Single-level integrity and confidentiality protection for distributed shared memory multiprocessors

Rogers, Brian; Yan, Chenyu; Chhabra, Siddhartha; Prvulovic, Milos; Solihin, Yan

doi:10.1109/hpca.2008.4658636

Cited by 29 publications

(11 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There have been many designs for encrypting physical memory to counter physical attacks (e.g., [34,35,36,21,37,18,38,39,40,41]). Representation examples are: 1) protecting data privacy by performing decryption in parallel to memory access [21]; 2) protecting data privacy and integrity in distributed shared memory multi-processors systems [39] by adapting the Galois/Counter Mode of operation with the counter-mode encryption [38], or by using the address independent counter-mode encryption and Merkle tree built on top of the counters [42]; 3) preventing secret leakage against intrusive memory attack by integrating secret sharing and coding based schemes [40]; 4) a hybrid hardware-software approach to full system security named SecureME [41]. However, it is not clear at all how these solutions can be retrofitted to solve the problem we aim to tackle.…”

Section: Related Workmentioning

confidence: 99%

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Wen

Lee

Liu

et al. 2013

Proceedings of the ACM International Conference on Computing Frontiers

View full text Add to dashboard Cite

Virtualization is fundamental to cloud computing because it allows multiple operating systems to run simultaneously on a physical machine. However, it also brings a range of security/privacy problems. One particularly challenging and important problem is: how can we protect the Virtual Machines (VMs) from being attacked by Virtual Machine Monitors (VMMs) and/or by the cloud vendors when they are not trusted? In this paper, we propose an architectural solution to the above problem in multi-processor cloud environments. Our key idea is to exploit hardware mechanisms to enforce access control over the shared resources (e.g., memory spaces), while protecting VM memory integrity as well as inter-processor communications and data sharing. We evaluate the solution using full-system emulation and cycle-based architecture models. Experiments based on 20 benchmark applications show that the performance overhead is 1.5%-10% when access control is enforced, and 9%-19% when VM memory is encrypted.

show abstract

Section: Related Workmentioning

confidence: 99%

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Wen

Lee

Liu

et al. 2013

Proceedings of the ACM International Conference on Computing Frontiers

View full text Add to dashboard Cite

show abstract

“…The proposed architectures are thus applicable to unmodified legacy code. Furthermore, we detect tampered instructions and data before they can cause harm to the system, unlike the architectures proposed in [27,[43][44]. Our approach offers high cryptographic strength with low performance and energy overhead.…”

Section: Related Workmentioning

confidence: 99%

“…This overhead may be artificially low as they use "non-precise integrity verification," which allows potentially harmful instructions to execute and retire before they are verified. Their research has also been extended into the multiprocessor domain [44].…”

Section: Related Workmentioning

confidence: 99%

Security extensions for integrity and confidentiality in embedded processors

Rogers

Milenković

2009

Microprocessors and Microsystems

View full text Add to dashboard Cite

show abstract

“…A less conservative approach allows the memory controller to return unverified data to the core, assuming that the window of vulnerability between data use and verification is too short for attackers to exploit [6], [25], [27], [38], [47]. Shi et.al., close this vulnerability by stalling stores until all outstanding verifications complete ("authen-then-write") [32].…”

Section: Performance: Unsafe Speculationmentioning

confidence: 99%

“…It ensures confidentiality with encryption and ensures integrity with Merkle trees [4], [6], [10], [38]. Security adds overheads, motivating performance optimizations that cache metadata and speculate around safeguards [11], [26], [27], [33], [34], [37], [49]. We survey recent progress to motivate our solution, PoisonIvy, which builds atop best practices to address remaining performance challenges.…”

Section: Introductionmentioning

confidence: 99%

PoisonIvy: Safe speculation for secure memory

Lehman

Hilton

Lee

2016

2016 49th Annual IEEE/ACM International Symposium on Microarchitecture (MICRO)

View full text Add to dashboard Cite

Abstract-Encryption and integrity trees guard against physical attacks, but harm performance. Prior academic work has speculated around the latency of integrity verification, but has done so in an insecure manner. No industrial implementations of secure processors have included speculation. This work presents PoisonIvy, a mechanism which speculatively uses data before its integrity has been verified while preserving security and closing address-based side-channels. PoisonIvy reduces performance overheads from 40% to 20% for memory intensive workloads and down to 1.8%, on average.

show abstract

Single-level integrity and confidentiality protection for distributed shared memory multiprocessors

Cited by 29 publications

References 17 publications

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Security extensions for integrity and confidentiality in embedded processors

PoisonIvy: Safe speculation for secure memory

Contact Info

Product

Resources

About