IceClave: A Trusted Execution Environment for In-Storage Computing
Luyi Kang, Yuqi Xue, Weiwei Jia, Xiaohao Wang, Jongryool Kim, Changhwan Youn, Myeong Joon Kang, Hyung Jin Lim, Bruce Jacob, Jian Huang
Abstract
In-storage computing with modern solid-state drives (SSDs) enables developers to offload programs from the host to the SSD. It has been proven to be an effective approach to alleviate the I/O bottleneck. To facilitate in-storage computing, many frameworks have been proposed. However, few of them treat the in-storage security as the first citizen. Specifically, since modern SSD controllers do not have a trusted execution environment, an offloaded (malicious) program could steal, modify, and even destroy the data stored in the SSD.
Topics & Concepts
Computer scienceTrusted ComputingTrusted computing baseKey (lock)Host (biology)Direct Anonymous AttestationComputer securityTrusted Platform ModuleOperating systemSoftwareData securityMandatory access controlCloud computingTrusted Network ConnectControl (management)Embedded systemSoftware engineeringAdvanced Data Storage TechnologiesCloud Data Security SolutionsSecurity and Verification in Computing