期刊文献+

一种基于软硬件协同的程序安全关键数据动态保护机制 被引量:1

A dynamic mechanism of critical data protection based on hardware-software cooperation
下载PDF
导出
摘要 针对内存和片外总线可能遭受的物理攻击,为保护内存数据安全,提出了一种基于软硬件协同的程序安全关键数据动态保护机制,提取用户定义的安全关键数据放置于安全区域,并且采用动态完整性验证的方式来判断其是否遭到篡改。与传统的程序内存数据保护机制相比,该机制具备能够预防基于硬件及软件的攻击、节约片上和片外存储空间、完整性运算量小、安全效能高等优点。 In response to the physical attacks on the internal storage and off-chip bus so as to ensure the safety of stored data, we propose a dynamic mechanism of critical data protection based on hardwaresoftware cooperation, which can extract user-defined key safety data, store them into the key safety area, and adopt dynamic integrity verification to examine whether the data has been tampered. Compared with the traditional way of protecting program memory data, the proposed method has the advantage of preventing attacks on the hardware and software, saving on-chip and off-chip memory, reducing the processing time and enhancing the safety performance.
出处 《计算机工程与科学》 CSCD 北大核心 2016年第2期249-254,共6页 Computer Engineering & Science
基金 国家自然科学基金(61402501)
关键词 程序 安全关键数据 软硬件协同 动态保护 program critical safety data hardware-software cooperation dynamic protection
  • 相关文献

参考文献8

  • 1Kocher P,Lee R B, McGraw G,et al. Security as a new di- mension in embedded system design[C]//Proe of the Design Automation Conference (DAC), 2004 : 753-760.
  • 2Suh G E. AEGIS: A singleTchip secure processor [D]. Cam bridge: Massachusetts Institute of Technology, 2005.
  • 3Elbaz R. Hardware mechanisms for secured processor memo- ry transactions in embedded systems [D]. Montpellier: Uni- versity of Montpellier,2006.
  • 4Due G, Keryell R. Cryptopage: An efficient secure architec- ture with memory encryption,integrity and information leak- age protection[C]//Proc of the 22nd Annual Computer Secu- rity Applications Conference (ACSAC),2006.
  • 5Gassend B,Suh G E,Clarke D,et al. Caches and merkle trees for efficient memory integrity verification[C]//Proc of the 9th International Symposium on High Performance Computer Architecture, 2003 : 1.
  • 6Hall W E,Jutla C S. Parallelizable authentication trees[C]// Proc of Cryptology ePrint Archive, 2002 : 1.
  • 7Hall W E,Jutla C S. Parallelizable authentication tree for ran- dom access storage. U. S. Patent No. 2004/0107341 AI[P]. 2004.
  • 8Elbaz R, Champagne D, Lee R B, et al. Tec-t ree : A low-cost, paraIIelizable tree for efficient defense against memory replay attacks[C] ff Proc of the 9th International Workshop on Cryptographic Hardware and Embedded Systems, 2007 : 289- 302.

同被引文献9

引证文献1

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部