Journal of Systems Architecture最新文献_第10页

Detection and defence against thermal and timing covert channel attacks in multicore systems 多核系统中热定时隐蔽信道攻击的检测与防御

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-27 DOI: 10.1016/j.sysarc.2025.103380

Parisa Rahimi , Amit Kumar Singh , Xiaohang Wang , Seyedali Pourmoafi

引用次数: 0

A cache-aware DAG scheduling method on multicores: Exploiting node affinity and deferred executions 多核上的缓存感知DAG调度方法：利用节点亲和性和延迟执行

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-25 DOI: 10.1016/j.sysarc.2025.103372

Huixuan Yi , Yuanhai Zhang , Zhiyang Lin , Haoran Chen , Yiyang Gao , Xiaotian Dai , Shuai Zhao

{"title":"A cache-aware DAG scheduling method on multicores: Exploiting node affinity and deferred executions","authors":"Huixuan Yi , Yuanhai Zhang , Zhiyang Lin , Haoran Chen , Yiyang Gao , Xiaotian Dai , Shuai Zhao","doi":"10.1016/j.sysarc.2025.103372","DOIUrl":"10.1016/j.sysarc.2025.103372","url":null,"abstract":"<div><div>With increasingly complex functionalities being implemented in emerging applications, multicores are widely adopted with a layered cache hierarchy, and Directed Acyclic Graphs (DAGs) are commonly employed to model the execution dependencies between tasks. For such systems, scheduling methods can be designed to effectively leverage the cache to accelerate the system execution. However, the traditional methods either do not consider DAGs, or rely on sophisticated static analysis to produce fixed scheduling solutions that require additional hardware support (<strong>e.g.</strong>, cache partitioning and colouring), which undermines both the applicability and flexibility of these methods. Recently, an online cache-aware DAG scheduling method has been presented that schedules DAGs using an execution time model with caching effects considered, eliminating the need for static analysis and additional hardware support. However, this method relies on simple heuristics with limited considerations on both the allocatable cores and the competition between nodes, resulting in intensive inter-node contention that undermines cache performance. This paper proposes CADE, a cache-aware scheduling method for DAG tasks that leverages the cache to reduce DAG makespan. To achieve this, an affinity-aware priority assignment is first constructed that mitigates the competition among nodes for their preferred cores to hit the cache. Then, a contention-aware allocation mechanism is constructed, which (i) accounts for the impact of an allocation decision on the speed-up of other nodes; and (ii) includes the busy cores for allocation by enabling the deferred execution, effectively enhancing the cache performance to accelerate the DAG execution. Experiments show that compared to the state-of-the-art, the CADE significantly reduces the DAG makespan by 24.02% on average (up to 33%) with the cache miss rate reduced by 22.06% on average.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103372"},"PeriodicalIF":3.7,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143521220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Subversion-resistant public-key searchable encryption for data sharing in IIoT 用于工业物联网数据共享的抗颠覆公钥可搜索加密

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-22 DOI: 10.1016/j.sysarc.2025.103370

Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang

{"title":"Subversion-resistant public-key searchable encryption for data sharing in IIoT","authors":"Rang Zhou , Yongkang He , Wanpeng Li , Yanping Wang , Xiaojun Zhang","doi":"10.1016/j.sysarc.2025.103370","DOIUrl":"10.1016/j.sysarc.2025.103370","url":null,"abstract":"<div><div>The rapid growth of the Industrial Internet of Things (IIoT) has driven companies to leverage its potential for enhancing manufacturing efficiency, relying heavily on data analysis. This has led to the collection of vast IIoT data volumes, often stored securely on encrypted cloud servers. To facilitate streamlined data retrieval, keyword search technology is widely employed. Traditional keyword searchable schemes focus on ensuring keyword privacy within the trapdoor and index structures. However, advanced backdoor attacks have emerged as a significant threat. These attacks exploit hidden backdoors in software or hardware, allowing random number manipulation that undermines the security of existing keyword-searchable encryption scheme. To mitigate these attacks, we propose a novel subversion-resistant public-key searchable encryption scheme that incorporates cryptographic reverse firewalls (CRFs). In our scheme, we designed a trust zone to deploy these CRFs. Moreover, the CRFs in the trust zone is randomly chosen to re-randomize the trapdoor and index values, thereby enhancing security against backdoor attacks. Additionally, our scheme facilitates data sharing in the model of one-to-one sending and receiving between different users. Performance testing demonstrates that our scheme requires only lightweight operations for the ReTrapdoor and RePEKS algorithms, making it well-suited for deployment on resource-constrained IIoT devices.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103370"},"PeriodicalIF":3.7,"publicationDate":"2025-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143474754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Checkpointing for single core energy-neutral real-time systems 单核能量中性实时系统的检查点

