Kevin R. B. Butler, Stephen E. McLaughlin, P. Mcdaniel
{"title":"非易失性存储器和磁盘:策略架构的途径","authors":"Kevin R. B. Butler, Stephen E. McLaughlin, P. Mcdaniel","doi":"10.1145/1314466.1314479","DOIUrl":null,"url":null,"abstract":"As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks. However,traditional storage systems have very limited capacity to implement needed \"advanced storage\" features such as integrity and dataisolation. This is largely due to the simple interfaces and limited computing resources provided by commodity hard-drives. A new generation of storage devices affords better opportunities to meet these new models, but little is known about how to exploit them. In this paper, we show that the recently introduced fast-accessnon-volatile RAM-enhanced hybrid (HHD) disk architectures can be used to implement a range of valuable storage-security services. We specifically discuss the use of these new architectures to provide data integrity, capability-based access control, and labeled information flow at the disk access layer. In this, we introduce systems that place a security perimeter at the disk interface--and deal with the parent operating system only as a largely untrusted entity.","PeriodicalId":121387,"journal":{"name":"Workshop on Computer Security Architecture","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-11-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Non-volatile memory and disks:: avenues for policy architectures\",\"authors\":\"Kevin R. B. Butler, Stephen E. McLaughlin, P. Mcdaniel\",\"doi\":\"10.1145/1314466.1314479\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks. However,traditional storage systems have very limited capacity to implement needed \\\"advanced storage\\\" features such as integrity and dataisolation. This is largely due to the simple interfaces and limited computing resources provided by commodity hard-drives. A new generation of storage devices affords better opportunities to meet these new models, but little is known about how to exploit them. In this paper, we show that the recently introduced fast-accessnon-volatile RAM-enhanced hybrid (HHD) disk architectures can be used to implement a range of valuable storage-security services. We specifically discuss the use of these new architectures to provide data integrity, capability-based access control, and labeled information flow at the disk access layer. In this, we introduce systems that place a security perimeter at the disk interface--and deal with the parent operating system only as a largely untrusted entity.\",\"PeriodicalId\":121387,\"journal\":{\"name\":\"Workshop on Computer Security Architecture\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-11-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Workshop on Computer Security Architecture\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1314466.1314479\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Workshop on Computer Security Architecture","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1314466.1314479","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Non-volatile memory and disks:: avenues for policy architectures
As computing models change, so too do the demands on storage. Distributed and virtualized systems introduce new vulnerabilities, assumptions, and performance requirements on disks. However,traditional storage systems have very limited capacity to implement needed "advanced storage" features such as integrity and dataisolation. This is largely due to the simple interfaces and limited computing resources provided by commodity hard-drives. A new generation of storage devices affords better opportunities to meet these new models, but little is known about how to exploit them. In this paper, we show that the recently introduced fast-accessnon-volatile RAM-enhanced hybrid (HHD) disk architectures can be used to implement a range of valuable storage-security services. We specifically discuss the use of these new architectures to provide data integrity, capability-based access control, and labeled information flow at the disk access layer. In this, we introduce systems that place a security perimeter at the disk interface--and deal with the parent operating system only as a largely untrusted entity.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
