计算机科学 ›› 2018, Vol. 45 ›› Issue (7): 53-60.doi: 10.11896/j.issn.1002-137X.2018.07.008
李月,王芳
LI Yue,WANG Fang
摘要: 大数据时代的来临为存储系统提供了新的机遇,同时也提出了新的挑战。传统的基于动态随机存储(DRAM)的内存架构面临着容量、能耗、可靠性等方面的问题;新型非易失存储器件(Non-Volatile Memory,NVM)具有非易失、字节寻址、空闲能耗低等优势,可以作为外存、内存或存储级内存(Storage Class Memory,SCM),为未来存储系统的变革提供了新选择,但同时也存在一些安全问题。NVM器件本身的耐久性有限,频繁对某一位置进行写操作时会造成该位置磨损,从而缩短设备的寿命;同时,由于具有非易失性,NVM被用作内存时,断电后数据不会丢失,攻击者可以通过窃取数据来提取敏感信息或对数据进行篡改;当NVM与DRAM构成混合内存时,可能会产生指针指向不明等问题;NVM作为SCM时,应用程序通过存取(load/store)接口直接对其进行访问,绕过了文件系统等权限管理和一致性管理机制。针对这些问题,文中总结了磨损均衡、减少写操作、减少写入量、内存加密、设计一致性机制、设计权限管理机制等解决办法;最后从硬件、操作系统以及编程模型层面探讨了仍须关注的NVM安全问题。
中图分类号:
[1]MAO W,LIU J N,TONG W,et al.A Review of Storage Technology Research Based on Phase Change Memory[J].Chinese Journal of Computers,2015,38(5):944-960.(in Chinese) 冒伟,刘景宁,童薇,等.基于相变存储器的存储技术研究综述[J].计算机学报,2015,38(5):944-960. [2]QURESHI M K,KARIDIS J,FRANCESCHINI M,et al.Enhancing Lifetime and Security of Pcm-Based Main Memory with Start-Gap Wear Leveling[C]∥Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture.New York:ACM,2009:14-23. [3]ZHAO M,SHI L,YANG C,et al.Leveling to the Last Mile:Near-Zero-Cost Bit Level Wear Leveling for Pcm-Based Main Memory[C]∥32nd IEEE International Conference on Compu-ter Design.Seoul:IEEE,2014:16-21. [4]HUANG F,FENG D,XIA W,et al.Security Rbsg:Protecting Phase Change Memory with Security-Level Adjustable Dynamic Mapping[C]∥2016 IEEE International Parallel and Distributed Processing Symposium.Chicago:IEEE,2016:1081-1090. [5]ZHANG X,SUN G.Toss-Up Wear Leveling:Protecting Phase-Change Memories From Inconsistent Write Patterns[C]∥Proceedings of the 54th Annual Design Automation Conference.Austin:ACM,2017:3. [6]XU Y C,YAN J F,WAN H,et al.A Survey on Security and Privacy of Emerging Non-volatile Memory[J].Journal of Computer Research and Development,2016,53(9):1930-1942.(in Chinese) 徐远超,闫俊峰,万虎,等.新型非易失存储的安全与隐私问题研究综述[J].计算机研究与发展,2016,53(9):1930-1942. [7]SZEKERES L,PAYER M,WEI L T,et al.Eternal War inMemory[J].IEEE Security & Privacy,2014,12(3):45-53. [8]CHHABRA S,SOLIHIN Y.I-Nvmm:A Secure Non-VolatileMain Memory System with Incremental Encryption[C]∥2011 38th Annual International Symposium on Computer Architecture.San Jose:IEEE,2011:177-188. [9]KONG J,ZHOU H.Improving Privacy and Lifetime of Pcm-Based Main Memory[C]∥Proceedings of the 2010 IEEE/IFIP International Conference on Dependable Systems and Networks.Chicago:IEEE,2010:333-342. [10]HUANG F,FENG D,HUA Y,et al.A Wear-Leveling-Aware Counter Mode for Data Encryption in Non-Volatile Memories[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:910-913. [11]SWAMI S,MOHANRAM K.Covert:Counter Overflow Reduction for Efficient Encryption of Non-Volatlle Memories[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:906-909. [12]LIU C,YANG C.Secure and Durable (Sedura):An Integrated Encryption and Wear-Leveling Framework for Pcm-Based Main Memory[C]∥Proceedings of the 16th ACM SIGPLAN/SIGBED Conference on Languages,Compilers and Tools for Embedded Systems.Portland:ACM,2015:12. [13]YOUNG V,NAIR P J,QURESHI M K.Deuce:Write-Efficient Encryption for Non-Volatile