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-20 DOI: 10.1016/j.sysarc.2025.103371

Houssam-Eddine Zahaf, Pierre-Emmanuel Hladik, Sébastien Faucou, Audrey Queudet

引用次数: 0

Optimizing encoding and repair for wide-stripe minimum bandwidth regenerating codes in in-memory key-value stores 在内存键值存储中优化宽条最小带宽再生码的编码和修复

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-19 DOI: 10.1016/j.sysarc.2025.103369

Xuzhe Liu , Yuchong Hu , Weichun Wang , Dan Feng , Hai Zhou

{"title":"Optimizing encoding and repair for wide-stripe minimum bandwidth regenerating codes in in-memory key-value stores","authors":"Xuzhe Liu , Yuchong Hu , Weichun Wang , Dan Feng , Hai Zhou","doi":"10.1016/j.sysarc.2025.103369","DOIUrl":"10.1016/j.sysarc.2025.103369","url":null,"abstract":"<div><div>In-memory key–value (KV) stores are essential for databases and large-scale websites. While recent studies deploy wide-stripe erasure coding in such systems to ensure data reliability and achieve extreme storage savings, they also introduce a repair penalty. A class of erasure codes, Minimum Bandwidth Regenerating (MBR) codes, offers optimal single-chunk repair bandwidth. However, deploying wide-stripe MBR codes in this context results in two types of additional traffic: (i) <em>encoding traffic</em> incurred by transmitting large amounts of raw data between nodes; (ii) <em>repair traffic</em> from retrieving unnecessary data to repair failed data.</div><div>This paper proposes MBRWide to optimize encoding and repair performance for wide-stripe MBR codes in in-memory KV stores. MBRWide includes an <em>all-node cooperative encoding scheme</em> (ACES) and a <em>fragmented repair scheme</em> (FRS). ACES selectively encodes raw chunks to reduce encoding traffic. FRS aims to enhance repair efficiency by dynamically fragmenting parity chunks during encoding. This study implements MBRWide in Memcached, a foundational component in real-world in-memory KV services. Experiments show that ACES improves encoding throughput by 16.02% to 72.92% compared to traditional encoding methods. FRS reduces degraded read latency to failed data and multiple failures repair latency by up to 34.19% and 44.89%, respectively.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103369"},"PeriodicalIF":3.7,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143487600","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Privacy-preserving multidimensional data aggregation for diverse electricity data users 为不同电力数据用户提供保护隐私的多维数据聚合

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-16 DOI: 10.1016/j.sysarc.2025.103363

Huadong Liu , Yuanxing Peng , Yining Liu , Zhixin Zeng

{"title":"Privacy-preserving multidimensional data aggregation for diverse electricity data users","authors":"Huadong Liu , Yuanxing Peng , Yining Liu , Zhixin Zeng","doi":"10.1016/j.sysarc.2025.103363","DOIUrl":"10.1016/j.sysarc.2025.103363","url":null,"abstract":"<div><div>The smart grid enables the bidirectional flow of electricity and data, but during multidimensional electricity consumption data reporting, Smart Meters (SMs) may compromise users’ privacy by disclosing detailed electricity consumption data from various devices. Additionally, in addressing the needs of diverse electricity Data Users (DUs), it is essential to protect their legal rights. Consequently, it is necessary to implement dimension-level access control for multidimensional aggregated data. However, existing Multidimensional Data Aggregation (MDA) schemes often fail to provide efficient dimension-level access control while safeguarding users’ privacy. To address these problems, this paper establishes a smart grid model based on fog computing and introduces a privacy-preserving MDA scheme with dimension-level access control. Specifically, our scheme utilizes the threshold Paillier cryptosystem and the Chinese Remainder Theorem (CRT) to securely aggregate users’ multidimensional data. Meanwhile, our scheme employs digital signatures to ensure data integrity and implements Key-Policy Attribute-Based Encryption (KP-ABE) to enforce dimension-level access control. Comprehensive theoretical analysis indicates our scheme satisfies privacy, integrity, and authentication. Extensive experimental results demonstrate our scheme achieves a trade-off between dimension level access control and system overhead.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103363"},"PeriodicalIF":3.7,"publicationDate":"2025-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143453418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Designing secure blockchain-based authentication and key management mechanism for Internet of Drones applications 为无人机互联网应用设计基于区块链的安全认证和密钥管理机制

