The Experts below are selected from a list of 99273 Experts worldwide ranked by ideXlab platform
Dongyan Xu - One of the best experts on this subject based on the ideXlab platform.
-
cafe a virtualization based approach to protecting sensitive cloud Application Logic confidentiality
IEEE Transactions on Dependable and Secure Computing, 2018Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead. The results demonstrate the effectiveness and practicality of CAFE in cloud marketplaces.
-
cafe a virtualization based approach to protecting sensitive cloud Application Logic confidentiality
Computer and Communications Security, 2015Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead.
-
AsiaCCS - CAFE: A Virtualization-Based Approach to Protecting Sensitive Cloud Application Logic Confidentiality
Proceedings of the 10th ACM Symposium on Information Computer and Communications Security - ASIA CCS '15, 2015Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead.
Junghwan Rhee - One of the best experts on this subject based on the ideXlab platform.
-
cafe a virtualization based approach to protecting sensitive cloud Application Logic confidentiality
IEEE Transactions on Dependable and Secure Computing, 2018Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead. The results demonstrate the effectiveness and practicality of CAFE in cloud marketplaces.
-
cafe a virtualization based approach to protecting sensitive cloud Application Logic confidentiality
Computer and Communications Security, 2015Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead.
-
AsiaCCS - CAFE: A Virtualization-Based Approach to Protecting Sensitive Cloud Application Logic Confidentiality
Proceedings of the 10th ACM Symposium on Information Computer and Communications Security - ASIA CCS '15, 2015Co-Authors: Sungjin Park, Junghwan Rhee, Dongyan XuAbstract:Cloud Application marketplaces of modern cloud infrastructures offer a new software deployment model, integrated with the cloud environment in its configuration and policies. However, similar to traditional software distribution which has been suffering from software piracy and reverse engineering, cloud marketplaces face the same challenges that can deter the success of the evolving ecosystem of cloud software. We present a novel system named CAFE for cloud infrastructures where sensitive software Logic can be executed with high secrecy protected from any piracy or reverse engineering attempts in a virtual machine even when its operating system kernel is compromised. The key mechanism is the end-to-end framework for the execution of Applications, which consists of the secure encryption and distribution of confidential Application binary files, and the runtime techniques to load, decrypt, and protect the program Logic by isolating them from tenant virtual machines based on hypervisor-level techniques. We evaluate Applications in several software categories which are commonly offered in cloud marketplaces showing that strong confidential execution can be provided with only marginal changes (around 100-220 lines of code) and minimal performance overhead.
-
NOMS - Software system performance debugging with kernel events feature guidance
2014 IEEE Network Operations and Management Symposium (NOMS), 2014Co-Authors: Junghwan Rhee, Hui Zhang, Nipun Arora, Guofei Jiang, Kenji YoshihiraAbstract:To diagnose performance problems in production systems, many OS kernel-level monitoring and analysis tools have been proposed. Using low level kernel events provides benefits in efficiency and transparency to monitor Application software. On the other hand, such approaches miss Application-specific semantic information which can be effective to differentiate the trace patterns from distinct Application Logic. This paper introduces new trace analysis techniques based on event features to improve kernel event based performance diagnosis tools. Our prototype, AppDiff, is based on two analysis features: system resource features convert kernel events to resource usage metrics, thereby enabling the detection of various performance anomalies in a unified way; program behavior features infer the Application Logic behind the low level events. By using these features and conditional probability, AppDiff can detect outliers and improve the diagnosis of Application performance.
Roman Prytuliak - One of the best experts on this subject based on the ideXlab platform.
-
SLALOM, a flexible method for the identification and statistical analysis of overlapping continuous sequence elements in sequence-and time-series data
BMC Bioinformatics, 2018Co-Authors: Roman Prytuliak, Friedhelm Pfeiffer, Bianca HabermannAbstract:Background: Protein or nucleic acid sequences contain a multitude of associated annotations representing continuous sequence elements (CSEs). Comparing these CSEs is needed, whenever we want to match identical annotations or integrate distinctive ones. Currently, there is no ready-to-use software available that provides comprehensive statistical readout for comparing two annotations of the same type with each other, which can be adapted to the Application Logic of the scientific question. Results: We have developed a method, SLALOM (for StatisticaL Analysis of Locus Overlap Method), to perform comparative analysis of sequence annotations in a highly flexible way. SLALOM implements six major operation modes and a number of additional options that can answer a variety of statistical questions about a pair of input annotations of a given sequence collection. We demonstrate the results of SLALOM on three different examples from biology and economics and compare our method to already existing software. We discuss the importance of carefully choosing the Application Logic to address specific scientific questions.
