计算机科学 ›› 2018, Vol. 45 ›› Issue (7): 53-60.doi: 10.11896/j.issn.1002-137X.2018.07.008

• 第三十三届全国信息存储技术学术会议 • 上一篇    下一篇

基于NVM的存储安全综述

李月,王芳   

  1. 武汉光电国家研究中心信息存储系统教育部重点实验室华中科技大学计算机科学与技术学院 武汉430074;
    深圳华中科技大学研究院 广东 深圳518000
  • 收稿日期:2017-07-27 出版日期:2018-07-30 发布日期:2018-07-30
  • 作者简介:李 月(1993-),女,博士生,主要研究方向为存储安全,E-mail:yueli@hust.edu.cn;王 芳 女,博士,教授,CCF会员,主要研究方向为海量存储系统、并行文件系统、非易失性存储、大规模图数据存储和处理,E-mail:wangfang@mail.hust.edu.cn(通信作者)。
  • 基金资助:
    本文受武汉应用基础研究计划项目(2017010201010103),深圳市科技计划项目(JCYJ20170307172248636)资助。

Survey on Storage Security of Emerging Non-volatile Memory

LI Yue,WANG Fang   

  1. Wuhan National Laboratory for Optoelectronics,Key Laboratory of Information Storage SystemSchool of Computer Science and Technology, Huazhong University of Science and Technology,Ministry of Education of China,Wuhan 430074,China;
    Shenzhen Huazhong University of Science and Technology Research Institute,Shenzhen,Guangdong 518000,China
  • Received:2017-07-27 Online:2018-07-30 Published:2018-07-30

摘要: 大数据时代的来临为存储系统提供了新的机遇,同时也提出了新的挑战。传统的基于动态随机存储(DRAM)的内存架构面临着容量、能耗、可靠性等方面的问题;新型非易失存储器件(Non-Volatile Memory,NVM)具有非易失、字节寻址、空闲能耗低等优势,可以作为外存、内存或存储级内存(Storage Class Memory,SCM),为未来存储系统的变革提供了新选择,但同时也存在一些安全问题。NVM器件本身的耐久性有限,频繁对某一位置进行写操作时会造成该位置磨损,从而缩短设备的寿命;同时,由于具有非易失性,NVM被用作内存时,断电后数据不会丢失,攻击者可以通过窃取数据来提取敏感信息或对数据进行篡改;当NVM与DRAM构成混合内存时,可能会产生指针指向不明等问题;NVM作为SCM时,应用程序通过存取(load/store)接口直接对其进行访问,绕过了文件系统等权限管理和一致性管理机制。针对这些问题,文中总结了磨损均衡、减少写操作、减少写入量、内存加密、设计一致性机制、设计权限管理机制等解决办法;最后从硬件、操作系统以及编程模型层面探讨了仍须关注的NVM安全问题。

关键词: 安全, 非易失性存储, 加密, 磨损均衡, 一致性

Abstract: The age of big data provides new opportunities and challenges to the memory/storage system.Traditional main memory architecture based on DRAM faces the problems of capacity,energy consumption and reliability.The new non-volatile memory (NVM) devices are non-volatile and byte-addressable,and possess the feature of low idle consumption,so they can replace persistent storage,main memory or storage class memory (SCM).Though NVM devices provide new choices to the revolution of traditional memory/storage system,there are some security concerns as well.For NVM device itself,the endurance is limited.So writing frequently at one place can wear it out.The lifetime of the NVM devices can be seriously affected by that.When NVM devices work as memory,the non-volatile feature makes the data persistent in the NVM devices.The attackers can steal it and extract sensitive information or tamper the data.When NVM devices work with DRAM as heterogeneous memory,hard-to-find pointers may occur because of non-volatile feature of NVM.In addition,NVM device can work as SCM,because it’s byte-addressable like DRAM.Applications can directly operate the NVM devices through load/store interface bypassing the file system.This paper surveyed some solutions about wear-leveling,reducing write operation,reducing write amount,encrypting main memory,designing consistent and right management mechanism.Finally,it explored some issues that need to be concerned from the aspects of hardware,OS and programming model.

Key words: Consistency, Encryption, Non-volatile memory, Safety, Wear-leveling

中图分类号: 

