Distributed Memory Guard: Enabling Secure Enclave Computing in NoC-based Architectures

Emerging applications, like cloud services, are demanding more computational power, while also giving rise to various security and privacy challenges. Current multi-/many-core chip designs boost performance by using Networks-on-Chip (NoC) based architectures. Although NoC-based architectures signifi...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2021 58th ACM/IEEE Design Automation Conference (DAC) s. 985 - 990
Hlavní autori: Dessouky, Ghada, Isakov, Mihailo, Kinsy, Michel A., Mahmoody, Pouya, Mark, Miguel, Sadeghi, Ahmad-Reza, Stapf, Emmanuel, Zeitouni, Shaza
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 05.12.2021
Predmet:
Computer architecture
Concurrent computing
Design automation
Enclave
Memory management
Memory Protection
Network-on-Chip
Privacy
Process control
Secure Processor Design
System performance
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Emerging applications, like cloud services, are demanding more computational power, while also giving rise to various security and privacy challenges. Current multi-/many-core chip designs boost performance by using Networks-on-Chip (NoC) based architectures. Although NoC-based architectures significantly improve communication concurrency, they have thus far lack adequate security mechanisms such as enforceable process isolation. On the other hand, new security-aware architectures that protect applications and sensitive services in isolated execution environments, i.e., enclaves, have not been extended to provide comprehensive protection for NoC platforms. These enclave-based architectures (i) lack secure enclave-device interaction, (ii) cannot include unmodifiable third-party IP, or (iii) provide flexible enclave memory management.To address these design challenges, we introduce a new hardware security primitive, the Distributed Memory Guard, and design the first security architecture that protects sensitive services in NoC-based enclaves. We provide evaluation of this reference architecture and highlight the fact that one can design a scalable (i.e., NoC-based) and secure (i.e., enclave-based) architecture with minimal hardware complexity and system performance overhead.
DOI:10.1109/DAC18074.2021.9586222