The Nix software deployment system is based on the paradigm of transparent source/binary deployment: distributors deploy descriptors that build components from source, while clien...
This paper attempts to address the complexity of system administration by making the labor of applying software updates independent of the number of computers on which the softwar...
Constantine P. Sapuntzakis, David Brumley, Ramesh ...
Programming distributed data-intensive web and mobile applications is gratuitously hard. As the world is moving more and more towards the software as services model, we have to co...
Safe virtual execution (SVE) allows a host computer system to reduce the risks associated with running untrusted programs. SVE prevents untrusted programs from directly accessing ...
Current software attacks often build on exploits that subvert machine-code execution. The enforcement of a basic safety property, Control-Flow Integrity (CFI), can prevent such at...