A
Andrew Ferraiuolo
Researcher at Cornell University
Publications - 18
Citations - 628
Andrew Ferraiuolo is an academic researcher from Cornell University. The author has contributed to research in topics: Information flow (information theory) & Shared memory. The author has an hindex of 10, co-authored 17 publications receiving 503 citations. Previous affiliations of Andrew Ferraiuolo include University of Connecticut.
Papers
More filters
Proceedings ArticleDOI
Komodo: Using verification to disentangle secure-enclave hardware from software
TL;DR: Komodo illustrates an alternative approach to attested, on-demand, user-mode, concurrent isolated execution and aims to achieve security equivalent to or better than SGX while enabling deployment of new enclave features independently of CPU upgrades.
Proceedings ArticleDOI
Timing channel protection for a shared memory controller
TL;DR: A protection scheme to eliminate the interference across security domains through two main changes: a per security domain based queueing structure, and static allocation of time slots in the scheduling algorithm.
Proceedings ArticleDOI
SecDCP: secure dynamic cache partitioning for efficient timing channel protection
TL;DR: The proposed SecDCP scheme changes the size of cache partitions at run time for better performance while preventing insecure information leakage between processes, and improves performance by up to 43% and by an average of 12.5% over static cache partitioning.
Proceedings ArticleDOI
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis
TL;DR: This work introduces an effective way to formally verify important properties of hardware security mechanisms using a lightweight security-typed hardware description language (HDL) that performs static information flow analysis.
Proceedings ArticleDOI
HyperFlow: A Processor Architecture for Nonmalleable, Timing-Safe Information Flow Security
TL;DR: The architecture decisions that make the processor secure are discussed and ChiselFlow, a new secure hardware description language supporting lightweight information-flow enforcement is described, which is shown to add moderate overhead to area and performance.