The paper introduces EBCC, an OCI-compatible runtime architecture that manages composite confidential-computing workloads by integrating TEE-backed execution into the standard container lifecycle.

The paper proposes Fasco, a lightweight confidential container runtime utilizing ARM CCA to significantly reduce startup latency and resource overhead compared to existing microVM-based confidential c…

This paper empirically evaluates the performance of the Polars DataFrame engine running within Intel SGX2 enclaves, finding that while the overall security overhead is manageable, the performance is s…

C8s is a confidential computing architecture for Kubernetes that uses hardware Trusted Execution Environments (TEEs) to provide cryptographically provable confidentiality, integrity, and verifiability…

AgenTEE is a system that enables the secure, confidential execution of complex LLM agent pipelines directly on edge devices by using isolated confidential virtual machines.

This survey analyzes the unique security threats posed by complex, multi-agent AI systems and proposes Confidential Computing (CC) using Trusted Execution Environments (TEEs) as a hardware-rooted defe…

The paper reverse-engineers Apple's Private Cloud Compute (PCC) implementation to independently benchmark its model and evaluate its privacy claims, addressing the lack of transparency in Apple's syst…

Janus is a compiler-based security framework for ARM64 that mitigates transient execution attacks like Spectre by integrating PA and BTI microarchitectural features, achieving strong security with low…

This paper conducts an extensive microbenchmark study to characterize the performance of core cryptographic workloads across various cloud services, architectures, and programming languages, identifyi…

This paper investigates Confused Deputy Attacks (CDAs) on AI Accelerators (AIAs) and finds that CDA is feasible on most major vendor AIAs, impacting a vast number of devices.

The paper proposes n-VM, a novel Layer-1 architecture that unifies multiple heterogeneous virtual machines (VMs) onto a shared consensus and state layer, solving cross-chain fragmentation issues.

TeeDAO introduces a novel three-layer framework that autonomously organizes and manages multiple heterogeneous Trusted Execution Environments (TEEs) to provide robust, distributed-trust systems with h…

KINGSGUARD is a novel hardware-enforced TEE design that systematically monitors and controls sensitive data flow within an enclave to prevent leakage, thereby enhancing practical data protection.

The paper introduces a novel toolkit to enhance RISC-V Trusted Execution Environments (TEEs) by adding modular extensions for secure enclave update, migration, state continuity, and trusted time, ther…

This study demonstrates that the publicly distributed firmware of ASIC cryptocurrency miners constitutes a primary and sufficient attack surface, allowing attackers to reconstruct internal architectur…

The paper characterizes Homomorphic Encryption (HE) operations on a real-world Processing-In-Memory (PIM) system, demonstrating that while PIM is a viable alternative to CPUs/GPUs, performance is limi…

BlindMarket is a zero-trust framework that enables the verifiable, confidential, and traceable distribution of hardware IP cores between vendors and users.

The paper introduces AlphaEvolve, an evolutionary search framework that automates the optimization of Fully Homomorphic Encryption (FHE) kernels on TPUs, achieving significant speedups over human-engi…

This paper introduces a formal framework to rigorously verify the security guarantees (confidentiality, integrity, and availability) of AMD SEV confidential virtual machines.

This paper introduces a formal framework to rigorously verify the security guarantees (confidentiality, integrity, and availability) of AMD SEV confidential virtual machines.