1,720,965 research outputs found
Ensuring microarchitectural isolation in processors
No full textLes processeurs sont des composants électroniques omniprésents dans notre quotidien. On en retrouve dans nos téléphones, nos ordinateurs, les serveurs internet etc. Ils sont notamment responsables de l'exécution des calculs et ont donc accès aux données du système. Depuis de nombreuses années, des travaux ont montré des problèmes d'isolation entre les utilisateurs d'un même processeur. En exécutant du code, il devient possible pour un attaquant d'influer sur l'exécution ou de retrouver des informations d'un autre utilisateur. Cette menace s'est amplifiée jusqu'à la découverte en 2018 de Spectre et Meltdown, des attaques complexes et affectant une grande majorité des processeurs modernes. Cette thèse vise à repenser la conception des processeurs pour mettre en place efficacement de nouvelles contraintes de sécurité. Elle s'intéresse plus particulièrement à la mise en place de protections contre les attaques par variations temporelles. Le premier axe exploré est le rôle du jeu d'instructions. Initialement, celui-ci a principalement un rôle fonctionnel: il définit les instructions utilisables par le logiciel et réalisées par le matériel. Il représente l'interface entre ces deux mondes. En le modifiant, il devient donc possible pour le logiciel d'indiquer ses contraintes de sécurité au matériel qui doit alors s'adapter. La stratégie adoptée dans cette thèse est la contextualisation, qui permet d'associer temporellement et spatialement chaque information à un domaine de sécurité. Le second axe exploré est la modification de la microarchitecture du processeur elle-même. À partir des informations reçues, le matériel doit être capable de respecter les contraintes de sécurité. Des principes de conception génériques ont donc été définis pour modifier les mécanismes internes du processeur, et notamment la gestion des ressources partagées. Ils s'articulent autour de trois méthodes: allocation statique des ressources, partitionnement et effacement des traces. Pour évaluer ces principes, deux processeurs ont été modifiés. Ils implémentent différents mécanismes susceptibles de générer des fuites d'informations. Les résultats montrent que cette approche est efficace pour isoler des exécutions différentes sur un processeur. Dans le cas du partage simultané du processeur, on observe un compromis au niveau des implémentations possibles entre les performances visées et le coût des mécanismes utilisés. La suite de ces travaux concerne l'étude de ce compromis au niveau matériel, mais aussi l'adaptation du logiciel à ce nouveau jeu d'instructions.Processors are electronic components omnipresent in our daily lives. They are in our smartphones, computers, web servers etc. Processors are responsible for executing the different operations and then have access to system data. For many years, studies have shown the isolation issue between users of the same processor. By executing code, it becomes possible for an attacker to influence the execution or recover information from another user. This threat has grown until the discovery in 2018 of Spectre and Meltdown, complex attacks targeting the most modern processors. This thesis aims to rethink processor designs to efficiently implement security constraints. It particularly focuses on the implementation of protections against timing attacks. The first explored axis is the role of the instruction set. Initially, it mainly has a functional role: it defines the instructions usable by the software and implemented by the hardware. It represents the interface between these two worlds. Its modification can allow a communication between hardware and software about security. The strategy developed in this thesis is the use of contextualisation, allowing each piece of information to be associated temporally and spatially to a security domain. The second axis is the modification of the processor microarchitecture itself. Based on the information received, the hardware must be able to respect the security constraints. Generic design principles have been defined to modify the processor's internal mechanisms, and particularly shared resources. They are based on three methods: static allocation, partitioning and flush. To evaluate these principles, two processors are modified. They implement different mechanisms that can generate information leakage. The results show that this approach is efficient to isolate different executions on the same processor. For the simultaneous sharing of the processor, a trade-off must be considered between performances and the cost of the implemented mechanisms. Future works should aim at studying this compromise at the hardware level, but also the adaptation of the software to this new instruction set
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Garantir l’isolation microarchitecturale des processeurs
No full textProcessors are electronic components omnipresent in our daily lives. They are in our smartphones, computers, web servers etc. Processors are responsible for executing the different operations and then have access to system data. For many years, studies have shown the isolation issue between users of the same processor. By executing code, it becomes possible for an attacker to influence the execution or recover information from another user. This threat has grown until the discovery in 2018 of Spectre and Meltdown, complex attacks targeting the most modern processors. This thesis aims to rethink processor designs to efficiently implement security constraints. It particularly focuses on the implementation of protections against timing attacks. The first explored axis is the role of the instruction set. Initially, it mainly has a functional role: it defines the instructions usable by the software and implemented by the hardware. It represents the interface between these two worlds. Its modification can allow a communication between hardware and software about security. The strategy developed in this thesis is the use of contextualisation, allowing each piece of information to be associated temporally and spatially to a security domain. The second axis is the modification of the processor microarchitecture itself. Based on the information