Only pay for what you need: Detecting and removing unnecessary TEE-based code
نویسندگان
چکیده
A Trusted Execution Environment (TEE) provides an isolated hardware environment for sensitive code and data to protect a system’s integrity confidentiality. As we discovered, programmers tend overuse TEE protection. When they place non-sensitive in TEE, the trusted computing base (TCB) grows unnecessarily, leading long execution latencies large attack surfaces. To address this problem, first study representative sample of open-source projects uncover how is utilized real-world software. facilitate process removing from introduce Insourcing , new type software refactoring that identifies removes unnecessary program parts out TEE. We implemented as TEE-DRUP framework, which operates three phases: (1) variable sensitivity analysis designates each or non-sensitive; (2) TEE-aware taint TEE-based functions; (3) fully-declarative transformation automatically moves these functions Our evaluation demonstrates our approach correct, effective, usable. By deploying discover remove code, can both reduce TCB’s size improve system performance. • Environments usage An identification problem misplacing (non-)sensitive variables. compiler-based tool TEEs.
منابع مشابه
What you need to know about pay for performance.
*Tremendous variation exists today among commercial plans' P4P programs, but that will not prevent many of these programs from expanding, as this payment approach almost certainly will gain traction in coming years. *Hospitals that choose not to participate or that perform poorly in P4P programs risk losing market share as well as potential financial benefits. *Involving the medical staff in de...
متن کاملYou get what you pay for.
As Nursing Standard went to press, chancellor Alistair Darling was putting the finishing touches to his pre-budget report. Speculation was rife that he would announce efficiency savings - or cuts to use more direct language - across the public sector, including the NHS.
متن کاملWhat you see is what you need.
We studied the role of attention and task demands for implicit change detection. Subjects engaged in an object sorting task performed in a virtual reality environment, where we changed the properties of an object while the subject was manipulating it. The task assures that subjects are looking at the changed object immediately before and after the change. Our results demonstrate that in this si...
متن کاملCan you get what you pay for? Pay-for-performance and the quality of healthcare providers.
Despite the popularity of pay-for-performance (P4P) among health policymakers and private insurers as a tool for improving quality of care, there is little empirical basis for its effectiveness. We use data from published performance reports of physician medical groups contracting with a large network HMO to compare clinical quality before and after the implementation of P4P, relative to a cont...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Systems and Software
سال: 2022
ISSN: ['0164-1212', '1873-1228']
DOI: https://doi.org/10.1016/j.jss.2022.111253