File Download
There are no files associated with this item.
SFX Link
- Find it @ UNIST can give you direct access to the published full text of this article. (UNISTARs only)
- Park, Minkyung
Views & Downloads
Detailed Information
Cited time in 
Cited time in 
Cited time in
Metadata Downloads
Pave: Information Flow Control for Privacy-preserving Online Data Processing Services
- Author(s)
- Park, Minkyung, Choi, Jaeseung, Lee, Hyeonmin, Kwon, Taekyoung
- Issued Date
- 2025-03-30
- Citation
- Architectural Support for Programming Languages and Operating Systems
- Abstract
- In online data-processing services, a user typically hands over personal data to a remote server beyond the user's control. In such environments, the user cannot be assured that the data is protected from potential leaks. We introduce Pave, a new framework to guarantee data privacy while being processed remotely. Pave provides an arbitrary data-processing program with a sandboxed execution environment. The runtime monitor, PaveBox, intercepts all data flows into and out of the sandbox, allowing them only if they do not compromise user data. At the same time, it guarantees that the benign flows will not be hampered to preserve the program's functionality. As the PaveBox is built on top of Intel SGX, a user can verify the integrity and confidentiality of the PaveBox by remote attestation. We provide a formal model of Pave and prove its security and carry out the quantitative analysis with prototype-based experiments.
- Publisher
- ACM
Items in Repository are protected by copyright, with all rights reserved, unless otherwise indicated.