Institute of Computing Technology, Chinese Academy IR
| LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V | |
| Pan, Shangjie1,2,3; Yang, Yinghao1,2,3; Peng, Xuanyao1,2; Zhao, Xiquan3; Du, Dong4; Lu, Hang1,2,3; Xia, Yubin4; Li, Xiaowei1,2,3 | |
| 2026 | |
| 发表期刊 | IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS
 |
| ISSN | 0278-0070 |
| 卷号 | 45期号:1页码:533-546 |
| 摘要 | The Trusted Execution Environment (TEE) has been widely implemented by modern hardware vendors to protect security and privacy-sensitive applications and data, such as Intel SGX/TDX, ARM TrustZone, AMD SEV, and RISC-V Penglai. However, existing TEE systems face challenges in balancing memory isolation among security, performance, and scalability requirements. Segment-based memory isolation mechanisms, like RISC-V PMP, struggle to scale effectively to the large number of segments needed for confidential cloud and data center environments. On the other hand, table-based isolation methods, such as page tables, combine address translation with memory protection, leading to inefficient cross-enclave communication and potential security vulnerabilities like Rowhammer attacks.This article introduces a novel TEE system, LayerTEE, which decouples memory protection (to segments) from address translation (to page tables). This design improves communication performance by dynamically adjusting memory protection capabilities, without sacrificing application compatibility. LayerTEE enhances enclave security and scalability by designing a multilayer segment-based isolation mechanism. We have built a prototype of LayerTEE based on FPGA, incorporating hardware extensions and software support. The evaluation demonstrates that LayerTEE significantly surpasses existing TEE solutions, achieving three orders of magnitude lower communication latency and 10x greater scalability while maintaining robust security guarantees. |
| 关键词 | Cryptography Security Cloud computing Scalability Protection Memory management Hardware Communication systems Software Program processors Communication memory isolation RISC-V trusted execution environment (TEE) |
| DOI | 10.1109/TCAD.2025.3575014 |
| 收录类别 | SCI |
| 语种 | 英语 |
| WOS研究方向 | Computer Science ; Engineering |
| WOS类目 | Computer Science, Hardware & Architecture ; Computer Science, Interdisciplinary Applications ; Engineering, Electrical & Electronic |
| WOS记录号 | WOS:001661120300016 |
| 出版者 | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/42904 |
| 专题 | 中国科学院计算技术研究所 |
| 通讯作者 | Yang, Yinghao; Lu, Hang |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, SKLP, Beijing 100045, Peoples R China 2.Univ Chinese Acad Sci, Beijing 100190, Peoples R China 3.Zhongguancun Lab, Beijing 100194, Peoples R China 4.Shanghai Jiao Tong Univ, Inst Parallel & Distributed Syst, Shanghai 200240, Peoples R China |
| 推荐引用方式 GB/T 7714 | Pan, Shangjie,Yang, Yinghao,Peng, Xuanyao,et al. LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V[J]. IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS,2026,45(1):533-546. |
| APA | Pan, Shangjie.,Yang, Yinghao.,Peng, Xuanyao.,Zhao, Xiquan.,Du, Dong.,...&Li, Xiaowei.(2026).LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V.IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS,45(1),533-546. |
| MLA | Pan, Shangjie,et al."LayerTEE: Decoupled Memory Protection for Scalable Multilayer Communication on RISC-V".IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS 45.1(2026):533-546. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论