D
David C. Sehr
Researcher at Google
Publications - 31
Citations - 1802
David C. Sehr is an academic researcher from Google. The author has contributed to research in topics: Redundant code & Machine code. The author has an hindex of 14, co-authored 31 publications receiving 1726 citations.
Papers
More filters
Proceedings ArticleDOI
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
Bennet S. Yee,David C. Sehr,Gregory Dardyk,J. Bradley Chen,Robert Muth,Tavis Ormandy,Shiki Okasaka,Neha Narula,Nicholas Fullagar +8 more
TL;DR: The Native Client project as mentioned in this paper is a sandbox for untrusted x86 native code that uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client.
Journal ArticleDOI
Native Client: a sandbox for portable, untrusted x86 native code
Bennet S. Yee,David C. Sehr,Gregory Dardyk,J. Bradley Chen,Robert Muth,Tavis Ormandy,Shiki Okasaka,Neha Narula,Nicholas Fullagar +8 more
TL;DR: This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code that combines software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client.
Proceedings Article
Adapting software fault isolation to contemporary CPU architectures
David C. Sehr,Robert Muth,Clifford L. Biffle,Victor Khimenko,Egor Pasko,Karl M. Schimpf,Bennet S. Yee,Brad Chen +7 more
TL;DR: It is suggested that these SFI implementations benefit from instruction-level parallelism, and have particularly small impact for workloads that are data memory-bound, both properties that tend to reduce the impact of the SFI systems for future CPU implementations.
Patent
Method for safely executing an untrusted native code module on a computing device
J. Bradley Chen,Matthew T. Harren,Matthew N. Papakipos,David C. Sehr,Bennet S. Yee,Gregory Dardyk +5 more
TL;DR: In this paper, the authors present a secure runtime environment for executing a native code module on a computing device, which is comprised of untrusted native program code expressed using native instructions in the instruction set architecture associated with the device.
Journal ArticleDOI
Language-independent sandboxing of just-in-time compilation and self-modifying code
Jason Ansel,Petr Marchenko,Úlfar Erlingsson,Elijah Taylor,Brad Chen,Derek L. Schuff,David C. Sehr,Clifford L. Biffle,Bennet S. Yee +8 more
TL;DR: This paper introduces general mechanisms for safely and efficiently sandboxing software, such as dynamic language runtimes, that make use of advanced, low-level techniques like runtime code modification.