Despite the numerous efforts of security researchers, memory vulnerabilities remain a top issue for modern computing systems. Capability-based solutions aim to solve whole classes of memory vulnerabilities at the hardware level by encoding access permissions with each memory reference. While some capability systems have seen commercial adoption, little work has been done to apply a capability model to datacenter-scale systems. Cloud and high-performance computing often require programs to share memory across many compute nodes. This presents a challenge for existing capability models, as capabilities must be enforceable across multiple nodes. Each node must agree on what access permissions a capability has and overheads of remote memory access must remain manageable. To address these challenges, we introduce Zeno, a new capability-based architecture. Zeno supports a Namespace-based capability model to support globally shareable capabilities in a large-scale, multi-node system. In this work, we describe the Zeno architecture, define Zeno's security properties, evaluate the scalability of Zeno as a large-scale capability architecture, and measure the hardware overhead with an FPGA implementation.
翻译:尽管安全研究人员作出了许多努力,但记忆脆弱性仍然是现代计算系统的首要问题。基于能力的解决办法旨在通过对每个记忆参考文献的存取许可进行编码,在硬件一级解决所有类别的记忆脆弱性。虽然有些能力系统在商业上已经采用过,但在对数据中心系统应用能力模型方面没有做多少工作。云和高性能计算往往要求多个计算节点的共享记忆程序。这对现有能力模型提出了挑战,因为能力必须跨越多个节点加以执行。每个节点必须商定一个能力存取许可,远程存取的管理必须仍然可以管理。为了应对这些挑战,我们采用了以能力为基础的新结构Zeno。Zeno支持一个基于名称的空间能力模型,以支持大规模、多节点系统中的全球共享能力。在这项工作中,我们描述了Zeno结构,定义Zeno的安全特性,评价Zeno作为大规模能力结构的可缩放性,并用FPGA实施量硬件间接费用。
相关内容
微信扫码咨询专知VIP会员