非易失性内存安全技术综述
非易失性内存安全技术综述
作者:
作者单位:

作者简介:

通讯作者:

基金项目:

深圳市科创委学科布局项目(JCYJ20170816093943197);国家自然科学基金委员会面上项目(62072333)

伦理声明:



A Survey on the Secure Non-Volatile Memory Technology
Author:
Ethical statement:

Affiliation:

Funding:

Shenzhen Science and Technology Innovation Committee (JCYJ20170816093943197);National Natural Science Foundation of China (62072333)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
    摘要:

    大数据应用对内存容量的需求越来越大,而在大数据应用中,以动态随机存储器为内存介质的传统存储器所凸显出来的问题也越来越严重。计算机设计者们开始考虑用非易失性内存去替代传统的动态随机存储器内存。非易失性内存作为非易失的存储介质,不需要动态刷新,因此不会引起大量的能量消耗;此外,非易失性内存的读性能与动态随机存储器相近,且非易失性内存单个存储单元的容量具有较强的可扩展性。但将非易失性内存作为内存集成到现有的计算机系统中,需要解决其安全性问题。传统的动态随机存储器作为内存介质掉电后数据会自动丢失,即数据不会在存储介质中驻留较长时间,而当非易失性内存作为非易失性存储介质时,数据可以保留相对较久的时间。若攻击者获得了非易失性内存存储器的访问权,扫描存储内容,便可以获取内存中的数据,这一安全性问题被定义为数据的“恢复漏洞”。因此,在基于非易失性内存模组的数据中心环境中,如何充分有效地利用非易失性内存,并保证其安全性,成为迫切需要解决的问题。该文从非易失性内存的安全层面出发,对近年来的研究热点及进展进行介绍。首先,该文总结了非易失性内存所面临的主要安全问题,如数据窃取、完整性破坏、数据一致性与崩溃恢复,以及由加解密和完整性保护技术引入而导致的系统性能下降等问题。然后,针对上述各问题,对组合计数器模式加密技术、完整性保护技术扩展的默克尔树、数据一致性与崩溃恢复技术,以及相关优化方案作了详细介绍。最后,对全文进行了总结,并对非易失性内存未来需要进一步关注的问题进行了展望。

    Abstract:

    Big data applications have an increasing demand for memory capacity, but traditional memory using DRAM as a memory medium has become more and more serious in big data applications. Computer designers began to consider using Non-Volatile Memory (NVM) to replace traditional DRAM memory. As a non-volatile storage medium, NVM does not need to be dynamically refreshed, so it will not cause a large amount of energy consumption; at the same time, the read performance of NVM is similar to that of DRAM, and the capacity of a single NVM storage unit has strong scalability. However, integrating NVM as a memory into an existing computer system needs to solve its security problem. Traditional DRAM, as a memory medium, loses data automatically after power failure, so the data will not stay in the storage medium for a long time, while NVM is a non-volatile storage medium, and the data can be retained in the NVM for a relatively long time. If attackers gain access to the NVM and then scan the contents, they can obtain the data in the memory. This security issue is defined as a "recovery vulnerability" of the data. Therefore, in a data center environment based on NVM modules, how to make full and effective use of NVM and ensure its safety has become an urgent problem to be solved. Starting from the security aspect of NVM, this article summarizes the research hotspots and progress of NVM security in recent years. First, it summarizes the main security issues faced by NVM, such as data theft, integrity damage, data consistency and crash recovery, and system performance degradation caused by the introduction of encryption and decryption and integrity protection technologies. Then, in view of the above problems, the combined counter mode encryption technology, integrity protection technology Bonsai Merkel Tree, data consistency and crash recovery technology and related optimization schemes are introduced in detail. Finally, the full text is summarized, and the issues that need further attention in the future of NVM are prospected.

    参考文献
    相似文献
    引证文献
引用本文

引文格式
陈仁海,史文燕,李雅帅,冯志勇.非易失性内存安全技术综述 [J].集成技术,2022,11(3):3-22

Citing format
CHEN Renhai, SHI Wenyan, LI Yashuai, FENG Zhiyong. A Survey on the Secure Non-Volatile Memory Technology[J]. Journal of Integration Technology,2022,11(3):3-22

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
历史
  • 收稿日期:
  • 最后修改日期:
  • 录用日期:
  • 在线发布日期: 2022-05-18
  • 出版日期: