KVSEV: A Secure In-Memory Key-Value Store with Secure Encrypted Virtualization
- Authors
- You, Junseung; Lee, Kyeongryong; Moon, Hyungon; Cho, Yeongpil; Paek, Yunheung
- Issue Date
- Oct-2023
- Publisher
- Association for Computing Machinery, Inc
- Keywords
- Confidential computing; Key-value store; Secure Encrypted Virtualization; Trusted execution environments
- Citation
- SoCC 2023 - Proceedings of the 2023 ACM Symposium on Cloud Computing, pp 233 - 248
- Pages
- 16
- Indexed
- SCOPUS
- Journal Title
- SoCC 2023 - Proceedings of the 2023 ACM Symposium on Cloud Computing
- Start Page
- 233
- End Page
- 248
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/193245
- DOI
- 10.1145/3620678.3624658
- Abstract
- AMD’s Secure Encrypted Virtualization (SEV) is a hardware-based Trusted Execution Environment (TEE) designed to secure tenants’ data on the cloud, even against insider threats. The latest version of SEV, SEV-Secure Nested Paging (SEV-SNP), offers protection against most well-known attacks such as cold boot and hypervisor-based attacks. However, it remains susceptible to a specific type of attack known as Active DRAM Corruption (ADC), where attackers manipulate memory content using specially crafted memory devices. The in-memory key-value store (KVS) on SEV is a prime target for ADC attacks due to its critical role in cloud infrastructure and the predictability of its data structures. To counter this threat, we propose KVSEV, an in-memory KVS resilient to ADC attacks. KVSEV leverages SNP’s Virtual Machine Management (VMM) and attestation mechanism to protect the integrity of key-value pairs, thereby securing the KVS from ADC attacks. Our evaluation shows that KVSEV secures in-memory KVSs on SEV with a performance overhead comparable to other secure in-memory KVS solutions. © 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM.
- Files in This Item
-
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/193245)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.