Coordinated Metadata Management for Secure Persistent Memory

被引：0

作者：

Wei X. ^{[1
]}

Yang M. ^{[1
]}

Feng D. ^{[1
,2
]}

Liu J. ^{[1
,2
]}

Wu B. ^{[1
]}

Xiao R. ^{[1
]}

Tong W. ^{[1
,2
]}

机构：

[1] Wuhan National Laboratory for Optoelectronics (Huazhong University of Science and Technology), Wuhan

[2] School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan

来源：

Jisuanji Yanjiu yu Fazhan/Computer Research and Development | 2022年 / 59卷 / 11期

基金：

中国国家自然科学基金;

关键词：

Encryption; Integrity verification; Metadata management; Non-volatile memory (NVM); Persistent memory; Security; Selective reencryption;

D O I：

10.7544/issn1000-1239.20210280

中图分类号：

学科分类号：

摘要：

Non-volatile memory (NVM) is an emerging candidate for the next generation of main memory. Building persistent memory systems with NVM faces two challenges, including ensuring data security and optimizing write operations. Recent studies have proposed encryption and integrity verification techniques to protect in-memory data, and have proposed selective reencryption techniques to reduce write overhead. These techniques introduce various metadata that are stored in persistent memory. However, existing metadata management mechanisms only consider part of the metadata, which still causes significant metadata access overhead. To address the problem, we propose COTANA, a coordinated metadata management method for secure persistent memory. COTANA places the encryption and the selective reencryption metadata in the same metadata blocks, so that fetching the metadata for encryption/decryption needs only one read. COTANA builds an integrity tree on these metadata blocks, and places the message authentication codes (MAC) in an ECC chip to avoid extra access latency. Moreover, we observe that the bytes within a block have different modification frequencies for real-world workloads. Therefore, for selective reencryption, COTANA adopts a dynamic data partition scheme that dynamically chooses the partition methods with lowest bit flips. The methods include an existing successive partition method and a gathered partition method that is designed based on the modification frequencies. The evaluation results show that COTANA improves performance by up to 13.7%, and decreases bit flips by up to 21.3% compared with the state-of-the-art designs. © 2022, Science Press. All right reserved.

引用

页码：2437 / 2450

页数：13

共 36 条

[1] Dong Qing, Wang Zhehong, Lim J, Et al., A 1 Mb 28 nm STT-MRAM with 2.8 ns read access time at 1.2V VDD using single-cap offset-cancelled sense amplifier and in-situ self-write-termination, Proc of the 65th IEEE Int Solid-State Circuits Conf, pp. 480-482, (2018)
[2] Lee B, Ipek E, Mutlu O, Et al., Architecting phase change memory as a scalable DRAM alternative, Proc of the 36th Annual Int Symp on Computer Architecture, pp. 2-13, (2009)
[3] Strukov D, Snider G, Stewart D, Et al., The missing memristor found, Nature, 453, 7191, pp. 80-83, (2008)
[4] Suh G, Clarke D, Gasend B, Et al., Efficient memory integrity verification and encryption for secure processors, Proc of the 36th Annual IEEE/ACM Int Symp on Microarchitecture, pp. 339-350, (2003)
[5] Rogers B, Chhabra S, Prvulovic M, Et al., Using address independent seed encryption and bonsai merkle trees to make secure processors OS-and performance-friendly, Proc of the 40th Annual IEEE/ACM Int Symp on Microarchitecture, pp. 183-196, (2007)
[6] Young V, Nair P, Qureshi M., DEUCE:Write-efficient encryption for non-volatile memories, Proc of the 20th Int Conf on Architectural Support for Programming Languages and Operating Systems, pp. 33-44, (2015)
[7] Saileshwar G, Nair P, Ramrakhyani P, Et al., Morphable counters: Enabling compact integrity trees for low-overhead secure memories, Proc of the 51st Annual IEEE/ACM Int Symp on Microarchitecture, pp. 416-427, (2018)
[8] Tavana M, Fei Yunsi, Kaeli D., Nacre: Durable, secure and energy-efficient non-volatile memory utilizing data versioning, IEEE Transactions on Emerging Topics in Computing, 8, 4, pp. 897-906, (2017)
[9] Zuo Pengfei, Hua Yu, Xie Xinfeng, Et al., A secure encryption scheme for deep learning accelerators, Journal of Computer Research and Development, 56, 6, pp. 1161-1169, (2019)
[10] Taassori M, Shafiee A, Balasubramonian R., VAULT: Reducing paging overheads in SGX with efficient integrity verification structures, Proc of the 23rd Int Conf on Architectural Support for Programming Languages and Operating Systems, pp. 665-678, (2018)

← 1 2 3 4 →