Glad to announce that our paper "PICACHV: Formally Verified Data Use Policy Enforcement for Secure Data Analytics" has been accepted to USENIX Security 2025!
You can check the paper on Arxiv here arxiv.org/pdf/2501.10560
English
Hiroki Chen
394 posts
Hiroki Chen
@Clap4daniel
Systems, Security, Formal methods. 2nd-year Ph.D. student
Oslo Se unió Aralık 2013
706 Siguiendo232 Seguidores
For SGX, folks designed LibOSes to support system calls, disk I/Os, and some other stuff to support unmodified binaries inside them, which unfortunately bloats the TCB, while some people design a SGX inside TDX due to the potential flaws in the guest OS. This is kinda funny.
English
So today's TEE designs transitioned to VM-based, but this still raises a question about the TCB size thereof since it now includes the whole OS and other (perhaps unnecessary) runtimes into the protected area and the trustworthiness is rather dubious.
English
As I have done more research on TEEs, I feel like this area is facing a serious dilemma and no work seems to be able to address it. That is, what should be inside the TEE? SGX is criticized for being overly restrictive and people have to hack it to port legacy code.
English
@vanhoefm I haven’t gotten any notifications yet but my friend received in the morning ;(
English
Who else received surprisingly disappointing USENIX Security reviews..? 🙋♂️
English
Rust 1.80.0 is now available! 🦀🌈
This release brings you LazyCell, LazyLock, checked cfg names & values, exclusive ranges in patterns, IntoIterator for Box<[T]>, Option::take_if, split_at_checked, and more!
Check out the announcement and release notes: blog.rust-lang.org/2024/07/25/Rus…
English
So happy to present our collaborative work toward Trusted App Store (TAPStore) and NSF Center for Distributed Confidential Computing (CDCC) at this year’s @confcompsummit. It’s a great chance to meet old friends and build new connections. See you tomorrow (cont.)
English
Are these two equivalences also equal? Congratulations! You are now tackling with HoTT's univalence axiom!
English
Kudos to @chbhongbo for this work! Thrilled to be able to work with him on formal methods + TEE ;) Also feel so glad to be present at @USENIXSecurity symposium!
Hongbo Chen@chbhongbo
I’m presenting our work on verification of Confidential Computing as a Service (CCaaS) @USENIXSecurity 23. If you’re interested, please come to Platinum Salon 7–8 on Aug. 10 at 4:45 pm–5:45 pm (track 3). Check our artifact and paper in this repository: github.com/ya0guang/PoBF
English
After taking courses (MLTT, dependent types, etc) at the n-type summer school, I began to sense the magic of type theory. I had a strong feeling that everything in compuer science and security stuffs can be fully formalized. Gonna learn more on this topic ;)
English
Omg after experimenting with lean4 theorem prover i think lean4 is better than coq, and they even introduce package manager like cargo lol. I thin i can try it on my new project.🤔
English
My mood: they finally started to implement the memory manager with EDMM after our paper was accepted after the major revision in which we stated there is no official memory management support for EDMM in Rust SGX SDK.🥲
English
