東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Design Strategies for Efficient and ...

Lehman, Tamara Silbergleit.

Linked to FindBook

Google Book

Amazon

博客來

Design Strategies for Efficient and Secure Memory.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Design Strategies for Efficient and Secure Memory./
Author:	Lehman, Tamara Silbergleit.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2019,
Description:	114 p.
Notes:	Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
Contained By:	Dissertations Abstracts International80-12B.
Subject:	Computer Engineering. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13808073
ISBN:	9781392195642

Design Strategies for Efficient and Secure Memory.
Lehman, Tamara Silbergleit.

Design Strategies for Efficient and Secure Memory. - Ann Arbor : ProQuest Dissertations & Theses, 2019 - 114 p.

Source: Dissertations Abstracts International, Volume: 80-12, Section: B.

Thesis (Ph.D.)--Duke University, 2019.

This item must not be sold to any third party vendors.

Recent computing trends force users to relinquish physical control to unknown parties, making the system vulnerable to physical attacks. Software alone is not well equipped to protect against physical attacks. Instead software and hardware have to enforce security in collaboration to defend against physical attacks. Many secure processor implementations have surfaced over the last two decades (i.e. Intel SGX, ARM Trustzone) but inefficiencies are hindering their adoption.Secure processors use secure memory to detect and guard against physical attacks. Secure memory assumes that everything within the chip boundary is trusted and provides confidentiality and integrity verification for data in memory. Both of these features, confidentiality and integrity, require large metadata structures which are stored in memory. When a system equipped with secure memory misses at the last-level-cache (LLC), the memory controller has to issue additional memory requests to fetch the corresponding metadata from memory. These additional memory requests increase delay and energy. The main goal of this dissertation is to reduce overheads of secure memory in two dimensions: delay and energy.First, to reduce the delay overhead we propose the first safe speculative integrity verification mechanism, PoisonIvy, that effectively hides the integrity verification latency while maintaining security guarantees. Secure memory has high delay overheads due to the long integrity verification latency. Speculation allows the system to return decrypted data back to the processor before the integrity verification completes, effectively removing the integrity verification latency from the critical path of a memory access. However, speculation without any other mechanism to safeguard security is unsafe. PoisonIvy safeguards security guarantees by preventing any effect of unverified data from leaving the trusted boundary. PoisonIvy is able to realize all the benefits of speculative integrity verification while maintaining the same security guarantees as the non-speculative system.Speculation is effective in reducing delay overhead but it has no effect on reducing the number of additional memory accesses, which cause large energy overhead. Secure memory metadata has unique memory access patterns that are not compatible with traditional cache designs. In the second part of this work, we provide the first in-depth study of metadata access patterns, MAPS, to help guide architects design more efficient cache architectures customized for secure memory metadata.Based on the unique characteristics of secure memory metadata observed in the in-depth analysis, in the third part of this work we explore the design space of efficient cache designs. We describe one possible design, Metadata Cache eXtension (MCX), which exploits the bimodal reuse distance distribution of metadata blocks to improve the cache efficiency thereby reducing the number of additional memory accesses. We also explore an LLC eviction policy suitable to handle multiple types of blocks to improve the efficiency of caching metadata blocks on-chip further.

ISBN: 9781392195642Subjects--Topical Terms:

1567821
Computer Engineering.

Design Strategies for Efficient and Secure Memory.
LDR:04175nmm a2200325 4500 001 2208157
005 20190929184226.5
008 201008s2019 ||||||||||||||||| ||eng d
020 $a 9781392195642
035 $a (MiAaPQ)AAI13808073
035 $a (MiAaPQ)duke:15034
035 $a AAI13808073
040 $a MiAaPQ $c MiAaPQ
100 1 $a Lehman, Tamara Silbergleit. $3 3435171
245 1 0 $a Design Strategies for Efficient and Secure Memory.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2019
300 $a 114 p.
500 $a Source: Dissertations Abstracts International, Volume: 80-12, Section: B.
500 $a Publisher info.: Dissertation/Thesis.
500 $a Advisor: Lee, Benjamin C.;Hilton, Andrew D.
502 $a Thesis (Ph.D.)--Duke University, 2019.
506 $a This item must not be sold to any third party vendors.
520 $a Recent computing trends force users to relinquish physical control to unknown parties, making the system vulnerable to physical attacks. Software alone is not well equipped to protect against physical attacks. Instead software and hardware have to enforce security in collaboration to defend against physical attacks. Many secure processor implementations have surfaced over the last two decades (i.e. Intel SGX, ARM Trustzone) but inefficiencies are hindering their adoption.Secure processors use secure memory to detect and guard against physical attacks. Secure memory assumes that everything within the chip boundary is trusted and provides confidentiality and integrity verification for data in memory. Both of these features, confidentiality and integrity, require large metadata structures which are stored in memory. When a system equipped with secure memory misses at the last-level-cache (LLC), the memory controller has to issue additional memory requests to fetch the corresponding metadata from memory. These additional memory requests increase delay and energy. The main goal of this dissertation is to reduce overheads of secure memory in two dimensions: delay and energy.First, to reduce the delay overhead we propose the first safe speculative integrity verification mechanism, PoisonIvy, that effectively hides the integrity verification latency while maintaining security guarantees. Secure memory has high delay overheads due to the long integrity verification latency. Speculation allows the system to return decrypted data back to the processor before the integrity verification completes, effectively removing the integrity verification latency from the critical path of a memory access. However, speculation without any other mechanism to safeguard security is unsafe. PoisonIvy safeguards security guarantees by preventing any effect of unverified data from leaving the trusted boundary. PoisonIvy is able to realize all the benefits of speculative integrity verification while maintaining the same security guarantees as the non-speculative system.Speculation is effective in reducing delay overhead but it has no effect on reducing the number of additional memory accesses, which cause large energy overhead. Secure memory metadata has unique memory access patterns that are not compatible with traditional cache designs. In the second part of this work, we provide the first in-depth study of metadata access patterns, MAPS, to help guide architects design more efficient cache architectures customized for secure memory metadata.Based on the unique characteristics of secure memory metadata observed in the in-depth analysis, in the third part of this work we explore the design space of efficient cache designs. We describe one possible design, Metadata Cache eXtension (MCX), which exploits the bimodal reuse distance distribution of metadata blocks to improve the cache efficiency thereby reducing the number of additional memory accesses. We also explore an LLC eviction policy suitable to handle multiple types of blocks to improve the efficiency of caching metadata blocks on-chip further.
590 $a School code: 0066.
650 4 $a Computer Engineering. $3 1567821
650 4 $a Computer science. $3 523869
690 $a 0464
690 $a 0984
710 2 $a Duke University. $b Electrical and Computer Engineering. $3 1032075
773 0 $t Dissertations Abstracts International $g 80-12B.
790 $a 0066
791 $a Ph.D.
792 $a 2019
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=13808073