Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems

Recently there is a growing effort in both the architecture and the security community to create a hardware solution for authenticating system memory.As shown in the previous work, hardware-based memory authentication will become a vital component for creating future trusted computing environments a...

Full description

Saved in:
Bibliographic Details
Main Authors: Shi, Weidong, Lee, Hsien-Hsin S., Ghosh, Mrinmoy, Lu, Chenghuai
Format: Conference Proceeding
Language:English
Subjects:
Applied sciences
Computer science
control theory
systems
Exact sciences and technology
Memory and file management (including protection and security)
Memory organisation. Data processing
Programming languages
Software
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Recently there is a growing effort in both the architecture and the security community to create a hardware solution for authenticating system memory.As shown in the previous work, hardware-based memory authentication will become a vital component for creating future trusted computing environments and digital rights protection.Almost all these prior work have focused on authenticating memory exclusively owned by a single processing element.However, in today's computing platforms, memory is often shared by multiple processing elements that support a shared system memory with a snooping cache coherence protocol.Authenticating shared memory is a new challenge to memory protection. In this paper, we present a secure and fast architecture for authenticating shared memory.In terms of incorporating memory authentication into the processor pipeline, we propose a new scheme called Authentication Speculative Execution.Unlike the prior approaches, our scheme does not compromise security for performance.The novel ASE scheme is not only secure as it is combined with a one-time-pad (OTP) based memory encryption but also efficient to tolerate authentication latency by executing unauthenticated instructions speculatively.Results using modified RSIM running SPLASH2 benchmark show only 5% overhead in performance on dual and quad processor platforms.Furthermore, ASE shows 80% better performance on average over conservative non-speculative execution based authentication schemes.The scheme is of practical use for both multiprocessor systems and uni-processor systems where memory is shared by one main processor and other co-processors on the system bus.
ISSN:1089-795X
DOI:10.5555/1025127.1026002