Skip to main content
SpringerLink
Log in
Book cover

Transactions on High-Performance Embedded Architectures and Compilers I pp 95–115Cite as

Memory-Centric Security Architecture

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((THIPEAC,volume 4050))

Abstract

This article presents a new security model called MESA for protecting software confidentiality and integrity. Different from the previous process-centric systems designed for the same purpose, MESA ties cryptographic properties and security attributes to memory instead of each individual user process. The advantages of such a memory-centric design over the process-centric designs are many folds. First, it allows better access control on software privacy, which supports both selective and mixed tamper resistant protection on software components coming from heterogenous sources. Second, the new model supports and facilities tamper resistant secure information sharing in an open software system where both data and code components could be shared by different user processes. Third, the proposed security model and secure processor design allow software components protected with different security policies to inter-operate within the same memory space efficiently. The architectural support for MESA requires small silicon resources and its performance impact is minimal based on our experimental results using commercial MS Windows workloads and cycle based out-of-order processor simulator.

This research is supported by the National Science Foundation under award ITR/NGS-0325536 and a DOE Early CAREER PI Award.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Federal Information Processing Standard Draft, Advanced Encryption Standard (AES). National Institute of Standards and Technology (2001)

    Google Scholar 

  2. National Institude of Standards and Technology, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher. SP-800-67 (2004)

    Google Scholar 

  3. Arbaugh, W.A., Farber, D.J., Smith, J.M.: A Secure and Reliable Bootstrap Architecture. In: Proceedings of the Symposium on Security and Privacy (1997)

    Google Scholar 

  4. Cohen, E., Jefferson, D.: Protection in the Hydra Operating System. In: Proceedings of the fifth ACM Symposium on Operating Systems Principles, ACM Press, New York (1975)

    Google Scholar 

  5. Gassend, B., Suh, G.E., Clarke, D., van Dijk, M., Devadas, S.: Caches And Merkle Trees For Efficient Memory Integrity Verification. In: Proceedings of the 9th International Symposium on High Performance Computer Architecture (2003)

    Google Scholar 

  6. Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., Horowitz, M.: Architectual Support For Copy and Tamper Resistant Software. In: Proceedings of the 9th Symposium on Architectural Support for Programming Languages and Operating Systems (2000)

    Google Scholar 

  7. Lie, D., Thekkath, C.A., Horowitz, M.: Implementing an Untrusted Operating System on Trusted Hardware. In: Proceedings of the Symposium on Operating Systems Principles (2003)

    Google Scholar 

  8. Needham, R.M., Walker, R.D.: The Cambridge CAP computer and its protection system. In: Proceedings of the Symposium on Operating Systems Principles (1977)

    Google Scholar 

  9. Shi, W., Lee, H.-H.S., Ghosh, M., Lu, C., Boldyreva, A.: High Efficiency Counter Mode Security Architecture via Prediction and Precomputation. In: Proceedings of the 32nd International Symposium on Computer Architecture (2005)

    Google Scholar 

  10. Suh, E.G., Clarke, D., Gassend, B., van Dijk, M., Devadas, S.: Efficient Memory Integrity Verification and Encryption for Secure Processors. In: Proceedings of the 36th Annual International Symposium on Microarchitecture, December (2003)

    Google Scholar 

  11. Suh, E.G., Clarke, D., van Dijk, M., Gassend, B., Devadas, S.: AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In: Proceedings of the International Conference on Supercomputing (2003)

    Google Scholar 

  12. Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: RIFLE: An Architectural Framework for User-Centric Information-Flow Security. In: Proceedings of the 37th annual International Symposium on Microarchitecture (2004)

    Google Scholar 

  13. Vlaovic, S., Davidson, E.S.: TAXI: Trace Analysis for X86 Interpretation. In: Proceedings of the 2002 IEEE International Conference on Computer Design, IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  14. Witchel, E.J.: Mondrian Memory Protection. PhD thesis, Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology (2004)

    Google Scholar 

  15. Yang, J., Zhang, Y., Gao, L.: Fast Secure Processor for Inhibiting Software Piracty and Tampering. In: Proceedings of the International Symposium on Microarchitecture (2003)

    Google Scholar 

  16. Zhuang, X., Zhang, T., Pande, S., Lee, H.-H.S.: HIDE: Hardware-support for Leakage-Immune Dynamic Execution. Report GIT-CERCS-03-21, Geogia Institute of Technology, Atlanta, GA (Nov. 2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computing School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA 30332-0280, USA

    Weidong Shi, Chenghuai Lu & Hsien-Hsin S. Lee

Authors
  1. Weidong Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chenghuai Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hsien-Hsin S. Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Chalmers University of Technology, 412 96, Gothenburg, Sweden

    Per Stenström

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shi, W., Lu, C., Lee, HH.S. (2007). Memory-Centric Security Architecture. In: Stenström, P. (eds) Transactions on High-Performance Embedded Architectures and Compilers I. Lecture Notes in Computer Science, vol 4050. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71528-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71528-3_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71527-6

  • Online ISBN: 978-3-540-71528-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation