Architectural support for high speed protection of memory integrity and confidentiality in multiprocessor systems

机译：多处理器系统中的内存完整性和机密性高速保护的架构支持

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Recently there is a growing effort in both the architecture and the security community to create a hardware solution for authenticating system memory. As shown in the previous work, hardware-based memory authentication becomes a vital component for creating future trusted computing environments and digital rights protection. Almost all these prior work have focused on authenticating memory exclusively owned by a single processing element. However, in today's computing platforms, memory is often shared by multiple processing elements that support a shared system memory with a snooping cache coherence protocol. Authenticating shared memory is a new challenge to memory protection. In this paper, we present a secure and fast architecture for authenticating shared memory. In terms of incorporating memory authentication into the processor pipeline, we propose a new scheme called authentication speculative execution. Unlike the prior approaches, our scheme does not compromise security for performance. The novel ASE scheme is not only secure as it is combined with a onetime-pad (OTP) based memory encryption but also efficient to tolerate authentication latency by executing unauthenticated instructions speculatively. Results using modified RSIM running SPLASH2 benchmark show only 5% overhead in performance on dual and quad processor platforms. Furthermore, ASE shows 80% better performance on average over conservative nonspeculative execution based authentication schemes. The scheme is of practical use for both multiprocessor systems and uni-processor systems where memory is shared by one main processor and other co-processors on the system bus.

机译：最近，架构和安全社区都有一个日益增长的努力，为验证系统内存创建硬件解决方案。如前面的工作所示，基于硬件的内存身份验证成为创建未来可信计算环境和数字版权保护的重要组件。几乎所有这些先前的工作都集中在专用于单个处理元件所拥有的认证内存。然而，在当今的计算平台中，存储器通常由多个处理元件共享，多个处理元素支持具有窥探高速缓存相容协议的共享系统存储器。验证共享内存是对内存保护的新挑战。在本文中，我们提供了一种安全且快速的架构，用于验证共享内存。在将内存认证结合到处理器管道中，我们提出了一种称为认证推测执行的新方案。与先前的方法不同，我们的计划不会影响性能的安全性。新颖的ASE方案不仅是安全的，因为它与基于oneTime-pad（OTP）的内存加密相结合，而且还可以通过推测执行未经身份的指令来容忍认证延迟。使用修改的RSIM运行Splash2基准的结果显示在双处理器平台上仅在性能下显示5％的开销。此外，ASE平均显示了基于保守的非专料执行的身份验证方案，显示了80％的性能。该方案对于多处理器系统和UNI-Processor系统的实际用途，其中存储器由一个主处理器和系统总线上的其他协处理器共享。

著录项

来源
《International Conference on Parallel Architectures and Compilation Techniques》|2004年||共12页
会议地点
作者
Shi W.; Lee H.-H.S.; Ghosh M.; Lu C.;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP332.11-53;
关键词
shared memory systems; message authentication; parallel architectures; cache storage; pipeline processing; cryptography; parallel programming; benchmark testing; system buses; performance evaluation; memory integrity; multiprocessor systems; shared memory authentication; cache coherence protocol; authentication speculative execution; processor pipeline; onetime-pad based memory encryption; SPLASH2 benchmark; uni-processor systems; co-processors; system bus;

机译：共享内存系统;消息认证;并行架构;缓存存储;管道处理;并行编程;基准测试;系统总线;绩效评估;内存完整;共享内存身份验证;缓存一致性协议;认证投机协调;处理器管道;处理器管道;处理器管道;基于时段的内存加密;Splash2基准;Uni-Processor Systems;协处理器;系统总线;

相似文献

外文文献
中文文献
专利

1. Architecture Support for Memory Confidentiality and Integrity in Embedded Systems [J] . YuanyuanZhang, DawuGu, FangyongHou, International Journal of Distributed Sensor Networks . 2009,第1期

机译：嵌入式系统中内存机密性和完整性的体系结构支持
2. A high security and efficiency protection of confidentiality and integrity for off-chip memory [J] . Su Yang, Shen Jun-Wei, Zhang Min-Qing Journal of ambient intelligence and humanized computing . 2019,第7期

机译：片外存储器的机密性和完整性的高安全性和高效率保护
3. A high security and efficiency protection of confidentiality and integrity for off-chip memory [J] . Su Yang, Shen Jun-Wei, Zhang Min-Qing Journal of ambient intelligence and humanized computing . 2019,第7期

机译：对芯片内存的机密性和完整性的高安全性和效率保护
4. Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems [C] . Weidong Shi, Hsien-Hsin S. Lee, Mrinmoy Ghosh, International Conference on Parallel Architectures and Compilation Techniques;PACT . 2004

机译：对多处理器系统中的存储器完整性和机密性进行高速保护的体系结构支持
5. Architectural support for protecting memory integrity and confidentiality. [D] . Shi, Weidong. 2006

机译：用于保护内存完整性和机密性的体系结构支持。
6. XIII. Hospital Information Systems: E. Legal and Confidentiality Issues: Protection of Patients Privacy: The German Experience with Data Protection Laws [O] . B. Beier 1981

机译：十三。医院信息系统：E.法律和保密问题：保护患者隐私：德国的数据保护法经验
7. Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems [O] . Weidong Shi, Hsien-hsin S. Lee, Mrinmoy Ghosh, 2004

机译：多处理器系统中高速保护存储器完整性和机密性的架构支持
8. Systeme Memoire pour Architecture Multiprocesseur sur Bus Unique. Application au Systeme SCQM (Memory Systems for Single Bus Multiprocessor Architecture. Application to the SCQM System) [R] . Cekleov, M. 1986

机译：systeme memoire pour architecture multiprocesseur sur Bus Unique。应用程序au systeme sCQm（用于单总线多处理器体系结构的存储器系统。应用于sCQm系统）

Architectural support for high speed protection of memory integrity and confidentiality in multiprocessor systems

摘要

著录项

相似文献

相关主题

期刊订阅