High-Assurance System Support through 3-D Integration
Abstract
While hardware resources, in the form of both transistors and full microprocessor cores, are now fairly abundant, economic factors continue to prevent the integration into commodity parts of specialized hardware mechanisms required for secure processing. Multi-core processors, due to their wide adoption, impressive performance, and low cost, are very attractive platforms for computation. Unfortunately, highly secure processing of sensitive information on such platforms is extremely difficult to achieve due to extensive resource sharing and the lack of strong security primitives. In this paper we propose that commodity integrated circuits, with some very minor modifications, could be enhanced with a separate silicon layer used to enforce strong isolation, reference monitoring, and other useful security properties. A separate layer, stacked using 3-D integration, allows us to decouple the function and economics of high assurance policy enforcement mechanisms from the underlying high-performance computing hardware. We describe 3-D integration, how the host layer may be modified, and as our working example, we show how the problem of cache-based side channels can be addressed by re-routing signals from the computation layer through a cache manager in the control layer.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 09, 2007
- Accession Number
- ADA482458
Entities
People
- Cynthia E. Irvine
- Jonathan Valamehr
- Ryan Kastner
- Theodore Huffmire
- Thuy Nguyen
- Timothy E. Levin
- Timothy Sherwood
Organizations
- Naval Postgraduate School