Name
Title | ||
|---|---|---|
No Compromises: Secure NVM with Crash Consistency, Write-Efficiency and High-Performance |
Abstract | ||
|---|---|---|
Data encryption and authentication are essential for secure NVM. However, the introduced security metadata needs to be atomically written back to NVM along with data, so as to provide crash consistency, which unfortunately incurs high overhead. To support fine-grained data protection without compromising the performance, we propose cc-NVM. It firstly proposes an epoch-based mechanism to aggressively cache the security metadata in CPU cache while retaining the consistency of them in NVM. Deferred spreading is also introduced to reduce the calculating overhead for data authentication. Leveraging the hidden ability of data HMACs, we can always recover the consistent but old security metadata to its newest version. Compared to Osiris, a state-of-the-art secure NVM, cc-NVM improves performance by 20.4% on average. When the system crashes, instead of dropping all the data due to malicious attacks, cc-NVM is able to detect and locate the exact tampered data while only incurring extra write traffic by 29.6% on average.
|
Year | DOI | Venue |
|---|---|---|
2019 | 10.1145/3316781.3317869 | Proceedings of the 56th Annual Design Automation Conference 2019 |
Keywords | Field | DocType |
data authentication,data HMACs,system crashes,cc-NVM,crash consistency,write-efficiency,introduced security metadata,fine-grained data protection,epoch-based mechanism,metadata security,tampered data,secure NVM,data encryption | Metadata,Crash,Authentication,Computer science,Cache,CPU cache,Real-time computing,Encryption,Data Protection Act 1998,Operating system | Conference |
ISSN | ISBN | Citations |
0738-100X | 978-1-4503-6725-7 | 2 |
PageRank | References | Authors |
0.36 | 10 | 5 |