Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation
Abstract As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear‐out attacks from malicious applications. However, it is also found that t...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2021-09-01
|
| Series: | IET Computers & Digital Techniques |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/cdt2.12023 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850218704228319232 |
|---|---|
| author | Xianzhong Zhou Ying Wang |
| author_facet | Xianzhong Zhou Ying Wang |
| author_sort | Xianzhong Zhou |
| collection | DOAJ |
| description | Abstract As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear‐out attacks from malicious applications. However, it is also found that the non‐volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM‐based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in‐memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in‐memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in‐memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop‐counting, which is an overhead‐free method by reusing the cell programming mechanism in iterate‐write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy‐efficiency than conventional measures for PCM memory. |
| format | Article |
| id | doaj-art-2c34185b9f3f45a496cd93903e662ef1 |
| institution | OA Journals |
| issn | 1751-8601 1751-861X |
| language | English |
| publishDate | 2021-09-01 |
| publisher | Wiley |
| record_format | Article |
| series | IET Computers & Digital Techniques |
| spelling | doaj-art-2c34185b9f3f45a496cd93903e662ef12025-08-20T02:07:38ZengWileyIET Computers & Digital Techniques1751-86011751-861X2021-09-0115532133410.1049/cdt2.12023Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisationXianzhong Zhou0Ying Wang1School of Information Engineering Guangdong University of Technology Guangzhou ChinaState Key Laboratory of Computer Architecture Institute of Computing Technology Chinese Academy of Sciences Beijing ChinaAbstract As a promising alternative to dynamic RAM, phase change memory (PCM) suffers from limited write endurance. Therefore, many research proposals on PCM security or reliability have focussed on the possible threat of wear‐out attacks from malicious applications. However, it is also found that the non‐volatile nature and the programming behaviour of PCM bring other security challenges to the memory system. The authors examine the potential risk of information leakage and theft in memory management for PCM‐based cloud server or multitenant systems. By observing the influence of process variation (PV) on PCM cell programming, they propose a fast and efficient in‐memory data obfuscation mechanism to defend against memory attacks or information leakage during page reallocation mandated by OS. With the capabilities of in‐memory data randomisation, the proposed SecuRAM avoids the long write latency of PCM cells to erase the content, and achieves higher data initialisation efficiency than conventional software solutions. Second, the proposed SecuRAM also provides a novel solution of fast in‐memory hardware fingerprinting and random number generation, which are common and essential security functions in encryption or access authentication to protect confidential memory data from attackers. Two novel techniques are proposed to generate signatures and random numbers: the first is based on partial programming, which works in the same way as bulk data randomisation; the second is loop‐counting, which is an overhead‐free method by reusing the cell programming mechanism in iterate‐write PCM devices. Through evaluation, SecuRAM shows a much better performance and energy‐efficiency than conventional measures for PCM memory.https://doi.org/10.1049/cdt2.12023cryptographyDRAM chipsrandom number generationstorage managementphase change memoriescloud computing |
| spellingShingle | Xianzhong Zhou Ying Wang Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation IET Computers & Digital Techniques cryptography DRAM chips random number generation storage management phase change memories cloud computing |
| title | Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation |
| title_full | Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation |
| title_fullStr | Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation |
| title_full_unstemmed | Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation |
| title_short | Enhancing the security of memory in cloud infrastructure through in‐phase change memory data randomisation |
| title_sort | enhancing the security of memory in cloud infrastructure through in phase change memory data randomisation |
| topic | cryptography DRAM chips random number generation storage management phase change memories cloud computing |
| url | https://doi.org/10.1049/cdt2.12023 |
| work_keys_str_mv | AT xianzhongzhou enhancingthesecurityofmemoryincloudinfrastructurethroughinphasechangememorydatarandomisation AT yingwang enhancingthesecurityofmemoryincloudinfrastructurethroughinphasechangememorydatarandomisation |