BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Enabling System-Wide Isolation for Trusted Execution Environments 
 - Zahra Tarkhani\, Computer Lab
DTSTART:20200716T140000Z
DTEND:20200716T150000Z
UID:TALK149668@talks.cam.ac.uk
CONTACT:Srinivasan Keshav
DESCRIPTION:Hardware-assisted trusted execution environments (TEEs) are\nc
 ritical building blocks of many modern applications. However\, there are\n
 a growing number of attacks on TEE-enabled applications that exploit\ninse
 cure interactions of these security primitives on existing OSs.\nComplex a
 pplications rely on many mechanisms on the host OS and TEE\nsystem\; their
  complex interactions open a large attack surface that\nthreatens both the
  trusted and untrusted worlds.\nIn this talk\, I will first describe our s
 olution\, Sirius\, the first OS\nand TEE system to achieve system-wide iso
 lation in TEEs. It enables\nfine-grained compartmentalisation\, strong iso
 lation\, and secure\ninteractions between enclaves and kernel objects (e.g
 .\, threads\, address\nspaces\, IPC\, files\, and sockets). Then I will sh
 ow how Sirius replaces\nad-hoc and inefficient forms of interactions in cu
 rrent TEE systems with\na principled approach that adds strong inter- and 
 intra-process\nisolation and efficiently eliminates a wide range of attack
 s.\n
LOCATION:https://meetingsemea10.webex.com/meet/sk818 
END:VEVENT
END:VCALENDAR