-
SLALOM, a flexible method for the identification and statistical analysis of overlapping continuous sequence elements in sequence- and time-series data
BMC Bioinformatics, 2018Co-Authors: Roman Prytuliak, Friedhelm Pfeiffer, Bianca Hermine HabermannAbstract:Background : Protein or nucleic acid sequences contain a multitude of associated annotations representing continuous sequence elements (CSEs). Comparing these CSEs is needed, whenever we want to match identical annotations or integrate distinctive ones. Currently, there is no ready-to-use software available that provides comprehensive statistical readout for comparing two annotations of the same type with each other, which can be adapted to the Application Logic of the scientific question. Results : We have developed a method, SLALOM (for StatisticaL Analysis of Locus Overlap Method), to perform comparative analysis of sequence annotations in a highly flexible way. SLALOM implements six major operation modes and a number of additional options that can answer a variety of statistical questions about a pair of input annotations of a given sequence collection. We demonstrate the results of SLALOM on three different examples from biology and economics and compare our method to already existing software. We discuss the importance of carefully choosing the Application Logic to address specific scientific questions. Conclusion : SLALOM is a highly versatile, command-line based method for comparing annotations in a collection of sequences, with a statistical read-out for performance evaluation and benchmarking of predictors and gene annotation pipelines. Abstraction from sequence content even allows SLALOM to compare other kinds of positional data including, for example, data coming from time series.
Bianca Hermine Habermann - One of the best experts on this subject based on the ideXlab platform.
-
SLALOM, a flexible method for the identification and statistical analysis of overlapping continuous sequence elements in sequence- and time-series data
BMC Bioinformatics, 2018Co-Authors: Roman Prytuliak, Friedhelm Pfeiffer, Bianca Hermine HabermannAbstract:Background : Protein or nucleic acid sequences contain a multitude of associated annotations representing continuous sequence elements (CSEs). Comparing these CSEs is needed, whenever we want to match identical annotations or integrate distinctive ones. Currently, there is no ready-to-use software available that provides comprehensive statistical readout for comparing two annotations of the same type with each other, which can be adapted to the Application Logic of the scientific question. Results : We have developed a method, SLALOM (for StatisticaL Analysis of Locus Overlap Method), to perform comparative analysis of sequence annotations in a highly flexible way. SLALOM implements six major operation modes and a number of additional options that can answer a variety of statistical questions about a pair of input annotations of a given sequence collection. We demonstrate the results of SLALOM on three different examples from biology and economics and compare our method to already existing software. We discuss the importance of carefully choosing the Application Logic to address specific scientific questions. Conclusion : SLALOM is a highly versatile, command-line based method for comparing annotations in a collection of sequences, with a statistical read-out for performance evaluation and benchmarking of predictors and gene annotation pipelines. Abstraction from sequence content even allows SLALOM to compare other kinds of positional data including, for example, data coming from time series.
Andy Hopper - One of the best experts on this subject based on the ideXlab platform.
-
capturing and indexing computer based activities with virtual network computing
ACM Symposium on Applied Computing, 2000Co-Authors: Sheng Feng Li, Mark Spiteri, John Bates, Andy HopperAbstract:In this paper, we present a new technique to capture and index computer-based activities, without hindering natural humancomputer interactions. This technique is based on the Virtual Network Computing (VNC) technology, which is an ultra-thinclient/server computing model that separates the display interface from the Application Logic in windowing systems. The server executes all the Applications and the client simply presents the frame buffer updates to the user and accepts user input. We record the frame buffer updates for work review, and store the user and system events as potential indices into the recording.
-
SAC (2) - Capturing and indexing computer-based activities with virtual network computing
Proceedings of the 2000 ACM symposium on Applied computing - SAC '00, 2000Co-Authors: Sheng Feng Li, Mark Spiteri, John Bates, Andy HopperAbstract:In this paper, we present a new technique to capture and index computer-based activities, without hindering natural humancomputer interactions. This technique is based on the Virtual Network Computing (VNC) technology, which is an ultra-thinclient/server computing model that separates the display interface from the Application Logic in windowing systems. The server executes all the Applications and the client simply presents the frame buffer updates to the user and accepts user input. We record the frame buffer updates for work review, and store the user and system events as potential indices into the recording.
