Built-in Security Computer: Deploying Security-First Architecture Using Active Security Processor

摘要

Continually disclosed vulnerabilities reveal that traditional computer architecture lacks the consideration of security. This article proposes a security-first architecture, with an Active Security Processor (ASP) integrated to conventional computer architectures. To reduce the attack surface of ASP and improve the security of the whole system, the ASP is physically isolated from Computation Processor Units (CPU) with an asymmetric address space, which enables both ASP and CPU to run their operating system and applications independently in their own memory space. Furthermore, the ASP, which has the highest privilege (Super Root) of the whole system, possesses two advantageous features. First, the ASP can efficiently access all CPU resources and collect multi-dimensional information to monitor malicious behaviors, meanwhile, the CPU cannot access the ASP's private resources in any way. Second, instead of being scheduled by CPUs, the ASP can actively manage the security mechanisms employed in either CPUs or the ASP. Based on the security-first architecture, we introduce several typical security tasks running on ASP. With different considerations in terms of system overhead, complexity and performance, we also explore four typical system-level implementations for integrating the ASP to the security-first architecture. The first-generation ASP was designed and implemented based on the 40nm technology, and a security computer system was implemented based on it. Evaluations on this real hardware platform demonstrate that the security-first architecture can protect the system effectively with minor performance impacts on computing workloads.