ShieldNVM
- 18 May 2020
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in ACM Transactions on Storage
- Vol. 16 (2), 1-31
- https://doi.org/10.1145/3381835
Abstract
Data encryption and authentication are essential for secure non-volatile memory (NVM). However, the introduced security metadata needs to be atomically written back to NVM along with data, so as to provide crash consistency, which unfortunately incurs high overhead. To support fine-grained data protection and fast recovery for a secure NVM system without compromising the performance, we propose ShieldNVM. It first proposes an epoch-based mechanism to aggressively cache the security metadata in the metadata cache while retaining the consistency of them in NVM. Deferred spreading is also introduced to reduce the calculating overhead for data authentication. Leveraging the ability of data hash message authentication codes, we can always recover the consistent but old security metadata to its newest version. By recording a limited number of dirty addresses of the security metadata, ShieldNVM achieves fast recovering the secure NVM system after crashes. Compared to Osiris, a state-of-the-art secure NVM, ShieldNVM reduces system runtime by 39.1% and hash message authentication code computation overhead by 80.5% on average over NVM workloads. When system crashes happen, ShieldNVM’s recovery time is orders of magnitude faster than Osiris. In addition, ShieldNVM also recovers faster than AGIT, which is the Osiris-based state-of-the-art mechanism addressing the recovery time of the secure NVM system. Once the recovery process fails, instead of dropping all data due to malicious attacks, ShieldNVM is able to detect and locate the area of the tampered data with the help of the tracked addresses.Keywords
Funding Information
- Research and Development Plan in Key Field of Guangdong Province (2018B010109002)
- The National Natural Science Foundation of China (61832011)
- National Key Research & Development Program of China (2018YFB1003301)
This publication has 53 references indexed in Scilit:
- Failure-Atomic Persistent Memory Updates via JUSTDO LoggingPublished by Association for Computing Machinery (ACM) ,2016
- Reducing the Memory Bandwidth Overheads of Hardware Security Support for Multi-Core ProcessorsInternational Conference on Acoustics, Speech, and Signal Processing (ICASSP), 2016
- Blurred persistence in transactional persistent memoryPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- DEUCEACM SIGPLAN Notices, 2015
- System software for persistent memoryPublished by Association for Computing Machinery (ACM) ,2014
- Functional Analysis of Autophagy Genes via Agrobacterium-Mediated Transformation in the Vascular Wilt Fungus Verticillium dahliaeJournal of Genetics and Genomics, 2013
- Evaluating STT-RAM as an energy-efficient main memory alternativePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Whole-system persistencePublished by Association for Computing Machinery (ACM) ,2012
- The gem5 simulatorACM SIGARCH Computer Architecture News, 2011
- NV-HeapsACM SIGPLAN Notices, 2011