李亚伟,章隆兵,王剑.基于软硬件协同的细粒度安全域隔离机制[J].高技术通讯(中文),2024,34(1):33~45 |
基于软硬件协同的细粒度安全域隔离机制 |
A fine-grained security domain isolation mechanism based on software and hardware cooperation |
|
DOI:10. 3772/ j. issn. 1002-0470. 2024. 01. 004 |
中文关键词: 细粒度; 隔离执行; 硬件安全; 软硬件协同 |
英文关键词: fine-grained, isolation execution, hardware security, software and hardware cooperation |
基金项目: |
作者 | 单位 | 李亚伟 | (计算机体系结构国家重点实验室(中国科学院计算技术研究所)北京 100190)
(中国科学院计算技术研究所北京 100190)
(中国科学院大学北京 100049) | 章隆兵 | | 王剑 | |
|
摘要点击次数: 990 |
全文下载次数: 653 |
中文摘要: |
基于内存篡改的攻击能够恶意地修改程序执行环境的关键数据,给程序提供一个安全可信的执行环境是抑制恶意软件的有效手段。本文提出了一种基于软硬件协同的解决方案,能够以函数调用为粒度,为程序执行提供相对隔离的安全执行环境。为了配合软件,在底层提供了2大硬件支撑:load/store指令在访存时都要进行地址检查,同时也设置了访问属性;在硬件页表上增加了函数调用隔离域(CFID),在TLB转换时进行安全隔离的检查。提供了2种不同场合的数据共享访问策略,在GEM5上实现了原型系统,通过运行安全测试集,能够有效地隔离非安全环境。相比于虚拟机和特权级切换的方法,本文的硬件实现几乎没有切换损耗。在SPEC CPU 2006的测试集中,本文提出的硬件隔离机制总体性能损耗低于3%。 |
英文摘要: |
Attacks based on memory tampering can maliciously modify key data in the program execution environment. Providing a safe and reliable execution environment for programs is an effective means of suppressing malware. In this paper, a solution based on software-hardware collaboration is proposed, which can provide a relatively isolated and secure execution environment for program execution with function calls as granularity. In order to cooperate with the software, two hardware supports are provided at the bottom layer. First, the load/store instruction must perform address check when accessing memory, and the access attribute is also set. Second, add function call isolation domain (CFID) on the hardware page table, which is checked for security isolation during TLB conversion. Sharing access strategies are provided in two different occasions. The prototype system on GEM5 is implemented, which can effectively isolate the non-secure environment by running the secure test set. Compared with virtual machine and privilege level switching methods, the hardware implementation has almost no switching overhead. In the test set of SPEC CPU 2006, the overall performance loss of the hardware isolation mechanism proposed in this paper is only 3%. |
查看全文
查看/发表评论 下载PDF阅读器 |
关闭 |