These are a selection of the most cited papers from ACM CCS, IEEE Security & Privacy, NDSS, Usenix Security, Crypto, and Eurocrypt between the years 2015 and 2019. Source data is from Google Scholar Metrics.
The papers are roughly in the order of citations per year and grouped in 5 categories.
Machine Learning Privacy & Security
Secure enclaves, or trusted execution environments (TEEs), generally describe small, trusted environments within a CPU that can execute code in a way that is not accessible by the normal operating system. Enclaves are a safe space to run code or process data in an otherwise untrusted environment. Furthermore, enclaves are typically remotely attestable — meaning you can cryptographically verify that an enclave running on someone else’s computer is running authentic, unmodified code.
Note: This article will be updated with new info over time.
Intel SGX is the most promising enclave technology available today for general purpose computing. Development tools are becoming more mature with the support of industry players like Google and Microsoft. However, most use cases tend to be at the proof of concept stage or are early products looking for market fits. There are not good public examples of success stories using SGX in production. The most likely places to find real world deployments are Microsoft Azure’s Confidential Computing or among Fortanix’s customers. …
As part of the fellowship program at the Aspen Tech Policy Hub, I’ve spent several weeks with my colleagues Dr. Aloni Cohen and Dr. Amina Asim talking to people about how technology policy can better defend private enterprise from foreign nation-led cyberattacks. For example, how might we have helped Google defend against China during Operation Aurora or Sony from North Korea?
During these conversations I’ve found three problem areas that keep being raised:
This post shares my initial observations after interviewing current and past heads of information security from large tech companies, political organizations, and media companies who have been targets of nation state attackers. I’ve also spoken with current and former employees from the White House, Department of Homeland Security (DHS), National Security Agency (NSA), large consultancies, and industry organizations. …