental problems in the management of web services and is a basic problem for composing web services over a network. In this paper, we present the design of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EuroSys '18: Proceedings of the Thirteenth EuroSys Conference

April 2018

631 pages

ISBN:9781450355841

DOI:10.1145/3190508

General Chair:
Rui Oliveira,
Program Chairs:
Pascal Felber,
Y. Charlie Hu

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 April 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

EPSRC
H2020
HiPEDS

Conference

EuroSys '18

Sponsor:

SIGOPS

EuroSys '18: Thirteenth EuroSys Conference 2018

April 23 - 26, 2018

Porto, Portugal

Acceptance Rates

EuroSys '18 Paper Acceptance Rate 43 of 262 submissions, 16%;

Overall Acceptance Rate 241 of 1,308 submissions, 18%

Upcoming Conference

EuroSys '25

Sponsor:
sigops

Twentieth European Conference on Computer Systems

March 30 - April 3, 2025

Rotterdam , Netherlands

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
511
Total Downloads

Downloads (Last 12 months)23
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pratama Hartono ABrito AFetzer C(2024)CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing2024 IEEE 17th International Conference on Cloud Computing (CLOUD)10.1109/CLOUD62652.2024.00026(141-152)Online publication date: 7-Jul-2024
https://doi.org/10.1109/CLOUD62652.2024.00026
Sun JLi SXu JHuang J(2023)The Security War in File Systems: An Empirical Study from A Vulnerability-centric PerspectiveACM Transactions on Storage10.1145/360602019:4(1-26)Online publication date: 3-Oct-2023
https://dl.acm.org/doi/10.1145/3606020
Paju AJaved MNurmi JSavimäki JMcGillion BBrumley B(2023)SoK: A Systematic Review of TEE Usage for Developing Trusted ApplicationsProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3600169(1-15)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3600169
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Li ZChen GDeng Y(2022)Duplicacy: A New Generation of Cloud Backup Tool Based on Lock-Free DeduplicationIEEE Transactions on Cloud Computing10.1109/TCC.2020.304740310:4(2508-2520)Online publication date: 1-Oct-2022
https://doi.org/10.1109/TCC.2020.3047403
Xu XWang WLin JYang ZFan HWang Q(2022)LiTIV: A Lightweight Traceable Data Integrity Verification Scheme for Version Control Systems2022 International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN54977.2022.9868883(1-10)Online publication date: Jul-2022
https://doi.org/10.1109/ICCCN54977.2022.9868883
Hartono AFetzer C(2021)BROFY: Towards Essential Integrity Protection for Microservices2021 40th International Symposium on Reliable Distributed Systems (SRDS)10.1109/SRDS53918.2021.00024(154-163)Online publication date: Sep-2021
https://doi.org/10.1109/SRDS53918.2021.00024
Tan CZhao CMu SWalfish MLu SHowell J(2020)COBRAProceedings of the 14th USENIX Conference on Operating Systems Design and Implementation10.5555/3488766.3488770(63-80)Online publication date: 4-Nov-2020
https://dl.acm.org/doi/10.5555/3488766.3488770
Lee E(2019)Taming Performance Variability of Healthcare Data Service Frameworks with Proactive and Coarse-Grained Memory CleaningInternational Journal of Environmental Research and Public Health10.3390/ijerph1617309616:17(3096)Online publication date: 26-Aug-2019
https://doi.org/10.3390/ijerph16173096
Brito AFetzer CKöpsell SPietzuch PPasin MFelber PFonseca KRosa MGomes LRiella RPrado CRust LLucani DSipos MNagy LFehér M(2019)Secure end-to-end processing of smart metering dataJournal of Cloud Computing10.1186/s13677-019-0141-z8:1Online publication date: 4-Dec-2019
https://doi.org/10.1186/s13677-019-0141-z
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten