1. Forum
  2. FidoNet
  3. EARTH

  • New technique offers faster security for

    From ScienceDaily@1:317/3 to All on Tue Apr 5 22:30:38 2022
    New technique offers faster security for non-volatile memory tech

    Date:
    April 5, 2022
    Source:
    North Carolina State University
    Summary:
    Researchers have developed a technique that leverages hardware
    and software to improve file system security for next-generation
    memory technologies called non-volatile memories (NVMs). The new
    encryption technique also permits faster performance than existing
    software security technologies.



    FULL STORY ========================================================================== Researchers have developed a technique that leverages hardware and
    software to improve file system security for next-generation memory technologies called non-volatile memories (NVMs). The new encryption
    technique also permits faster performance than existing software security technologies.


    ========================================================================== "NVMs are an emerging technology that allows rapid access to the
    data, and retains data even when a system crashes or loses power,"
    says Amro Awad, senior author of a paper on the work and an assistant
    professor of electrical and computer engineering at North Carolina
    State University. "However, the features that give NVMs these attractive characteristics also make it difficult to encrypt files on NVM devices --
    which raises security concerns. We've developed a way to secure files on
    NVM devices without sacrificing the speed that makes NVMs attractive."
    "Our technique allows for file-level encryption in fast NVM memories,
    while cutting the related execution time significantly," says Kazi Abu
    Zubair, first author of the paper and a Ph.D. student at NC State.

    Traditionally, computers use two types of data storage. Dynamic random
    access memory (DRAM) allows quick access to stored data, but will lose
    that data if the system crashes. Long-term storage technologies, such as
    hard drives, are good at retaining data even if a system loses power --
    but store the data in a way that makes it slower to access.

    NVMs combine the best features of both technologies. However, securing
    files on NVM devices can be challenging.

    Existing methods for file system encryption use software, which is not particularly fast. Historically, this wasn't a problem because the
    technologies for accessing file data from long-term storage devices
    weren't particularly fast either.



    ==========================================================================
    "But now that NVMs are allowing faster access to file data, the software approach to file encryption has become a problem, because it slows down
    overall operations," Abu Zubair says.

    "To address this challenge, we've developed a novel architecture that incorporates some elements of the encryption and decryption process into hardware, which is faster than software. As a result, processes that
    allow users to store and retrieve file data securely are significantly
    faster." In simulations, the researchers found that using their novel encryption architecture to secure files in NVMs slowed down operations
    by 3.8%, when running workloads that were representative of real-world applications. When using software approaches to provide security for
    the same workloads, operations slowed by about 200%.

    "If this was implemented in commercial processors, it would significantly improve performance for secure file operation in large data centers and
    cloud systems," Abu Zubair says.

    "While this work addresses file encryption, we think it is important
    to assess other security functions -- such as auditing and run-time
    ransomware detection -in the context of direct access file systems," says
    Awad. "And addressing those security functions using traditional software approaches can also slow system performance. We're optimistic that our
    hybrid hardware/software approach may be able to improve performance for
    those functions as well -- that's an area we're exploring." The paper, "Filesystem Encryption or Direct-Access for NVM Filesystems? Let's
    Have Both!," will be presented April 5 at the 28th IEEE International
    Symposium on High-Performance Computer Architecture (HPCA-22). The paper
    was co-authored by David Mohaisen of the University of Central Florida.

    The work was done with support from the National Science Foundation
    under grant 1814417.


    ========================================================================== Story Source: Materials provided by
    North_Carolina_State_University. Original written by Matt Shipman. Note: Content may be edited for style and length.


    ==========================================================================


    Link to news story: https://www.sciencedaily.com/releases/2022/04/220405102846.htm

    --- up 5 weeks, 1 day, 10 hours, 50 minutes
    * Origin: -=> Castle Rock BBS <=- Now Husky HPT Powered! (1:317/3)