Dissertation Defense

Near Data Processing for Efficient and Trusted Systems

Shaizeen Aga

We live in a world which constantly produces data at a rate which only increases with time. Conventional processor architectures fail to process this abundant data in an efficient manner as they expend significant energy in instruction processing and moving data over deep memory hierarchies. Furthermore, to process large amounts of data in a cost effective manner, there is increased demand for remote computation. While cloud service providers have come up with innovative solutions to cater to this increased demand, the security concerns users feel for their data remains a strong impediment to their wide scale adoption.

An exciting technique in our repertoire to deal with these challenges is near-data processing. Near-data processing (NDP) is a data-centric paradigm which moves computation to where data resides. This dissertation exploits NDP to both process the data deluge we face efficiently and design low overhead secure hardware designs.

To this end, we first propose Compute Caches, a novel NDP technique which enables in-place computation in caches with simple augmentations to underlying SRAM arrays. By doing so, we turn them into massively parallel vector units, and drastically reduce on chip data movement overhead. Compute Caches significantly improve the performance and reduce energy expended for a suite of data intensive applications.

Second, this dissertation identifies security advantages of NDP. We observe that smart memory, memory with compute capability, can dramatically simplify memory bus side channel defenses. We harness logic layer in smart memory to design a memory bus side channel defense which obviates the need for expensive constructs like Oblivious RAM (ORAM) and Merkle trees, and has considerably lower overheads as compared to prior solutions.

A closely related security vulnerability to memory bus side channel is the page fault side channel. To tackle this vulnerability, this dissertation proposes Sanctuary which obfuscates page fault channel completely while supporting on-demand memory allocations to applications. For a suite of cloud applications which process sensitive data we show that page fault channel can be tackled with reasonable overheads.

Sponsored by

Satish Narayanasamy