  • TP333
[1]MAO W,LIU J N,TONG W,et al.A Review of Storage Technology Research Based on Phase Change Memory[J].Chinese Journal of Computers,2015,38(5):944-960.(in Chinese)
冒伟,刘景宁,童薇,等.基于相变存储器的存储技术研究综述[J].计算机学报,2015,38(5):944-960.
[2]QURESHI M K,KARIDIS J,FRANCESCHINI M,et al.Enhancing Lifetime and Security of Pcm-Based Main Memory with Start-Gap Wear Leveling[C]∥Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture.New York:ACM,2009:14-23.
[3]ZHAO M,SHI L,YANG C,et al.Leveling to the Last Mile:Near-Zero-Cost Bit Level Wear Leveling for Pcm-Based Main Memory[C]∥32nd IEEE International Conference on Compu-ter Design.Seoul:IEEE,2014:16-21.
[4]HUANG F,FENG D,XIA W,et al.Security Rbsg:Protecting Phase Change Memory with Security-Level Adjustable Dynamic Mapping[C]∥2016 IEEE International Parallel and Distributed Processing Symposium.Chicago:IEEE,2016:1081-1090.
[5]ZHANG X,SUN G.Toss-Up Wear Leveling:Protecting Phase-Change Memories From Inconsistent Write Patterns[C]∥Proceedings of the 54th Annual Design Automation Conference.Austin:ACM,2017:3.
[6]XU Y C,YAN J F,WAN H,et al.A Survey on Security and Privacy of Emerging Non-volatile Memory[J].Journal of Computer Research and Development,2016,53(9):1930-1942.(in Chinese)
徐远超,闫俊峰,万虎,等.新型非易失存储的安全与隐私问题研究综述[J].计算机研究与发展,2016,53(9):1930-1942.
[7]SZEKERES L,PAYER M,WEI L T,et al.Eternal War inMemory[J].IEEE Security & Privacy,2014,12(3):45-53.
[8]CHHABRA S,SOLIHIN Y.I-Nvmm:A Secure Non-VolatileMain Memory System with Incremental Encryption[C]∥2011 38th Annual International Symposium on Computer Architecture.San Jose:IEEE,2011:177-188.
[9]KONG J,ZHOU H.Improving Privacy and Lifetime of Pcm-Based Main Memory[C]∥Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks.Chicago:IEEE,2010:333-342.
[10]HUANG F,FENG D,HUA Y,et al.A Wear-Leveling-Aware Counter Mode for Data Encryption in Non-Volatile Memories[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:910-913.
[11]SWAMI S,MOHANRAM K.Covert:Counter Overflow Reduction for Efficient Encryption of Non-Volatlle Memories[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:906-909.
[12]LIU C,YANG C.Secure and Durable (Sedura):An Integrated Encryption and Wear-Leveling Framework for Pcm-Based Main Memory[C]∥Proceedings of the 16th ACM SIGPLAN/SIGBED Conference on Languages,Compilers and Tools for Embedded Systems.Portland:ACM,2015:12.
[13]YOUNG V,NAIR P J,QURESHI M K.Deuce:Write-Efficient Encryption for Non-Volatile Memories[C]∥Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems.Istanbul:ACM,2015:33-44.
[14]AWAD A,MANADHATA P,HABER S,et al.Silent Shredder:Zero-Cost Shredding for Secure Non-Volatile Main Memory Controllers[C]∥Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems.Atlanta:ACM,2016:263-276.
[15]JALILI M,SARBAZI-AZAD H.Endurance-Aware Security Enhancement in Non-Volatile Memories Using Compression and Selective Encryption[J].IEEE Transactions on Computers,2017,66(7):1132-1144.
[16]RAKSHIT J,MOHANRAM K.Assure:Authentication Scheme for Secure Energy Efficient Non-Volatile Memories[C]∥Proceedings of the 54th Annual Design Automation Conference 2017.Austin:ACM,2017:11.
[17]HASHIMOTO M,YAMADA N,KANAI J.Trebivetm:A Tree Based Integrity Verification Environment for Non-Volatile Memory System[C]∥2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing.Zhangjiajie:IEEE,2015:279-289.
[18]COBURN J,CAULFIELD A M,AKEL A,et al.Nv-Heaps:Making Persistent Objects Fast and Safe with Next-Generation,Non-Volatile Memories[J].ACM SIGPLAN NOTICES,2011,46(3):105-118.
[19]VOLOS H,TACK A J,SWIFT M M.Mnemosyne:Lightweight Persistent Memory[C]∥Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems.Newport Beach:ACM,2011:91-104.
[20]CHEN S,JIN Q.Persistent B+-Trees in Non-Volatile MainMemory[J].Proceedings of the VLDB Endowment,2015,8(7):786-797.
[21]CHAKRABARTI D R,BOEHM H,BHANDARI K.Atlas:Leveraging Locks for Non-Volatile Memory Consistency[J].ACM SIGPLAN NOTICES,2014,49(10):433-452.
[22]REN J,ZHAO J,KHAN S,et al.Thynvm:Enabling Software-Transparent Crash Consistency in Persistent Memory Systems[C]∥Proceedings of the 48th International Symposium on Microarchitecture.Waikiki:IEEE,2015:672-685.
