LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V
文献类型:期刊论文
| 作者 | Pan, Shangjie1,2,4; Yang, Yinghao1,2,4; Peng, Xuanyao1,4; Zhao, Xiquan2; Du, Dong3; Lu, Hang1,2,4; Xia, Yubin3; Li, Xiaowei1,2,4 |
| 刊名 | IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS
 |
| 出版日期 | 2026 |
| 卷号 | 45期号:1页码:533-546 |
| 关键词 | Cryptography Security Cloud computing Scalability Protection Memory management Hardware Communication systems Software Program processors Communication memory isolation RISC-V trusted execution environment (TEE) |
| ISSN号 | 0278-0070 |
| DOI | 10.1109/TCAD.2025.3575014 |
| 英文摘要 | The Trusted Execution Environment (TEE) has been widely implemented by modern hardware vendors to protect security and privacy-sensitive applications and data, such as Intel SGX/TDX, ARM TrustZone, AMD SEV, and RISC-V Penglai. However, existing TEE systems face challenges in balancing memory isolation among security, performance, and scalability requirements. Segment-based memory isolation mechanisms, like RISC-V PMP, struggle to scale effectively to the large number of segments needed for confidential cloud and data center environments. On the other hand, table-based isolation methods, such as page tables, combine address translation with memory protection, leading to inefficient cross-enclave communication and potential security vulnerabilities like Rowhammer attacks.This article introduces a novel TEE system, LayerTEE, which decouples memory protection (to segments) from address translation (to page tables). This design improves communication performance by dynamically adjusting memory protection capabilities, without sacrificing application compatibility. LayerTEE enhances enclave security and scalability by designing a multilayer segment-based isolation mechanism. We have built a prototype of LayerTEE based on FPGA, incorporating hardware extensions and software support. The evaluation demonstrates that LayerTEE significantly surpasses existing TEE solutions, achieving three orders of magnitude lower communication latency and 10x greater scalability while maintaining robust security guarantees. |
| 资助项目 | National Natural Science Foundation of China[62172387] ; CCF-Phytium Fund 2023 |
| WOS研究方向 | Computer Science ; Engineering |
| 语种 | 英语 |
| WOS记录号 | WOS:001661120300016 |
| 出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/42903]  |
| 专题 | 中国科学院计算技术研究所 |
| 通讯作者 | Yang, Yinghao; Lu, Hang |
| 作者单位 | 1.Univ Chinese Acad Sci, Beijing 100190, Peoples R China 2.Zhongguancun Lab, Beijing 100194, Peoples R China 3.Shanghai Jiao Tong Univ, Inst Parallel & Distributed Syst, Shanghai 200240, Peoples R China 4.Chinese Acad Sci, Inst Comp Technol, SKLP, Beijing 100045, Peoples R China |
| 推荐引用方式 GB/T 7714 | Pan, Shangjie,Yang, Yinghao,Peng, Xuanyao,et al. LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V[J]. IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS,2026,45(1):533-546. |
| APA | Pan, Shangjie.,Yang, Yinghao.,Peng, Xuanyao.,Zhao, Xiquan.,Du, Dong.,...&Li, Xiaowei.(2026).LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V.IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS,45(1),533-546. |
| MLA | Pan, Shangjie,et al."LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V".IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS 45.1(2026):533-546. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。