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-15 DOI: 10.1016/j.sysarc.2025.103365

Mohammad Wazid , Saksham Mittal , Ashok Kumar Das , SK Hafizul Islam , Mohammed J.F. Alenazi , Athanasios V. Vasilakos

{"title":"Designing secure blockchain-based authentication and key management mechanism for Internet of Drones applications","authors":"Mohammad Wazid , Saksham Mittal , Ashok Kumar Das , SK Hafizul Islam , Mohammed J.F. Alenazi , Athanasios V. Vasilakos","doi":"10.1016/j.sysarc.2025.103365","DOIUrl":"10.1016/j.sysarc.2025.103365","url":null,"abstract":"<div><div>Due to advancement in Information and Communications Technology (ICT) and Internet of Things (IoT), the Internet of Drones (IoD) can be employed in numerous applications, facilitating the daily lives of diverse users, including civilians and others. Wireless communication nature leads to an IoD environment to be vulnerable to various potential attack risks, such as data breaches, man-in-the-middle, impersonation, replay, and data leaking attacks. As a result, the security of the IoD environment becomes crucial. To safeguard the data and devices (such as IoT-enabled drones and servers) integral to IoD networks, a security solution is essential. It is imperative to implement targeted security measures, such as intrusion detection, access control, and authentication, in order to establish a security scheme that is both reliable and efficient. In this article, we mainly focus on developing a secure authentication and key management scheme that leverages blockchain technology. Most existing authentication techniques proposed in IoT and IoD environments are either inefficient in communication and computation, or they are insecure against various attacks. To mitigate these issues, this study proposes a secure blockchain-based authentication and key management scheme for IoD applications (in short BAKMM-IoD). The blockchain is applied here as a secure data storage purpose. After performing a detailed security analysis and formal security verification with the widely-recognized Scyther tool, the proposed BAKMM-IoD has exhibited resilience against different potential attacks. BAKMM-IoD also surpasses other contemporary existing schemes in terms of security and functionality features, including computational costs, and communication costs. Moreover, the blockchain simulation shows that the influence of the proposed BAKMM-IoD on critical performance metrics in real-world scenarios.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"160 ","pages":"Article 103365"},"PeriodicalIF":3.7,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143429595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An effective and verifiable secure aggregation scheme with privacy-preserving for federated learning 一种有效且可验证的保护隐私的安全聚合方案

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-15 DOI: 10.1016/j.sysarc.2025.103364

Rong Wang , Ling Xiong , Jiazhou Geng , Chun Xie , Ruidong Li

{"title":"An effective and verifiable secure aggregation scheme with privacy-preserving for federated learning","authors":"Rong Wang , Ling Xiong , Jiazhou Geng , Chun Xie , Ruidong Li","doi":"10.1016/j.sysarc.2025.103364","DOIUrl":"10.1016/j.sysarc.2025.103364","url":null,"abstract":"<div><div>Federated learning has gained significant attention for enabling collaborative model training on distributed devices while maintaining data privacy. However, sharing gradients poses risks to local data privacy. This paper presents a secure aggregation scheme that addresses privacy protection and verifiability in federated learning. Firstly, a new homomorphic signature algorithm has been used to verify the aggregation results. For efficient verification, this algorithm can be divided into an offline phase and an online phase, where results are pre-computed during the offline phase and reused. Secondly, we use the symmetric homomorphic encryption lightweight algorithm to generate public keys, greatly accelerating the key generation process, making both encryption and decryption particularly efficient. Under this architecture, the aggregation server is unable to peek into the specific content of each gradient. The task management center cannot access the client’s individual gradient and can only process the aggregated information. This design ensures that the aggregation server and task management center can only access information within their permissions, effectively preventing information leakage. Finally, the security assessment indicates that our method satisfies the essential security standards for privacy-preserving federated learning. Comprehensive experimental evaluations conducted on real-world datasets reveal that the proposed solution demonstrates impressive efficiency in practical applications.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103364"},"PeriodicalIF":3.7,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143464159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

SmartDeCoup: Decoupling the STT-RAM LLC for even write distribution and lifetime improvement smartdecoupling：对STT-RAM LLC进行解耦，以实现均匀的写入分布和寿命改善

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-15 DOI: 10.1016/j.sysarc.2025.103367

