Enhancing the security of memory in cloud infrastructure through in-phase change memory data randomisation

IF 1.1 4区计算机科学 Q4 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE IET Computers and Digital Techniques Pub Date : 2021-03-31 DOI:10.1049/cdt2.12023

Xianzhong Zhou, Ying Wang

{"title":"Enhancing the security of memory in cloud infrastructure through in-phase change memory data randomisation","authors":"Xianzhong Zhou, Ying Wang","doi":"10.1049/cdt2.12023","DOIUrl":null,"url":null,"abstract":"<p>As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.</p>","PeriodicalId":50383,"journal":{"name":"IET Computers and Digital Techniques","volume":"15 5","pages":"321-334"},"PeriodicalIF":1.1000,"publicationDate":"2021-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cdt2.12023","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Computers and Digital Techniques","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cdt2.12023","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear-out attacks from malicious applications. However, it is also found that the non-volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM-based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in-memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in-memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in-memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop-counting, which is an overhead-free method by reusing the cell programming mechanism in iterate-write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy-efficiency than conventional measures for PCM memory.

Abstract Image

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

通过相变存储器数据随机化增强云基础设施中存储器的安全性

作为一种很有前途的动态RAM替代品，相变存储器(PCM)受到写入持久性的限制。因此，许多关于PCM安全性或可靠性的研究建议都集中在来自恶意应用程序的损耗攻击的可能威胁上。然而，也发现PCM的非易失性和编程行为给存储系统带来了其他安全挑战。作者研究了基于pcm的云服务器或多租户系统的内存管理中信息泄露和盗窃的潜在风险。通过观察进程变化(PV)对PCM单元编程的影响，他们提出了一种快速有效的内存数据混淆机制，以防止操作系统要求的页面重分配过程中的内存攻击或信息泄漏。由于具有内存数据随机化的能力，所提出的SecuRAM避免了PCM单元擦除内容的长写入延迟，并且比传统软件解决方案实现了更高的数据初始化效率。其次，所提出的SecuRAM还提供了快速内存硬件指纹和随机数生成的新解决方案，这是加密或访问认证中常见和必不可少的安全功能，以保护机密内存数据不受攻击者的攻击。提出了两种新技术来生成签名和随机数:第一种是基于部分编程，其工作方式与批量数据随机化相同;第二种是循环计数，这是一种无开销的方法，通过重用迭代写入PCM设备中的单元编程机制。通过评估，SecuRAM显示出比传统PCM存储器更好的性能和能效。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IET Computers and Digital Techniques 工程技术-计算机：理论方法

CiteScore

3.50

自引率

0.00%

发文量

审稿时长

>12 weeks

期刊介绍： IET Computers & Digital Techniques publishes technical papers describing recent research and development work in all aspects of digital system-on-chip design and test of electronic and embedded systems, including the development of design automation tools (methodologies, algorithms and architectures). Papers based on the problems associated with the scaling down of CMOS technology are particularly welcome. It is aimed at researchers, engineers and educators in the fields of computer and digital systems design and test. The key subject areas of interest are: Design Methods and Tools: CAD/EDA tools, hardware description languages, high-level and architectural synthesis, hardware/software co-design, platform-based design, 3D stacking and circuit design, system on-chip architectures and IP cores, embedded systems, logic synthesis, low-power design and power optimisation. Simulation, Test and Validation: electrical and timing simulation, simulation based verification, hardware/software co-simulation and validation, mixed-domain technology modelling and simulation, post-silicon validation, power analysis and estimation, interconnect modelling and signal integrity analysis, hardware trust and security, design-for-testability, embedded core testing, system-on-chip testing, on-line testing, automatic test generation and delay testing, low-power testing, reliability, fault modelling and fault tolerance. Processor and System Architectures: many-core systems, general-purpose and application specific processors, computational arithmetic for DSP applications, arithmetic and logic units, cache memories, memory management, co-processors and accelerators, systems and networks on chip, embedded cores, platforms, multiprocessors, distributed systems, communication protocols and low-power issues. Configurable Computing: embedded cores, FPGAs, rapid prototyping, adaptive computing, evolvable and statically and dynamically reconfigurable and reprogrammable systems, reconfigurable hardware. Design for variability, power and aging: design methods for variability, power and aging aware design, memories, FPGAs, IP components, 3D stacking, energy harvesting. Case Studies: emerging applications, applications in industrial designs, and design frameworks.