
Research
CloudSafetyNet: Data-centric Security for Clouds
- Lightweight data leakage detection in multi-tenant clouds through client-side tagging, server-side socket level monitoring and inter-tenant collaboration.
- Prevention of data disclosure vulnerabilities in web applications based on user-defined data flow policies and proxy-based policy enforcement.
SERECA: Secure Enclaves for Reactive Cloud Application &
SecureCloud: Secure Big Data Processing in Untrusted Clouds
- Automated partitioning of legacy applications for the execution on trusted hardware.
- Providing system support for the execution of unmodified binaries in SGX enclaves.
Publications
- Jörg Thalheim, Harshavardhan Unnibhavi, Christian Priebe, Pramod Bhatotia, and Peter Pietzuch. rkt-io: A Direct I/O Stack for Shielded Execution. In Proceedings of the 16th European Conference on Computer Systems (EuroSys), 2021. PDF
- Christian Priebe. Protecting Applications Using Trusted Execution Environments. PhD Thesis, 2020. PDF
- Christian Priebe, Kapil Vaswani, Manuel Costa. EnclaveDB: A Secure Database using SGX. In Proceedings of the IEEE Symposium on Security and Privacy (S&P), 2018. PDF
- Pierre-Louis Aublin, Florian Kelbert, Dan O'Keeffe, Divya Muthukumaran, Christian Priebe, Joshua Lind, Robert Krahn, Christof Fetzer, David Eyers, and Peter Pietzuch. LibSEAL: Revealing Service Integrity Violations Using Trusted Execution. In Proceedings of the 13th European Conference on Computer Systems (EuroSys), 2018. PDF
- Joshua Lind, Christian Priebe, Divya Muthukumaran, Dan O'Keeffe, Pierre-Louis Aublin, Florian Kelbert, Tobias Reiher, David Goltzsche, David Eyers, Ruediger Kapitza, Christof Fetzer, and Peter Pietzuch. Glamdring: Automatic Application Partitioning for Intel SGX. In Proceedings of the 2017 USENIX Annual Technical Conference (ATC), 2017. PDF
- Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Daniel O'Keeffe, Mark L. Stillwell, David Goltzsche, Dave Eyers, RĂ¼diger Kapitza, Peter Pietzuch, and Christof Fetzer. SCONE: Secure Linux Containers with Intel SGX. In Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI), 2016. PDF
- Divya Muthukumaran, Dan O'Keeffe, Christian Priebe, David Eyers, Brian Shand, and Peter Pietzuch. FlowWatcher: Defending against Data Disclosure Vulnerabilities in Web Applications. In Proceedings of the 22nd edition of the ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM, 2015. PDF
- Christian Priebe, Divya Muthukumaran, Dan O'Keeffe, David Eyers, Brian Shand, Ruediger Kapitza, and Peter Pietzuch. CloudSafetyNet: Detecting Data Leakage between Cloud Tenants. In Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security (CCSW), pp. 117-128. ACM, 2014. PDF
Projects
SGX-LKL: Library OS for Running Unmodified Binaries in Intel SGX Enclaves
SGX-LKL is a library OS designed to run unmodified Linux binaries inside SGX enclaves. It uses the Linux Kernel Library (LKL)
and a modified version of musl as C standard library implementation. The goal of SGX-LKL is to provide system
support for complex applications and managed runtimes such as the JVM with minimal or no modifications and minimal reliance on the host OS.
Education
2015 - 2020 |
PhD Student in the Large-Scale Data & Systems Research Group Imperial College London, United Kingdom |
2014 - 2015 |
Master of Research in Advanced Computing Imperial College London, United Kingdom |
2012 - 2014 |
Master of Science in Computer Science Technical University Braunschweig, Germany |
2009 - 2012 |
Bachelor of Science in Computer Science Ostfalia - Univerity of Applied Sciences, Wolfenbüttel, Germany |