Data-Centric Architecture Support for Security
Iribe, Room 4105 (Zoom link: https://umd.zoom.us/j/92977540316?pwd=NVF2WTc5SS9RSjFDOGlzcENKZnNxQT09)
Modern computing is mostly bounded by data, including AI, ML, graph frameworks, and precision medicine workloads. Many new techniques are proposed to improve their performance, including memory, accelerators, cloud computing models and architecture. This talk focuses on an important, yet under-studied area: security of new data-centric techniques. Existing defenses remain process-centric, making them inefficient or incapable of supporting secure data processing in new data-centric techniques. New data-centric techniques bring new vulnerability, new consequences of security breaches, as well as opportunities for novel solutions. How to securely and efficiently use data-centric techniques requires the community to fundamentally rethink current approaches to computer security. This talk proposed data-centric security support for them. It introduces temporary exposure reduction-based protection (TERP) as a principled approach to addressing emerging persistent memory vulnerability. This approach combines memory exposure reduction with efficient address randomization via a software-hardware co-design. This talk then presents the abstraction-level innovation to the trusted execution environments (TEEs), which proposes a data enclave to decouple the protection of data from enclaves, addressing fundamental limitations of current TEEs. The talk concludes with some future directions on improving security in applications, new hardware, and cloud computing models and architectures.