{"id":"https://openalex.org/W4205586362","doi":"https://doi.org/10.1145/3498688","title":"Isolation without taxation: near-zero-cost transitions for WebAssembly and SFI","display_name":"Isolation without taxation: near-zero-cost transitions for WebAssembly and SFI","publication_year":2022,"publication_date":"2022-01-12","ids":{"openalex":"https://openalex.org/W4205586362","doi":"https://doi.org/10.1145/3498688"},"language":"en","primary_location":{"id":"doi:10.1145/3498688","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3498688","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3498688","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3498688","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029419698","display_name":"Matthew Kolosick","orcid":null},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Matthew Kolosick","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048194792","display_name":"Shravan Narayan","orcid":"https://orcid.org/0000-0002-0065-6611"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Shravan Narayan","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047711104","display_name":"Evan Johnson","orcid":"https://orcid.org/0000-0002-1784-4512"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Evan Johnson","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060197721","display_name":"Conrad Watt","orcid":"https://orcid.org/0000-0002-0596-877X"},"institutions":[{"id":"https://openalex.org/I241749","display_name":"University of Cambridge","ror":"https://ror.org/013meh722","country_code":"GB","type":"education","lineage":["https://openalex.org/I241749"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Conrad Watt","raw_affiliation_strings":["University of Cambridge, UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Cambridge, UK","institution_ids":["https://openalex.org/I241749"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064433947","display_name":"Michael LeMay","orcid":"https://orcid.org/0000-0001-6206-9642"},"institutions":[{"id":"https://openalex.org/I1343180700","display_name":"Intel (United States)","ror":"https://ror.org/01ek73717","country_code":"US","type":"company","lineage":["https://openalex.org/I1343180700"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Michael LeMay","raw_affiliation_strings":["Intel Labs, USA"],"raw_orcid":"https://orcid.org/0000-0001-6206-9642","affiliations":[{"raw_affiliation_string":"Intel Labs, USA","institution_ids":["https://openalex.org/I1343180700"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026719321","display_name":"Deepak Garg","orcid":"https://orcid.org/0000-0002-0888-3093"},"institutions":[{"id":"https://openalex.org/I4210121786","display_name":"Max Planck Institute for Software Systems","ror":"https://ror.org/02pe2kf23","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210121786"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Deepak Garg","raw_affiliation_strings":["MPI-SWS, Germany"],"raw_orcid":"https://orcid.org/0000-0002-0888-3093","affiliations":[{"raw_affiliation_string":"MPI-SWS, Germany","institution_ids":["https://openalex.org/I4210121786"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002412544","display_name":"Ranjit Jhala","orcid":"https://orcid.org/0000-0002-1802-9421"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ranjit Jhala","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082723061","display_name":"Deian Stefan","orcid":"https://orcid.org/0000-0002-7041-7464"},"institutions":[{"id":"https://openalex.org/I36258959","display_name":"University of California San Diego","ror":"https://ror.org/0168r3w48","country_code":"US","type":"education","lineage":["https://openalex.org/I36258959"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Deian Stefan","raw_affiliation_strings":["University of California at San Diego, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of California at San Diego, USA","institution_ids":["https://openalex.org/I36258959"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5029419698"],"corresponding_institution_ids":["https://openalex.org/I36258959"],"apc_list":null,"apc_paid":null,"fwci":1.3873,"has_fulltext":true,"cited_by_count":11,"citation_normalized_percentile":{"value":0.83678159,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"6","issue":"POPL","first_page":"1","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9901999831199646,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8182949423789978},{"id":"https://openalex.org/keywords/compiler","display_name":"Compiler","score":0.6215202808380127},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4642326235771179},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.45946407318115234},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.43748363852500916},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4241955876350403},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.38194262981414795}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8182949423789978},{"id":"https://openalex.org/C169590947","wikidata":"https://www.wikidata.org/wiki/Q47506","display_name":"Compiler","level":2,"score":0.6215202808380127},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4642326235771179},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.45946407318115234},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.43748363852500916},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4241955876350403},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.38194262981414795},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3498688","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3498688","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3498688","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3498688","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3498688","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3498688","source":{"id":"https://openalex.org/S4210216081","display_name":"Proceedings of the ACM on Programming Languages","issn_l":"2475-1421","issn":["2475-1421"],"is_oa":true,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Programming Languages","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.41999998688697815,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2335238807","display_name":null,"funder_award_id":"EP/K008528","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G2628043840","display_name":"FMitF: Collaborative Research: Track I: Finding and Eliminating Bugs in Operating