We present the design, implementation, and verification of XMHF-an eXtensible and
Modular Hypervisor Framework. XMHF is designed to achieve three goals--modular …

Recognizing the pressing demands to secure embedded applications, ARM TrustZone has
been adopted in both academic research and commercial products to protect sensitive code …

Recent years have experienced explosive growth of smartphone sales. Inevitably, the rise in
the popularity of smartphones also makes them an attractive target for attacks. In light of …

Trusting a computer for a security-sensitive task (such as checking email or banking online)
requires the user to know something about the computer's state. We examine research on …

Modern systems keep long memories. As we show in this paper, an adversary who gains
access to a Linux system, even one that implements secure deallocation, can recover the …

We present überSpark (üSpark), an innovative architecture for compositional verification
of security properties of extensible hypervisors written in C and Assembly. üSpark …

Mobile OSes and applications form a large, complex and vulnerability-prone software stack.
In such an environment, security techniques to strongly protect sensitive data in mobile …

Today's edge networks continue to see an increasing number of deployed IoT devices.
These IoT devices aim to increase productivity and efficiency; however, they are plagued by …

An increasingly common practice for users of storage systems is to perform end-to-end
encryption to ensure the confidentiality of data stored on external storage systems or in the …

Notary is a new hardware and software architecture for running isolated approval agents in
the form factor of a USB stick with a small display and buttons. Approval agents allow …