Intel SGX provides confidentiality and integrity of a program running within the confines of an enclave, and is expected to enable valuable security applications such as private information retrieval. This paper is concerned with the security aspects of SGX in accessing a key system resource, files. Through concrete attack scenarios, we show that all existing SGX filesystems are vulnerable to either system call snooping, page fault, or cache based side-channel attacks. To address this security limitations in current SGX filesystems, we present OBLIVIATE, a data oblivious filesystem for Intel SGX. The key idea behind OBLIVIATE is in adapting the ORAM protocol to read and write data from a file within an SGX enclave. OBLIVIATE redesigns the conceptual components of ORAM for SGX environments, and it seamlessly supports an SGX program without requiring any changes in the application layer. OBLIVIATE also employs SGX-specific defenses and optimizations in order to ensure complete security with acceptable overhead. The evaluation of the prototype of OBLIVIATE demonstrated its practical effectiveness in running popular server applications such as SQLite and Lighttpd, while also achieving a throughput improvement of 2×-8× over a baseline ORAM-based solution, and less than 2× overhead over an in-memory SGX filesystem.
We introduce embodied lenses for visual queries on tabletop surfaces using physical interaction. The lenses are simply thin sheets of paper or transparent foil decorated with fiducial markers, allowing them to be tracked by a diffuse illumination tabletop display. The physical affordance of these embodied lenses allow them to be overlapped, causing composition in the underlying virtual space. We perform a formative evaluation to study users' conceptual models for overlapping physical lenses. This is followed by a quantitative user study comparing performance for embodied versus purely virtual lenses. Results show that embodied lenses are equally efficient compared to purely virtual lenses, and also support tactile and eyes-free interaction. We then present several examples of the technique, including image layers, map layers, image manipulation, and multidimensional data visualization. The technique is simple, cheap, and can be integrated into many existing tabletop displays.
We present an evaluation of text entry methods for tabletop displays given small display space allocations, an increasingly important design constraint as tabletops become collaborative platforms. Small space is already a requirement of mobile text entry methods, and these can often be easily ported to tabletop settings. The purpose of this work is to determine whether these mobile text entry methods are equally useful for tabletop displays, or whether there are unique aspects of text entry on large, horizontal surfaces that influence design. Our evaluation consists of two studies designed to elicit differences between the mobile and tabletop domains. Results show that standard soft keyboards perform best, even at small space allocations. Furthermore, occlusion-reduction methods like Shift do not yield significant improvements to text entry; we speculate that this is due to the low ratio of resolution per surface units (i.e., DPI) for current tabletops.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.