Memories[C]∥Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems.Istanbul:ACM,2015:33-44. [14]AWAD A,MANADHATA P,HABER S,et al.Silent Shredder:Zero-Cost Shredding for Secure Non-Volatile Main Memory Controllers[C]∥Proceedings of the Twenty-First International Conference on Architectural Support for Programming Languages and Operating Systems.Atlanta:ACM,2016:263-276. [15]JALILI M,SARBAZI-AZAD H.Endurance-Aware Security Enhancement in Non-Volatile Memories Using Compression and Selective Encryption[J].IEEE Transactions on Computers,2017,66(7):1132-1144. [16]RAKSHIT J,MOHANRAM K.Assure:Authentication Scheme for Secure Energy Efficient Non-Volatile Memories[C]∥Proceedings of the 54th Annual Design Automation Conference 2017.Austin:ACM,2017:11. [17]HASHIMOTO M,YAMADA N,KANAI J.Trebivetm:A Tree Based Integrity Verification Environment for Non-Volatile Memory System[C]∥2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing.Zhangjiajie:IEEE,2015:279-289. [18]COBURN J,CAULFIELD A M,AKEL A,et al.Nv-Heaps:Making Persistent Objects Fast and Safe with Next-Generation,Non-Volatile Memories[J].ACM SIGPLAN NOTICES,2011,46(3):105-118. [19]VOLOS H,TACK A J,SWIFT M M.Mnemosyne:Lightweight Persistent Memory[C]∥Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems.Newport Beach:ACM,2011:91-104. [20]CHEN S,JIN Q.Persistent B+-Trees in Non-Volatile MainMemory[J].Proceedings of the VLDB Endowment,2015,8(7):786-797. [21]CHAKRABARTI D R,BOEHM H,BHANDARI K.Atlas:Leveraging Locks for Non-Volatile Memory Consistency[J].ACM SIGPLAN NOTICES,2014,49(10):433-452. [22]REN J,ZHAO J,KHAN S,et al.Thynvm:Enabling Software-Transparent Crash Consistency in Persistent Memory Systems[C]∥Proceedings of the 48th International Symposium on Microarchitecture.Waikiki:IEEE,2015:672-685. [23]DULLOOR S R,KUMAR S,KESHAVAMURTHY A,et al.System Software for Persistent Memory[C]∥Proceedings of the Ninth European Conference on Computer Systems.Amsterdam:ACM,2014:15. [24]CHEN F,MESNIER M P,HAHN S.A Protected Block Device for Persistent Memory[C]∥2014 30th Symposium on Mass Storage Systems and Technologies.Santa Clara:IEEE,2014:1-12. [25]VOLOS H,NALLI S,PANNEERSELVAM S,et al.Aerie:Flexible File-System Interfaces to Storage-Class Memory[C]∥Proceedings of the Ninth European Conference on Computer Systems.Amsterdam:ACM,2014:14. [26]WU X,REDDY A L.Scmfs:A File System for Storage ClassMemory[C]∥Proceedings of 2011 International Conference for High Performance Computing,Networking,Storage and Analysis.Seattle:ACM,2011:39. [27]HWANG T,JUNG J,WON Y.Heapo:Heap-Based PersistentObject Store[J].ACM Transactions on Storage,2015,11(1):3. [28]LIU R,SHEN D,YANG C,et al.Nvm Duet:Unified Working Memory and Persistent Store Architecture[J].ACM SIGARCH Computer Architecture News,2014,42(1):455-470. [29]YANG Y,GUAN Z,CHEN Z.Survey of cold boot attack [J].Application Research of Computers,2015,32(10):2886-2890.(in Chinese) 杨阳,关志,陈钟.冷启动攻击研究综述[J].计算机应用研究,2015,32(10):2886-2890. [30]DYKA Z,WALCZYK C,WALCZYK D,et al.Side Channel Attacks and the Non Volatile Memory of the Future[C]∥Procee-dings of the 2012 International Conference on Compilers,Architectures and Synthesis for Embedded Systems.Tampere:ACM,2012:13-16. [31]XU L,SHI W,DESALVO N.Seasoning Effect Based Side Channel Attacks to Aes Implementation with Phase Change Memory[C]∥Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy.Minneapolis:ACM,2014:5. [32]MAO H,ZHANG X,SUN G,et al.Protect Non-Volatile Memory From Wear-Out Attack Based on Timing Difference of Row Buffer Hit/Miss[C]∥2017 Design,Automation & Test in Europe Conference & Exhibition.Lausanne:IEEE,2017:1623-1626. |
[1] | 汤凌韬, 王迪, 张鲁飞, 刘盛云. 基于安全多方计算和差分隐私的联邦学习方案 Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy 计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108 |
[2] | 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠. 基于战术关联的网络安全风险评估框架 Network Security Risk Assessment Framework Based on Tactical Correlation 计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171 |
[3] | 吕由, 吴文渊. 隐私保护线性回归方案与应用 Privacy-preserving Linear Regression Scheme and Its Application 计算机科学, 2022, 49(9): 318-325. https://doi.org/10.11896/jsjkx.220300190 |
[4] | 王磊, 李晓宇. 基于随机洋葱路由的LBS移动隐私保护方案 LBS Mobile Privacy Protection Scheme Based on Random Onion Routing 计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077 |
[5] | 窦家维. 保护隐私的汉明距离与编辑距离计算及应用 Privacy-preserving Hamming and Edit Distance Computation and Applications 计算机科学, 2022, 49(9): 355-360. https://doi.org/10.11896/jsjkx.220100241 |
[6] | 蹇奇芮, 陈泽茂, 武晓康. 面向无人机通信的认证和密钥协商协议 Authentication and Key Agreement Protocol for UAV Communication 计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098 |
[7] | 周连兵, 周湘贞, 崔学荣. 基于双重二维混沌映射的压缩图像加密方案 Compressed Image Encryption Scheme Based on Dual Two Dimensional Chaotic Map 计算机科学, 2022, 49(8): 344-349. https://doi.org/10.11896/jsjkx.210700235 |
[8] | 周慧, 施皓晨, 屠要峰, 黄圣君. 基于主动采样的深度鲁棒神经网络学习 Robust Deep Neural Network Learning Based on Active Sampling 计算机科学, 2022, 49(7): 164-169. https://doi.org/10.11896/jsjkx.210600044 |
[9] | 陈明鑫, 张钧波, 李天瑞. 联邦学习攻防研究综述 Survey on Attacks and Defenses in Federated Learning 计算机科学, 2022, 49(7): 310-323. https://doi.org/10.11896/jsjkx.211000079 |
[10] | 李瑭, 秦小麟, 迟贺宇, 费珂. 面向多无人系统的安全协同模型 Secure Coordination Model for Multiple Unmanned Systems 计算机科学, 2022, 49(7): 332-339. https://doi.org/10.11896/jsjkx.210600107 |
[11] | 赵冬梅, 吴亚星, 张红斌. 基于IPSO-BiLSTM的网络安全态势预测 Network Security Situation Prediction Based on IPSO-BiLSTM 计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103 |
[12] | 陈永平, 朱建清, 谢懿, 吴含笑, 曾焕强. 基于外接圆半径差损失的实时安全帽检测算法 Real-time Helmet Detection Algorithm Based on Circumcircle Radius Difference Loss 计算机科学, 2022, 49(6A): 424-428. https://doi.org/10.11896/jsjkx.220100252 |
[13] | 卫宏儒, 李思月, 郭涌浩. 基于智能合约的秘密重建协议 Secret Reconstruction Protocol Based on Smart Contract 计算机科学, 2022, 49(6A): 469-473. https://doi.org/10.11896/jsjkx.210700033 |
[14] | 蒋成满, 华保健, 樊淇梁, 朱洪军, 徐波, 潘志中. Python虚拟机本地代码的安全性实证研究 Empirical Security Study of Native Code in Python Virtual Machines 计算机科学, 2022, 49(6A): 474-479. https://doi.org/10.11896/jsjkx.210600200 |
[15] | 陶礼靖, 邱菡, 朱俊虎, 李航天. 面向网络安全训练评估的受训者行为描述模型 Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment 计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048 |
|