Improving Cost, Performance, and Security of Memory Encryption and Authentication
Proceedings of the 33rd annual international symposium on Computer Architecture
A low-cost memory remapping scheme for address bus protection
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Efficient data protection for distributed shared memory multiprocessors
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Ensuring secure program execution in multiprocessor embedded systems: a case study
CODES+ISSS '07 Proceedings of the 5th IEEE/ACM international conference on Hardware/software codesign and system synthesis
A Comprehensive Framework for Enhancing Security in InfiniBand Architecture
IEEE Transactions on Parallel and Distributed Systems
Dynamic security domain scaling on embedded symmetric multiprocessors
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Making secure processors OS- and performance-friendly
ACM Transactions on Architecture and Code Optimization (TACO)
Hardware Mechanisms for Memory Authentication: A Survey of Existing Techniques and Engines
Transactions on Computational Science IV
A low-cost memory remapping scheme for address bus protection
Journal of Parallel and Distributed Computing
An analysis of secure processor architectures
Transactions on computational science VII
Green secure processors: towards power-efficient secure processor design
Transactions on computational science X
SecureME: a hardware-software approach to full system security
Proceedings of the international conference on Supercomputing
DynaPoMP: dynamic policy-driven memory protection for SPM-based embedded systems
WESS '11 Proceedings of the Workshop on Embedded Systems Security
Efficient architectural support for secure bus-based shared memory multiprocessor
ACSAC'05 Proceedings of the 10th Asia-Pacific conference on Advances in Computer Systems Architecture
Bus and memory protection through chain-generated and tree-verified IV for multiprocessors systems
Future Generation Computer Systems
Memory encryption: A survey of existing techniques
ACM Computing Surveys (CSUR)
| Hi-index | 0.00 |
With the increasing concern of the security on high performance multiprocessor enterprise servers, more and more effort is being invested into defending against various kinds of attacks. This paper proposes a security enhancement model called SENSS, that allows programs to run securely on a symmetric shared memory multiprocessor (SMP) environment. In SENSS, a program, including both code and data, is stored in the shared memory in encrypted form but is decrypted once it is fetched into any of the processors. In contrast to the traditional uniprocessor XOM model, the main challenge in developing SENSS lies in the necessity for guarding the clear text communication between processors in a multiprocessor environment. In this paper we propose an inexpensive solution that can effectively protect the shared bus communication. The proposed schemes include both encryption and authentication for bus transactions. We develop a scheme that utilizes the Cipher Block Chaining mode of the advanced encryption standard (CBC-AES) to achieve ultra low latency for the shared bus encryption and decryption. In addition, CBC-AES can generate integrity checking code for the bus communication over time, achieving bus authentication. Further, we develop techniques to ensure the cryptographic computation throughput meets the high bandwidth of gigabyte buses. We performed full system simulation using Simics to measure the overhead of the security features on a SMP system with a snooping write invalidate cache coherence protocol. Overall, only a slight performance degradation of 2.03% on average was observed when the security is provided at the highest level.