A Last-Level Defense for Application Integrity and Confidentiality

Research output: Contribution to conferencesPaperContributedpeer-review



Our objective is to protect the integrity and confidentiality of ap-
plications operating in untrusted environments. Trusted Execution
Environments (TEEs) are not a panacea. Hardware TEEs fail to
protect applications against Sybil, Fork and Rollback Attacks and,
consequently, fail to preserve the consistency and integrity of ap-
plications. We introduce a novel system, LLD, that enforces the
integrity and consistency of applications in a transparent and scal-
able fashion. Our solution augments TEEs with instantiation control
and rollback protection. Instantiation control, enforced with TEE-
supported leases, mitigates Sybil/Fork Attacks without incurring
the high costs of solving crypto-puzzles. Our rollback detection
mechanism does not need excessive replication, nor does it sacrifice
durability. We show that implementing these functionalities in the
LLD runtime automatically protects applications and services such
as a popular DBMS.


Original languageEnglish
Number of pages10
Publication statusPublished - 2023


Title2023 IEEE/ACM 16th International Conference on Utility and Cloud Computing
Abbreviated titleUCC 2023
Conference number16
Duration4 - 7 December 2023
Degree of recognitionInternational event
CityTaormina (Messina)


Research priority areas of TU Dresden

DFG Classification of Subject Areas according to Review Boards

Subject groups, research areas, subject areas according to Destatis


  • Computer systems organization, Cloud computing, Security and privacy, Distributed systems security, Intel SGX, Sybil Attack