Home Publications Research Grants Inventions & Patents Awards Additional Research Activities Faculties & Institutions Research Areas

Protecting secrets of persistent systems with volatility

Sartakov VA, Kapitza R, Kapitza R (2019)

---

Publication Type: Conference contribution

Publication year: 2019

Publisher: Institute of Electrical and Electronics Engineers Inc.

Pages Range: 89-96

Conference Proceedings Title: Proceedings - 2019 15th European Dependable Computing Conference, EDCC 2019

Event location: Naples, ITA

ISBN: 9781728139296

DOI: 10.1109/EDCC.2019.00027

Abstract

The volatility of main memory and CPU caches is an important implicit protection mechanism for sensitive data: in-memory data gets erased if memory modules are disconnected from power supply. Persistent systems, on the other hand, cannot rely on volatility and without further measures their secrets can be easily retrieved by physical access. In this paper, we present Volatility, a system which protects secrets stored in persistent memory. This system provides mechanisms which turn persistent sub-systems into volatile ones by the use of AMD Secure Memory Encryption (SME), a new extension of AMD CPUs which provides encryption of main memory at the page granularity. Volatility protects secrets at two levels: it offers fine-grained memory encryption inside the kernel, where only information considered as sensitive is secured, and per-process memory encryption, which encrypts selected user space programs. Besides storing subsystems in an encrypted form, all relevant input and output paths, e.g. managed by the kernel, are protected as well. Our evaluation of Volatility demonstrates that the proposed protection mechanism does not impact the system performance, while protecting against strong adversaries.

Authors with CRIS profile

Involved external institutions

How to cite

APA:

Sartakov, V.A., Kapitza, R., & Kapitza, R. (2019). Protecting secrets of persistent systems with volatility. In Proceedings - 2019 15th European Dependable Computing Conference, EDCC 2019 (pp. 89-96). Naples, ITA: Institute of Electrical and Electronics Engineers Inc..

MLA:

Sartakov, Vasily A., Rüdiger Kapitza, and Rüdiger Kapitza. "Protecting secrets of persistent systems with volatility." Proceedings of the 15th European Dependable Computing Conference, EDCC 2019, Naples, ITA Institute of Electrical and Electronics Engineers Inc., 2019. 89-96.

BibTeX: Download