received, the hardware must be able to respect the security constraints. Generic design principles have been defined to modify the processor's internal mechanisms, and particularly shared resources. They are based on three methods: static allocation, partitioning and flush. To evaluate these principles, two processors are modified. They implement different mechanisms that can generate information leakage. The results show that this approach is efficient to isolate different executions on the same processor. For the simultaneous sharing of the processor, a trade-off must be considered between performances and the cost of the implemented mechanisms. Future works should aim at studying this compromise at the hardware level, but also the adaptation of the software to this new instruction set.Les processeurs sont des composants électroniques omniprésents dans notre quotidien. On en retrouve dans nos téléphones, nos ordinateurs, les serveurs internet etc. Ils sont notamment responsables de l'exécution des calculs et ont donc accès aux données du système. Depuis de nombreuses années, des travaux ont montré des problèmes d'isolation entre les utilisateurs d'un même processeur. En exécutant du code, il devient possible pour un attaquant d'influer sur l'exécution ou de retrouver des informations d'un autre utilisateur. Cette menace s'est amplifiée jusqu'à la découverte en 2018 de Spectre et Meltdown, des attaques complexes et affectant une grande majorité des processeurs modernes. Cette thèse vise à repenser la conception des processeurs pour mettre en place efficacement de nouvelles contraintes de sécurité. Elle s'intéresse plus particulièrement à la mise en place de protections contre les attaques par variations temporelles. Le premier axe exploré est le rôle du jeu d'instructions. Initialement, celui-ci a principalement un rôle fonctionnel: il définit les instructions utilisables par le logiciel et réalisées par le matériel. Il représente l'interface entre ces deux mondes. En le modifiant, il devient donc possible pour le logiciel d'indiquer ses contraintes de sécurité au matériel qui doit alors s'adapter. La stratégie adoptée dans cette thèse est la contextualisation, qui permet d'associer temporellement et spatialement chaque information à un domaine de sécurité. Le second axe exploré est la modification de la microarchitecture du processeur elle-même. À partir des informations reçues, le matériel doit être capable de respecter les contraintes de sécurité. Des principes de conception génériques ont donc été définis pour modifier les mécanismes internes du processeur, et notamment la gestion des ressources partagées. Ils s'articulent autour de trois méthodes: allocation statique des ressources, partitionnement et effacement des traces. Pour évaluer ces principes, deux processeurs ont été modifiés. Ils implémentent différents mécanismes susceptibles de générer des fuites d'informations. Les résultats montrent que cette approche est efficace pour isoler des exécutions différentes sur un processeur. Dans le cas du partage simultané du processeur, on observe un compromis au niveau des implémentations possibles entre les performances visées et le coût des mécanismes utilisés. La suite de ces travaux concerne l'étude de ce compromis au niveau matériel, mais aussi l'adaptation du logiciel à ce nouveau jeu d'instructions
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
PowerSecBench: reveal microarchitectural power leakages using generic RISC-V microbenchmarks
No full textInternational audiencePower side-channel attacks exploit variations in power consumption to recover sensitive information. To design secure systems, we must consider all the leakage sources to ensure that attackers cannot exploit any weakness. However, they can greatly vary between different processor microarchitectures and their internal mechanisms. Particularly, with the growing interest in the open-source RISC-V ISA and its numerous implementations, generic tools and strategies become essential to finely evaluate the security offered by each system.In this paper we present PowerSecBench, a software environment to evaluate power leakages on RISC-V processors. Starting from a range of various in-order implementations, from single-cycle to superscalar designs, we show how PowerSecBench allows characterizing leakages in each of them considering both value-and transition-based leakages. It uses a set of configurable microbenchmarks to test the different microarchitectural features. By simply executing them on both simulated and real FPGA targets, it becomes possible to identify most of the hardware sources, as well as consider physical parameters. Finally, we show that PowerSecBench can also be used to study the impact and limitations of protection strategies, such as pure software fences
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
PowerSecBench: reveal microarchitectural power leakages using generic RISC-V microbenchmarks
No full textInternational audiencePower side-channel attacks exploit variations in power consumption to recover sensitive information. To design secure systems, we must consider all the leakage sources to ensure that attackers cannot exploit any weakness. However, they can greatly vary between different processor microarchitectures and their internal mechanisms. Particularly, with the growing interest in the open-source RISC-V ISA and its numerous implementations, generic tools and strategies become essential to finely evaluate the security offered by each system.In this paper we present PowerSecBench, a software environment to evaluate power leakages on RISC-V processors. Starting from a range of various in-order implementations, from single-cycle to superscalar designs, we show how PowerSecBench allows characterizing leakages in each of them considering both value-and transition-based leakages. It uses a set of configurable microbenchmarks to test the different microarchitectural features. By simply executing them on both simulated and real FPGA targets, it becomes possible to identify most of the hardware sources, as well as consider physical parameters. Finally, we show that PowerSecBench can also be used to study the impact and limitations of protection strategies, such as pure software fences
- …