Systems","funder_award_id":"1918573","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G2697868850","display_name":null,"funder_award_id":"2120642","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G3291780239","display_name":null,"funder_award_id":"CNS-1514435","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4818589963","display_name":"TWC: Medium: Detection and Prevention of Data Timing Channels","funder_award_id":"1514435","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G5860500101","display_name":"REMS: Rigorous Engineering for Mainstream Systems","funder_award_id":"EP/K008528/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6552516729","display_name":null,"funder_award_id":"CCF-1918573","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G6671297155","display_name":null,"funder_award_id":"CAREER","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7401479227","display_name":null,"funder_award_id":"EP/K008528/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306087","display_name":"Semiconductor Research Corporation","ror":"https://ror.org/047z4n946"},{"id":"https://openalex.org/F4320307791","display_name":"Cisco Systems","ror":"https://ror.org/03yt1ez60"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4205586362.pdf","grobid_xml":"https://content.openalex.org/works/W4205586362.grobid-xml"},"referenced_works_count":42,"referenced_works":["https://openalex.org/W1683403723","https://openalex.org/W1904738922","https://openalex.org/W1965022292","https://openalex.org/W1978680977","https://openalex.org/W1990465482","https://openalex.org/W2009248821","https://openalex.org/W2027827874","https://openalex.org/W2033065121","https://openalex.org/W2037671236","https://openalex.org/W2053707676","https://openalex.org/W2062340141","https://openalex.org/W2069107692","https://openalex.org/W2071907540","https://openalex.org/W2079029390","https://openalex.org/W2083355374","https://openalex.org/W2088383546","https://openalex.org/W2105349588","https://openalex.org/W2105904466","https://openalex.org/W2116730531","https://openalex.org/W2119661827","https://openalex.org/W2134309469","https://openalex.org/W2137186143","https://openalex.org/W2138538875","https://openalex.org/W2151480972","https://openalex.org/W2159477904","https://openalex.org/W2258876169","https://openalex.org/W2511669759","https://openalex.org/W2625141509","https://openalex.org/W2734941459","https://openalex.org/W2752929869","https://openalex.org/W2765797110","https://openalex.org/W2787793525","https://openalex.org/W2888824464","https://openalex.org/W2900137615","https://openalex.org/W2914982603","https://openalex.org/W2930837359","https://openalex.org/W3110759831","https://openalex.org/W3112572460","https://openalex.org/W3197594700","https://openalex.org/W4234098509","https://openalex.org/W4236561850","https://openalex.org/W4238083723"],"related_works":["https://openalex.org/W4240253816","https://openalex.org/W3096456556","https://openalex.org/W2169584677","https://openalex.org/W2979513934","https://openalex.org/W4232954277","https://openalex.org/W2020341030","https://openalex.org/W2749133591","https://openalex.org/W2367473450","https://openalex.org/W23346600","https://openalex.org/W2460280200"],"abstract_inverted_index":{"Software":[0],"sandboxing":[1,30,146],"or":[2],"software-based":[3],"fault":[4],"isolation":[5],"(SFI)":[6],"is":[7,223,238],"a":[8,98,185,213,219,244],"lightweight":[9,115],"approach":[10],"to":[11,24,41,56,111,130,159,228,260],"building":[12],"secure":[13],"systems":[14,66,73,140],"out":[15],"of":[16,100,173,209],"untrusted":[17,44],"components.":[18],"Mozilla,":[19],"for":[20,145],"example,":[21],"uses":[22,251],"SFI":[23,40,60,65,72,247,274],"harden":[25],"the":[26,123,135,166,174,178,207,270],"Firefox":[27,156],"browser":[28],"by":[29,157,198,211,242],"third-party":[31],"libraries,":[32],"and":[33,37,58,90,127,152,161,169,204,254],"companies":[34],"like":[35],"Fastly":[36],"Cloudflare":[38],"use":[39,74,131],"safely":[42],"co-locate":[43],"tenants":[45],"on":[46,139,143],"their":[47],"edge":[48],"clouds.":[49],"While":[50],"there":[51],"have":[52],"been":[53],"significant":[54,84],"efforts":[55],"optimize":[57],"verify":[59],"enforcement,":[61],"context":[62,94],"switching":[63],"in":[64,155],"remains":[67],"largely":[68],"unexplored:":[69],"almost":[70],"all":[71],"heavyweight":[75],"transitions":[76,117],"that":[77,103,141,195,216,235,250],"are":[78],"not":[79],"only":[80],"error-prone":[81],"but":[82],"incur":[83],"performance":[85,137],"overhead":[86],"from":[87,177],"saving,":[88],"clearing,":[89],"restoring":[91],"registers":[92],"when":[93,105,218],"switching.":[95],"We":[96,121],"identify":[97],"set":[99],"zero-cost":[101,116,132,202,230,263],"conditions":[102],"characterize":[104],"sandboxed":[106],"code":[107],"has":[108],"sufficient":[109],"structured":[110],"guarantee":[112],"security":[113],"via":[114],"(simple":[118],"function":[119,222],"calls).":[120],"modify":[122],"Lucet":[124,144,167,199],"Wasm":[125,175,221,241],"compiler":[126,168],"its":[128,170],"runtime":[129],"transitions,":[133],"eliminating":[134],"undue":[136],"tax":[138],"rely":[142],"(e.g.,":[147],"we":[148,182,233],"speed":[149],"up":[150,158],"image":[151],"font":[153],"rendering":[154],"29.7%":[160],"10%":[162],"respectively).":[163],"To":[164],"remove":[165],"correct":[171],"implementation":[172],"specification":[176],"trusted":[179],"computing":[180],"base,":[181],"(1)":[183],"develop":[184],"static":[186],"binary":[187],"verifier":[188],",":[189],"VeriZero,":[190],"which":[191],"(in":[192],"seconds)":[193],"checks":[194],"binaries":[196],"produced":[197],"satisfy":[200],"our":[201,229,236,262,265],"conditions,":[203],"(2)":[205],"prove":[206],"soundness":[208],"VeriZero":[210],"developing":[212],"logical":[214],"relation":[215],"captures":[217],"compiled":[220],"semantically":[224],"well-behaved":[225],"with":[226,256,269],"respect":[227],"conditions.":[231],"Finally,":[232],"show":[234],"model":[237],"useful":[239],"beyond":[240],"describing":[243],"new,":[245],"purpose-built":[246],"system,":[248],"SegmentZero32,":[249],"x86":[252],"segmentation":[253],"LLVM":[255],"mostly":[257],"off-the-shelf":[258],"passes":[259],"enforce":[261],"conditions;":[264],"prototype":[266],"performs":[267],"on-par":[268],"state-of-the-art":[271],"Native":[272],"Client":[273],"system.":[275]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":6}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2022-01-25T00:00:00"}