| GPU虚拟化技术及其安全问题综述 |
| |
| 作者姓名: | 吴再龙 王利明 徐震 李宏佳 杨婧 |
| |
| 作者单位: | 中国科学院信息工程研究所 北京 中国 100093;中国科学院大学 网络空间安全学院 北京 中国 100049 |
| |
| 基金项目: | 本课题得到国家重点研发计划(No.2017YFB101000)资助。 |
| |
| 摘 要: | 人工智能与各行业全面融合的浪潮方兴未艾,促使传统云平台拥抱以图形处理器(GPU)为代表的众核体系架构.为满足不同租户对于机器学习、深度学习等高密度计算的需求,使得传统云平台大力发展GPU虚拟化技术.安全作为云平台GPU虚拟化应用的关键环节,目前鲜有系统性的论述.因此,本文围绕云平台GPU虚拟化安全基本问题——典型GPU...
|
| 关 键 词: | GPU虚拟化安全 GPU安全 GPU虚拟化 云计算安全 安全需求 |
| 收稿时间: | 2019/9/19 0:00:00 |
| 修稿时间: | 2019/11/21 0:00:00 |
GPU Virtualization Technology and Security Issues:A Survey |
| |
| Authors: | Wu Zailong Wang Liming Xu Zhen Li hongji Yang Jing |
| |
| Affiliation: | Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China |
| |
| Abstract: | The wave of the integration of artificial intelligence and various industries is emerging, prompting the traditional public cloud provider to embrace the Heterogeneous Computing System, especially Graphics Processing Unit (GPU), a many-core computing architecture who can provides several times floating point computing power of the Central Processing Unit(CPU). Meanwhile, to meet the demands of multi-tenant scenario for high-density computing, such as machine learning and deep learning, GPU virtualization technology can make multi-tenant sharing GPU possible, which has attracted great attention from academia and industries. However, there is still lack of a systematic exposition on the security of GPU virtualization that is the key to pratical applications. Thus motivated, we raise two fundemetnal questions of GPU virtualization security in public cloud: the potential security threats brought by typical GPU virtualization technology, as well as the security requirements of GPU virtualization and the evolution trends of security protection technology. To answer these two questions, we first illustrate the typical GPU architecture, the virtualization methods of GPU and their security mechanisms, and introduce the attack methods of side channel, covert channel and memory spill for existing GPU virtualization methods. Then, we digest the potential security threats to public cloud brought by GPU virtualization, and summarize the corresponding security requirements for GPU virtualization. Finally, we propose five research directions of the security of GPU virtualization, namely, collaborative isolation of computing and memory resources which can make sure the performance isolation between GPU tasks of mutliple tenants, GPU task behavior perception which can inspect the running malware on the GPU, secure scheduling of GPU tasks to ensure program and resource correspondence, multi-layer joint attack blocking, and GPU associated information desensitization. We hope this survey can provide some helpful references for the progress and application of the security technology of GPU virtualization in public cloud. |
| |
| Keywords: | GPU virtualization security GPU virtualization GPU security cloud computing security security requirements |
| 本文献已被 维普 等数据库收录! |
| 点击此处可从《》浏览原始摘要信息 |
|
点击此处可从《》下载全文 |
|
