Adaptive security management of real-time storage applications over NAND based storage systems

Wei Jiang, Yue Ma, Xia Zhang, Xupeng Wang, Zili Shao

Research output: Journal article publicationJournal articleAcademic researchpeer-review

3 Citations (Scopus)

Abstract

Abstract Embedded devices are much easier to be stolen or lost due to the characteristics of mobility and less caring, which may result in the information disclosure and privacy loss without any security protection of critical data. With the advantages of low cost and fast access speed, non-volatile memories (NVMs) like NAND flash memory have become a critical component in building security-critical real-time embedded devices. Therefore, to improve the security protection of NVM-based embedded systems becomes a great challenge. In this paper, we are interested in online optimization of security-sensitive storage applications over modern NVM-based embedded systems, whose workloads are unpredictable but have explicit timing constraint and certain security constraint. Sensitive data must be stored before a specific deadline, otherwise it will lose its validity. To address these challenges, this paper presents a Feedback Vulnerability and Utilization Control (FVUC) mechanism. FVUC employs two proportional-integral controllers, the Utilization Controller and the Vulnerability Controller, to build a big feedback loop which dynamically monitors the system run-time status as well as decides how many flash pages would be encrypted by a cryptography service. Relied on the accurate model and design, FVUC can make a balance between the utilization and vulnerability, and achieve a better overall performance. Based on synthetic experiments, we obtain that FVUC can fully beat other three mechanisms on the overall performance with acceptable time overhead. Equipped with proportional-integral controller, FVUC can make the system more stable than the one with only proportional controller. The proposed mechanism can be utilized to resist on-line confidential attack and even achieve the off-line privacy protection when embedded devices are lost or stolen.
Original languageEnglish
Article number1354
Pages (from-to)139-153
Number of pages15
JournalJournal of Network and Computer Applications
Volume52
DOIs
Publication statusPublished - 1 Jan 2015

Keywords

  • Feedback control
  • NAND flash memory
  • Real-time
  • Scheduling
  • Security-critical
  • Storage application

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Cite this