Explore the key differences between facial recognition and passkeys for authentication. Understand their unique concepts, security implications, and use cases in software development.
The post Are Facial Recognition and Passkeys the Same? Exploring Key Concepts appeared first on Security Boulevard.
Discover how Single Sign-On (SSO) simplifies user authentication, enhances security, and reduces IT overhead. Learn about SSO protocols, implementation strategies, and security best practices.
The post Single Sign-On (SSO): Simplifying User Authentication appeared first on Security Boulevard.
How Can Access Management Revolutionize Team Empowerment? What if the key to unlocking your team’s full potential lies in how you manage access to your digital assets? The effective management of Non-Human Identities (NHIs) is not just a technical necessity but a strategic imperative for organizations across various sectors, including financial services, healthcare, and DevOps […]
The post Empowering Teams with Better Access Management appeared first on Entro.
The post Empowering Teams with Better Access Management appeared first on Security Boulevard.
How Does Effective Secrets Management Enhance Robust Security? Have you ever considered the impact of non-human identities in your organization’s security framework? While human factors in cybersecurity get a lot of attention, it’s increasingly crucial to understand the role of Non-Human Identities (NHIs) and their secrets to ensure robust security for your cloud-based environments. NHIs, […]
The post Build Confidence with Robust Secrets Management appeared first on Entro.
The post Build Confidence with Robust Secrets Management appeared first on Security Boulevard.
How Can Organizations Achieve Scalable Security in Cloud Environments? The increasing reliance on cloud environments means organizations face an unprecedented need for scalable security solutions. One of the more complex challenges is managing Non-Human Identities (NHIs). These machine identities are pivotal in automating tasks and connecting different services, yet they often present security gaps due […]
The post Scaling Identity Security in Cloud Environments appeared first on Entro.
The post Scaling Identity Security in Cloud Environments appeared first on Security Boulevard.
Authors, Creators & Presenters: Shixin Song (Massachusetts Institute of Technology), Joseph Zhang (Massachusetts Institute of Technology), Mengjia Yan (Massachusetts Institute of Technology)
PAPER
Oreo: Protecting ASLR Against Microarchitectural Attacks
Address Space Layout Randomization (ASLR) is one of the most prominently deployed mitigations against memory corruption attacks. ASLR randomly shuffles program virtual addresses to prevent attackers from knowing the location of program contents in memory. Microarchitectural side channels have been shown to defeat ASLR through various hardware mechanisms. We systematically analyze existing microarchitectural attacks and identify multiple leakage paths. Given the vast attack surface exposed by ASLR, it is challenging to effectively prevent leaking the ASLR secret against microarchitectural attacks. Motivated by this, we present Oreo, a software-hardware co-design mitigation that strengthens ASLR against these attacks. Oreo uses a new memory mapping interface to remove secret randomized bits in virtual addresses before translating them to their corresponding physical addresses. This extra step hides randomized virtual addresses from microarchitecture structures, preventing side channels from leaking ASLR secrets. Oreo is transparent to user programs and incurs low overhead. We prototyped and evaluated our design on Linux using the hardware simulator gem5.
Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.
The post NDSS 2025 – Oreo: Protecting ASLR Against Micro-Architectural Attacks appeared first on Security Boulevard.
You must login to view this content
You must login to view this content