[23]DULLOOR S R,KUMAR S,KESHAVAMURTHY A,et al.System Software for Persistent Memory[C]∥Proceedings of the Ninth European Conference on Computer Systems.Amsterdam:ACM,2014:15.
[24]CHEN F,MESNIER M P,HAHN S.A Protected Block Device for Persistent Memory[C]∥2014 30th Symposium on Mass Storage Systems and Technologies.Santa Clara:IEEE,2014:1-12.
[25]VOLOS H,NALLI S,PANNEERSELVAM S,et al.Aerie:Flexible File-System Interfaces to Storage-Class Memory[C]∥Proceedings of the Ninth European Conference on Computer Systems.Amsterdam:ACM,2014:14.
[26]WU X,REDDY A L.Scmfs:A File System for Storage ClassMemory[C]∥Proceedings of 2011 International Conference for High Performance Computing,Networking,Storage and Analysis.Seattle:ACM,2011:39.
[27]HWANG T,JUNG J,WON Y.Heapo:Heap-Based PersistentObject Store[J].ACM Transactions on Storage,2015,11(1):3.
[28]LIU R,SHEN D,YANG C,et al.Nvm Duet:Unified Working Memory and Persistent Store Architecture[J].ACM SIGARCH Computer Architecture News,2014,42(1):455-470.
[29]YANG Y,GUAN Z,CHEN Z.Survey of cold boot attack [J].Application Research of Computers,2015,32(10):2886-2890.(in Chinese)
杨阳,关志,陈钟.冷启动攻击研究综述[J].计算机应用研究,2015,32(10):2886-2890.
[30]DYKA Z,WALCZYK C,WALCZYK D,et al.Side Channel Attacks and the Non Volatile Memory of the Future[C]∥Procee-dings of the 2012 International Conference on Compilers,Architectures and Synthesis for Embedded Systems.Tampere:ACM,2012:13-16.
[31]XU L,SHI W,DESALVO N.Seasoning Effect Based Side Channel Attacks to Aes Implementation with Phase Change Memory[C]∥Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy.Minneapolis:ACM,2014:5.
[32]MAO H,ZHANG X,SUN G,et al.Protect Non-Volatile Memory From Wear-Out Attack Based on Timing Difference of Row Buffer Hit/Miss[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:1623-1626.
[1] 汤凌韬, 王迪, 张鲁飞, 刘盛云.
基于安全多方计算和差分隐私的联邦学习方案
Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy
计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108
[2] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[3] 吕由, 吴文渊.
隐私保护线性回归方案与应用
Privacy-preserving Linear Regression Scheme and Its Application
计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190
[4] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[5] 窦家维.
保护隐私的汉明距离与编辑距离计算及应用
Privacy-preserving Hamming and Edit Distance Computation and Applications
计算机科学, 2022, 49(9): 355-360. https://doi.org/10.11896/jsjkx.220100241
[6] 蹇奇芮, 陈泽茂, 武晓康.
面向无人机通信的认证和密钥协商协议
Authentication and Key Agreement Protocol for UAV Communication
计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098
[7] 周连兵, 周湘贞, 崔学荣.
基于双重二维混沌映射的压缩图像加密方案
Compressed Image Encryption Scheme Based on Dual Two Dimensional Chaotic Map
计算机科学, 2022, 49(8): 344-349. https://doi.org/10.11896/jsjkx.210700235
[8] 周慧, 施皓晨, 屠要峰, 黄圣君.
基于主动采样的深度鲁棒神经网络学习
Robust Deep Neural Network Learning Based on Active Sampling
计算机科学, 2022, 49(7): 164-169. https://doi.org/10.11896/jsjkx.210600044
[9] 陈明鑫, 张钧波, 李天瑞.
联邦学习攻防研究综述
Survey on Attacks and Defenses in Federated Learning
计算机科学, 2022, 49(7): 310-323. https://doi.org/10.11896/jsjkx.211000079
[10] 李瑭, 秦小麟, 迟贺宇, 费珂.
面向多无人系统的安全协同模型
Secure Coordination Model for Multiple Unmanned Systems
计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107
[11] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[12] 陈永平, 朱建清, 谢懿, 吴含笑, 曾焕强.
基于外接圆半径差损失的实时安全帽检测算法
Real-time Helmet Detection Algorithm Based on Circumcircle Radius Difference Loss
计算机科学, 2022, 49(6A): 424-428. https://doi.org/10.11896/jsjkx.220100252
[13] 卫宏儒, 李思月, 郭涌浩.
基于智能合约的秘密重建协议
Secret Reconstruction Protocol Based on Smart Contract
计算机科学, 2022, 49(6A): 469-473. https://doi.org/10.11896/jsjkx.210700033
[14] 蒋成满, 华保健, 樊淇梁, 朱洪军, 徐波, 潘志中.
Python虚拟机本地代码的安全性实证研究
Empirical Security Study of Native Code in Python Virtual Machines
计算机科学, 2022, 49(6A): 474-479. https://doi.org/10.11896/jsjkx.210600200
[15] 陶礼靖, 邱菡, 朱俊虎, 李航天.
面向网络安全训练评估的受训者行为描述模型
Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment
计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!