进程间隔离的持久内存安全威胁

IF 2.8 3区 计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE IEEE Micro Pub Date : 2023-09-01 DOI:10.1109/MM.2023.3264938
Naveed Ul Mustafa, Yan Solihin
{"title":"进程间隔离的持久内存安全威胁","authors":"Naveed Ul Mustafa, Yan Solihin","doi":"10.1109/MM.2023.3264938","DOIUrl":null,"url":null,"abstract":"Persistent memory object (PMO) is a general system abstraction for holding persistent data in persistent main memory, managed by an operating system. A PMO programming model breaks interprocess isolation as it results in the sharing of persistent data between two processes as they alternatively access the same PMO. In this article, we discuss security implications of a PMO model. We demonstrate that the model enables one process to affect execution of another process, even without sharing a PMO over time. This allows an adversary to launch inter-PMO security attacks if two processes are linked via other unshared PMOs. We present formalization of inter-PMO attacks, their examples, and potential strategies to defend against them.","PeriodicalId":13100,"journal":{"name":"IEEE Micro","volume":"43 1","pages":"16-23"},"PeriodicalIF":2.8000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Persistent Memory Security Threats to Interprocess Isolation\",\"authors\":\"Naveed Ul Mustafa, Yan Solihin\",\"doi\":\"10.1109/MM.2023.3264938\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Persistent memory object (PMO) is a general system abstraction for holding persistent data in persistent main memory, managed by an operating system. A PMO programming model breaks interprocess isolation as it results in the sharing of persistent data between two processes as they alternatively access the same PMO. In this article, we discuss security implications of a PMO model. We demonstrate that the model enables one process to affect execution of another process, even without sharing a PMO over time. This allows an adversary to launch inter-PMO security attacks if two processes are linked via other unshared PMOs. We present formalization of inter-PMO attacks, their examples, and potential strategies to defend against them.\",\"PeriodicalId\":13100,\"journal\":{\"name\":\"IEEE Micro\",\"volume\":\"43 1\",\"pages\":\"16-23\"},\"PeriodicalIF\":2.8000,\"publicationDate\":\"2023-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Micro\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/MM.2023.3264938\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Micro","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/MM.2023.3264938","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

摘要

持久性内存对象(PMO)是一种通用的系统抽象,用于在持久性主内存中保存持久性数据,由操作系统管理。PMO编程模型打破了进程间隔离,因为当两个进程交替访问相同的PMO时,它会导致它们之间共享持久数据。在本文中,我们将讨论PMO模型的安全含义。我们演示了该模型使一个流程能够影响另一个流程的执行,即使没有随着时间的推移共享PMO。如果两个进程通过其他未共享的pmo连接,攻击者就可以发起pmo间的安全攻击。我们提出了pmo间攻击的形式化、它们的例子以及防御它们的潜在策略。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Persistent Memory Security Threats to Interprocess Isolation
Persistent memory object (PMO) is a general system abstraction for holding persistent data in persistent main memory, managed by an operating system. A PMO programming model breaks interprocess isolation as it results in the sharing of persistent data between two processes as they alternatively access the same PMO. In this article, we discuss security implications of a PMO model. We demonstrate that the model enables one process to affect execution of another process, even without sharing a PMO over time. This allows an adversary to launch inter-PMO security attacks if two processes are linked via other unshared PMOs. We present formalization of inter-PMO attacks, their examples, and potential strategies to defend against them.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IEEE Micro
IEEE Micro 工程技术-计算机:软件工程
CiteScore
7.50
自引率
0.00%
发文量
164
审稿时长
>12 weeks
期刊介绍: IEEE Micro addresses users and designers of microprocessors and microprocessor systems, including managers, engineers, consultants, educators, and students involved with computers and peripherals, components and subassemblies, communications, instrumentation and control equipment, and guidance systems. Contributions should relate to the design, performance, or application of microprocessors and microcomputers. Tutorials, review papers, and discussions are also welcome. Sample topic areas include architecture, communications, data acquisition, control, hardware and software design/implementation, algorithms (including program listings), digital signal processing, microprocessor support hardware, operating systems, computer aided design, languages, application software, and development systems.
期刊最新文献
Interconnect Design for Heterogeneous Integration of Chiplets in the AMD Instinct™ MI300X Accelerator ReDL: A Hybrid Memory System with Scalable Data Management Strategies for DNN Applications UCIe: Standard for an Open Chiplet Ecosystem Energy-Efficient Parallel Interconnects for Chiplet Integration Co-Design of Inter-Chiplet, Package, and System Interconnect Protocols
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1