3.8 Proceedings Paper

Secure Hardware Kernels Execution in CPU plus FPGA Heterogeneous Cloud

出版社

IEEE COMPUTER SOC
DOI: 10.1109/FPT.2018.00035

关键词

Field Programmable Gate Arrays (FPGAs); FPGA VirtIO; vHost vSock; Kernel-based Virtualization (KVM); Secure heterogeneous systems; Secure IP Execution

向作者/读者索取更多资源

In this paper, we present a new security framework which allows controlled sharing and isolated execution of mutually distrusted FPGA-accelerators in heterogeneous cloud systems. The proposed framework enables the accelerators running in FPGAs in cloud computers to transparently inherit at run-time, software security policies of the virtual machines processes calling them. This capability allows system security policies enforcement mechanism to propagate access control privilege boundaries expressed at the hypervisor level, down to individual FPGA-accelerators. Furthermore, we present a software/hardware prototype implementation of the proposed security framework, showing that it can easily be transparently integrated within the virtual machine software stacks that run in today's cloud-based systems. Experimentation results show our proposed framework provides secure hardware execution with negligible execution overhead on guest VMs applications.

作者

我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。

评论

主要评分

3.8
评分不足

次要评分

新颖性
-
重要性
-
科学严谨性
-
评价这篇论文

推荐

暂无数据
暂无数据