Prabuddha Sinha , Krishna Prathik B.V. , Shirshendu Das , Venkata Kalyan Tavva

{"title":"SmartDeCoup: Decoupling the STT-RAM LLC for even write distribution and lifetime improvement","authors":"Prabuddha Sinha , Krishna Prathik B.V. , Shirshendu Das , Venkata Kalyan Tavva","doi":"10.1016/j.sysarc.2025.103367","DOIUrl":"10.1016/j.sysarc.2025.103367","url":null,"abstract":"<div><div>Static Random Access Memory (SRAM) based Last Level Caches (LLCs) is losing its edge to Non-Volatile Memories (NVMs) like Spin-Transfer Torque RAM (STT-RAM) which offer advantages including higher density and lower static power consumption. However, they have drawbacks, namely, higher write latency, higher write power consumption, and lower write endurance. Uneven distribution of writes leads to reduced write endurance. Existing endurance enhancement techniques focus on reducing write variation to extend the lifetime. Additionally, these techniques cannot be implemented on top of recent secure cache designs that protect LLCs from timing channel attacks. They cannot prevent recently proposed endurance attacks on the STT-RAM LLC. SmartDeCoup proposes a decoupled tag/data array structure for STT-RAM LLCs and, on top of this structure, introduces two approaches to enhance LLC lifetime through: (a) the Primal Approach, and (b) the Hardware Efficient Approach. The Primal Approach achieves a maximum relative lifetime improvement of 24.99<span><math><mo>×</mo></math></span> and 33.13<span><math><mo>×</mo></math></span> in single core and multicore systems, with a 8.79% area overhead. The Hardware Efficient Approach achieves improvements of 22.47<span><math><mo>×</mo></math></span> and 31.83<span><math><mo>×</mo></math></span>, with a 7.23% area overhead. The Primal Approach is capable of preventing endurance attacks and is also compatible with the recently proposed countermeasures for timing channel attacks on LLC.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103367"},"PeriodicalIF":3.7,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143487598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A dual-index Boolean retrieval scheme with dynamic and revocable attribute-based policies 具有动态和可撤销的基于属性的策略的双索引布尔检索方案

IF 3.7 2区计算机科学

Journal of Systems Architecture Pub Date : 2025-02-15 DOI: 10.1016/j.sysarc.2025.103366

Jingting Xue , Qinfang Deng , Wenzheng Zhang , Kangyi Liu , Xiaojun Zhang , Yu Zhou

{"title":"A dual-index Boolean retrieval scheme with dynamic and revocable attribute-based policies","authors":"Jingting Xue , Qinfang Deng , Wenzheng Zhang , Kangyi Liu , Xiaojun Zhang , Yu Zhou","doi":"10.1016/j.sysarc.2025.103366","DOIUrl":"10.1016/j.sysarc.2025.103366","url":null,"abstract":"<div><div>Boolean retrieval is widely employed in information retrieval due to its versatile operator combinations. In the context of secure cloud data sharing, data owners can tailor retrieval authorizations, offering remote nodes a convenient way to access data. Nevertheless, traditional retrieval models depend on online interactions for authorization, and fixed policies restrict control over retrieval. Constrained by index structures, existing Boolean retrieval methods encounter performance bottlenecks in terms of retrieval speed and storage efficiency. In this paper, we propose a dual-index Boolean retrieval scheme, <span><math><mrow><mi>d</mi><mi>i</mi><mi>b</mi><mi>R</mi><mi>S</mi></mrow></math></span>, that incorporates dynamic and revocable attribute-based policies. Specifically, leveraging attribute-based zero-knowledge proofs (AB-ZKP), we construct the authorization verification structure using Lagrange interpolation polynomials. By constructing a dual-index structure that integrates both inverted and forward indexes, <span><math><mrow><mi>d</mi><mi>i</mi><mi>b</mi><mi>R</mi><mi>S</mi></mrow></math></span> facilitates efficient Boolean retrieval. A puncturable pseudorandom function constructs the forward index, enabling selective revocation of search trapdoors through puncturing, without requiring full index regeneration. Additionally, by utilizing chameleon hash collisions, <span><math><mrow><mi>d</mi><mi>i</mi><mi>b</mi><mi>R</mi><mi>S</mi></mrow></math></span> allows customizable index modifications and dynamic policy updates on redactable blockchains. Throughout this process, <span><math><mrow><mi>d</mi><mi>i</mi><mi>b</mi><mi>R</mi><mi>S</mi></mrow></math></span> enables non-interactive authorization, significantly alleviating the communication burden on data owners. Finally, we demonstrate the adaptive security and computational feasibility of <span><math><mrow><mi>d</mi><mi>i</mi><mi>b</mi><mi>R</mi><mi>S</mi></mrow></math></span>.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"161 ","pages":"Article 103366"},"PeriodicalIF":3.7,"publicationDate":"2025-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143453969","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0