{"id":"https://openalex.org/W4408889234","doi":"https://doi.org/10.1145/3689031.3717464","title":"Erebor: A Drop-In Sandbox Solution for Private Data Processing in Untrusted Confidential Virtual Machines","display_name":"Erebor: A Drop-In Sandbox Solution for Private Data Processing in Untrusted Confidential Virtual Machines","publication_year":2025,"publication_date":"2025-03-26","ids":{"openalex":"https://openalex.org/W4408889234","doi":"https://doi.org/10.1145/3689031.3717464"},"language":"en","primary_location":{"id":"doi:10.1145/3689031.3717464","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3689031.3717464","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twentieth European Conference on Computer Systems","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5044106963","display_name":"Chuqi Zhang","orcid":"https://orcid.org/0009-0006-3550-696X"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Chuqi Zhang","raw_affiliation_strings":["National University of Singapore"],"raw_orcid":"https://orcid.org/0009-0006-3550-696X","affiliations":[{"raw_affiliation_string":"National University of Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5116817952","display_name":"Rahul Priolkar","orcid":null},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rahul Priolkar","raw_affiliation_strings":["Arizona State University"],"raw_orcid":"https://orcid.org/0009-0006-2116-4954","affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5086257417","display_name":"Yuancheng Jiang","orcid":"https://orcid.org/0009-0006-7833-5208"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Yuancheng Jiang","raw_affiliation_strings":["National University of Singapore"],"raw_orcid":"https://orcid.org/0009-0006-7833-5208","affiliations":[{"raw_affiliation_string":"National University of Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102841738","display_name":"Yuan Xiao","orcid":"https://orcid.org/0009-0003-7249-277X"},"institutions":[{"id":"https://openalex.org/I30809798","display_name":"ShanghaiTech University","ror":"https://ror.org/030bhh786","country_code":"CN","type":"education","lineage":["https://openalex.org/I30809798"]},{"id":"https://openalex.org/I4210094487","display_name":"Intel (Germany)","ror":"https://ror.org/00m2x0g47","country_code":"DE","type":"company","lineage":["https://openalex.org/I1343180700","https://openalex.org/I4210094487"]}],"countries":["CN","DE"],"is_corresponding":false,"raw_author_name":"Yuan Xiao","raw_affiliation_strings":["ShanghaiTech University and Intel Labs"],"raw_orcid":"https://orcid.org/0009-0003-7249-277X","affiliations":[{"raw_affiliation_string":"ShanghaiTech University and Intel Labs","institution_ids":["https://openalex.org/I30809798","https://openalex.org/I4210094487"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090620720","display_name":"Mona Vij","orcid":"https://orcid.org/0000-0002-5309-0391"},"institutions":[{"id":"https://openalex.org/I1343180700","display_name":"Intel (United States)","ror":"https://ror.org/01ek73717","country_code":"US","type":"company","lineage":["https://openalex.org/I1343180700"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Mona Vij","raw_affiliation_strings":["Intel Labs"],"raw_orcid":"https://orcid.org/0000-0002-5309-0391","affiliations":[{"raw_affiliation_string":"Intel Labs","institution_ids":["https://openalex.org/I1343180700"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084611756","display_name":"Zhenkai Liang","orcid":"https://orcid.org/0000-0001-7138-5030"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Zhenkai Liang","raw_affiliation_strings":["National University of Singapore"],"raw_orcid":"https://orcid.org/0000-0001-7138-5030","affiliations":[{"raw_affiliation_string":"National University of Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101746889","display_name":"Adil Ahmad","orcid":"https://orcid.org/0009-0002-4097-3205"},"institutions":[{"id":"https://openalex.org/I55732556","display_name":"Arizona State University","ror":"https://ror.org/03efmqc40","country_code":"US","type":"education","lineage":["https://openalex.org/I55732556"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Adil Ahmad","raw_affiliation_strings":["Arizona State University"],"raw_orcid":"https://orcid.org/0009-0002-4097-3205","affiliations":[{"raw_affiliation_string":"Arizona State University","institution_ids":["https://openalex.org/I55732556"]}]}],"institutions":[],"countries_distinct_count":4,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5044106963"],"corresponding_institution_ids":["https://openalex.org/I165932596"],"apc_list":null,"apc_paid":null,"fwci":4.3465,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.93465915,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1210","last_page":"1228"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9929999709129333,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/sandbox","display_name":"Sandbox (software development)","score":0.971031904220581},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6320115923881531},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.5433838963508606},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5128633975982666},{"id":"https://openalex.org/keywords/drop","display_name":"Drop (telecommunication)","score":0.512353777885437},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3497368097305298},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.34424537420272827},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.33889031410217285},{"id":"https://openalex.org/keywords/telecommunications","display_name":"Telecommunications","score":0.11217328906059265}],"concepts":[{"id":"https://openalex.org/C167981075","wikidata":"https://www.wikidata.org/wiki/Q2667186","display_name":"Sandbox (software development)","level":2,"score":0.971031904220581},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6320115923881531},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.5433838963508606},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5128633975982666},{"id":"https://openalex.org/C2781345722","wikidata":"https://www.wikidata.org/wiki/Q5308388","display_name":"Drop (telecommunication)","level":2,"score":0.512353777885437},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3497368097305298},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.34424537420272827},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.33889031410217285},{"id":"https://openalex.org/C76155785","wikidata":"https://www.wikidata.org/wiki/Q418","display_name":"Telecommunications","level":1,"score":0.11217328906059265}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3689031.3717464","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3689031.3717464","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twentieth European Conference on Computer Systems","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G438549943","display_name":null,"funder_award_id":"FA9550-24-1-0204","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":59,"referenced_works":["https://openalex.org/W1481952923","https://openalex.org/W1555558540","https://openalex.org/W1664413462","https://openalex.org/W1852007091","https://openalex.org/W2036329595","https://openalex.org/W2057743816","https://openalex.org/W2062340141","https://openalex.org/W2164399967","https://openalex.org/W2170146596","https://openalex.org/W2337699331","https://openalex.org/W2463516579","https://openalex.org/W2575735093","https://openalex.org/W2579632738","https://openalex.org/W2734941459","https://openalex.org/W2741593962","https://openalex.org/W2791034507","https://openalex.org/W2792900670","https://openalex.org/W2886636392","https://openalex.org/W2903566129","https://openalex.org/W2912894509","https://openalex.org/W2920795722","https://openalex.org/W2947561435","https://openalex.org/W2953977010","https://openalex.org/W2963311060","https://openalex.org/W2965588382","https://openalex.org/W2984643661","https://openalex.org/W2998038410","https://openalex.org/W3009731533","https://openalex.org/W3015806656","https://openalex.org/W3111157406","https://openalex.org/W3138943459","https://openalex.org/W3177545773","https://openalex.org/W3191918078","https://openalex.org/W3207935656","https://openalex.org/W4205983429","https://openalex.org/W4212914967","https://openalex.org/W4229646679","https://openalex.org/W4233429846","https://openalex.org/W4242289848","https://openalex.org/W4290995622","https://openalex.org/W4308643135","https://openalex.org/W4308644386","https://openalex.org/W4311165758","https://openalex.org/W4385152093","https://openalex.org/W4388867283","https://openalex.org/W4389279188","https://openalex.org/W4391623933","https://openalex.org/W4394007436","https://openalex.org/W4402264173","https://openalex.org/W4402288723","https://openalex.org/W4403593405","https://openalex.org/W4405181884","https://openalex.org/W4405182342","https://openalex.org/W4408749970","https://openalex.org/W6638233953","https://openalex.org/W6703549403","https://openalex.org/W6753443810","https://openalex.org/W6780236295","https://openalex.org/W6891847171"],"related_works":["https://openalex.org/W4387497383","https://openalex.org/W3183948672","https://openalex.org/W3173606202","https://openalex.org/W3110381201","https://openalex.org/W2948807893","https://openalex.org/W2935909890","https://openalex.org/W2778153218","https://openalex.org/W2758277628","https://openalex.org/W1531601525","https://openalex.org/W2033352828"],"abstract_inverted_index":{"Confidential":[0],"virtual":[1],"machines":[2],"(CVMs)":[3],"are":[4],"designed":[5],"to":[6,49,69,83],"protect":[7],"data":[8,44,62,85,149],"in":[9,15,18,63,144,151],"cloud":[10,22,114,153],"machines,":[11],"but":[12],"they":[13],"fail":[14],"this":[16],"task":[17],"common":[19],"Software-as-a-Service":[20],"(SaaS)":[21],"environments.":[23],"In":[24],"such":[25,96,123],"settings,":[26],"the":[27,37,80],"software":[28],"stack":[29],"within":[30],"a":[31,54,99,136],"CVM,":[32,109],"including":[33],"service":[34],"programs":[35],"and":[36,42,78,88,129],"operating":[38],"system,":[39],"that":[40,59],"receives":[41],"processes":[43,60],"may":[45],"intentionally":[46],"disclose":[47],"it":[48],"attackers.":[50],"We":[51],"present":[52],"Erebor,":[53],"sandboxing":[55,150],"architecture":[56],"for":[57,108],"CVMs":[58],"client":[61],"secure":[64],"containers,":[65],"where":[66],"restrictions":[67,97],"apply":[68],"both":[70],"(a)":[71],"access":[72],"by":[73],"all":[74],"untrusted":[75],"outside":[76],"components":[77],"(b)":[79],"sandbox's":[81],"ability":[82],"communicate":[84],"through":[86,98],"memory":[87],"software-controlled":[89],"direct":[90],"or":[91],"covert":[92],"exits.":[93],"Erebor":[94,133],"enables":[95],"security":[100],"monitor":[101],"design":[102],"based":[103],"on":[104],"intra-kernel":[105],"privilege":[106],"isolation":[107],"fully":[110],"compatible":[111],"with":[112],"emerging":[113],"deployments":[115],"without":[116],"requiring":[117],"host":[118],"modifications.":[119],"Under":[120],"realistic":[121],"scenarios,":[122],"as":[124],"large":[125],"language":[126],"model":[127],"inference":[128],"private":[130],"information":[131],"retrieval,":[132],"only":[134],"adds":[135],"performance":[137],"overhead":[138],"of":[139,146],"4.5%-13.2%,":[140],"demonstrating":[141],"its":[142],"practicality":[143],"terms":[145],"enabling":[147],"strong":[148],"modern":[152],"machines.":[154]},"counts_by_year":[{"year":2025,"cited_by_count":2}],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}