Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Thu 9 Jul 2020 00:48 - 01:00 at Baekje - P13-Security Chair(s): Joshua Garcia

The big data industry is facing new challenges as concerns about privacy leakage soar. One of the remedies to privacy breach incidents is to encapsulate computations over sensitive data within hardware-assisted Trusted Execution Environments (TEE). Such TEE-powered software is called secure enclaves. Security enclaves hold various advantages against competing privacy-preserving computation techniques; however, enclaves are much more challenging to build than ordinary software. The reason is that developing TEE software has to follow a restrictive programming model to make effective use of the strong memory encryption and segregation enforced by hardware. These constraints transitively apply to all third-party dependencies of the software, thus costing developers considerably more engineering efforts. High development and maintenance cost is one of the major obstacles against employing TEE-based privacy protection in production.

In this paper, we present our experience and achievements with regard to constructing and continuously maintaining a third-party library supply chain for TEE developers. In particular, we port a large collection of Rust third-party libraries into Intel SGX, one of the most mature trusted computing platforms. Our supply chain accepts upstream patches in a timely manner with SGX-specific security auditing. We have been able to maintain the SGX ports of 159 open-source Rust libraries with reasonable operational costs. Our work can effectively reduce the engineering cost of developing SGX enclaves for privacy-preserving data processing and exchange.

Thu 9 Jul

Displayed time zone: (UTC) Coordinated Universal Time change

00:00 - 01:00
P13-SecurityTechnical Papers / Software Engineering in Practice at Baekje
Chair(s): Joshua Garcia University of California, Irvine
00:00
12m
Talk
Burn After Reading: A Shadow Stack with Microsecond-level Runtime Rerandomization for Protecting Return AddressesTechnicalArtifact Available
Technical Papers
Changwei Zou UNSW Sydney, Jingling Xue UNSW Sydney
00:12
12m
Talk
Automated Identification of Libraries from Vulnerability DataSEIP
Software Engineering in Practice
Chen Yang Veracode, Inc., Andrew Santosa Veracode, Inc., Asankhaya Sharma Veracode, Inc., David Lo Singapore Management University
Pre-print Media Attached
00:24
12m
Talk
Unsuccessful Story about Few Shot Malware-Family Classification and Siamese Network to the RescueTechnical
Technical Papers
Yude Bai Tianjin University, Zhenchang Xing Australia National University, Li Xiaohong TianJin University, Zhiyong Feng Tianjin University, Duoyuan Ma Tianjin University
00:36
12m
Talk
SpecuSym: Speculative Symbolic Execution for Cache Timing Leak DetectionTechnical
Technical Papers
Shengjian Guo Baidu X-Lab, Yueqi Chen The Pennsylvania State University, Peng Li Baidu X-Lab, Yueqiang Cheng Baidu Security, Huibo Wang Baidu X-Lab, Meng Wu Ant Financial, Zhiqiang Zuo Nanjing University, China
00:48
12m
Talk
Building and Maintaining a Third-Party Library Supply Chain for Productive and Secure SGX Enclave DevelopmentSEIP
Software Engineering in Practice
Pei Wang Baidu X-Lab, Yu Ding Baidu X-Lab, Mingshen Sun Baidu X-Lab, Huibo Wang Baidu X-Lab, Tongxin Li Baidu X-Lab, Rundong Zhou Baidu X-Lab, Zhaofeng Chen , Yiming Jing Baidu X-Lab