{"title":"通过相变存储器数据随机化增强云基础设施中存储器的安全性","authors":"Xianzhong Zhou, Ying Wang","doi":"10.1049/cdt2.12023","DOIUrl":null,"url":null,"abstract":"<p>As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.</p>","PeriodicalId":50383,"journal":{"name":"IET Computers and Digital Techniques","volume":"15 5","pages":"321-334"},"PeriodicalIF":1.1000,"publicationDate":"2021-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cdt2.12023","citationCount":"0","resultStr":"{\"title\":\"Enhancing the security of memory in cloud infrastructure through in-phase change memory data randomisation\",\"authors\":\"Xianzhong Zhou, Ying Wang\",\"doi\":\"10.1049/cdt2.12023\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.</p>\",\"PeriodicalId\":50383,\"journal\":{\"name\":\"IET Computers and Digital Techniques\",\"volume\":\"15 5\",\"pages\":\"321-334\"},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2021-03-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cdt2.12023\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Computers and Digital Techniques\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cdt2.12023\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Computers and Digital Techniques","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cdt2.12023","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
Enhancing the security of memory in cloud infrastructure through in-phase change memory data randomisation
As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.
期刊介绍:
IET Computers & Digital Techniques publishes technical papers describing recent research and development work in all aspects of digital system-on-chip design and test of electronic and embedded systems, including the development of design automation tools (methodologies, algorithms and architectures). Papers based on the problems associated with the scaling down of CMOS technology are particularly welcome. It is aimed at researchers, engineers and educators in the fields of computer and digital systems design and test.
The key subject areas of interest are:
Design Methods and Tools: CAD/EDA tools, hardware description languages, high-level and architectural synthesis, hardware/software co-design, platform-based design, 3D stacking and circuit design, system on-chip architectures and IP cores, embedded systems, logic synthesis, low-power design and power optimisation.
Simulation, Test and Validation: electrical and timing simulation, simulation based verification, hardware/software co-simulation and validation, mixed-domain technology modelling and simulation, post-silicon validation, power analysis and estimation, interconnect modelling and signal integrity analysis, hardware trust and security, design-for-testability, embedded core testing, system-on-chip testing, on-line testing, automatic test generation and delay testing, low-power testing, reliability, fault modelling and fault tolerance.
Processor and System Architectures: many-core systems, general-purpose and application specific processors, computational arithmetic for DSP applications, arithmetic and logic units, cache memories, memory management, co-processors and accelerators, systems and networks on chip, embedded cores, platforms, multiprocessors, distributed systems, communication protocols and low-power issues.
Configurable Computing: embedded cores, FPGAs, rapid prototyping, adaptive computing, evolvable and statically and dynamically reconfigurable and reprogrammable systems, reconfigurable hardware.
Design for variability, power and aging: design methods for variability, power and aging aware design, memories, FPGAs, IP components, 3D stacking, energy harvesting.
Case Studies: emerging applications, applications in industrial designs, and design frameworks.