File Download
There are no files associated with this item.
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Bedrock: Programmable Network Support for Secure RDMA Systems
| Title | Bedrock: Programmable Network Support for Secure RDMA Systems |
|---|---|
| Authors | |
| Issue Date | 2022 |
| Citation | Proceedings of the 31st Usenix Security Symposium Security 2022, 2022, p. 2585-2600 How to Cite? |
| Abstract | Remote direct memory access (RDMA) has gained popularity in cloud datacenters. In RDMA, clients bypass server CPUs and directly read/write remote memory. Recent findings have highlighted a host of vulnerabilities with RDMA, which give rise to attacks such as packet injection, denial of service, and side channel leakage, but RDMA defenses are still lagging behind. As the RDMA datapath bypasses CPU-based software processing, traditional defenses cannot be easily inserted without incurring performance penalty. Bedrock develops a security foundation for RDMA inside the network, leveraging programmable data planes in modern network hardware. It designs a range of defense primitives, including source authentication, access control, as well as monitoring and logging, to address RDMA-based attacks. Bedrock does not incur software overhead to the critical datapath, and delivers native RDMA performance in data transfers. Moreover, Bedrock operates transparently to legacy RDMA systems, without requiring RNIC, OS, or RDMA library changes. We present a comprehensive set of experiments on Bedrock and demonstrate its effectiveness. |
| Persistent Identifier | http://hdl.handle.net/10722/363760 |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Xing, Jiarong | - |
| dc.contributor.author | Hsu, Kuo Feng | - |
| dc.contributor.author | Qiu, Yiming | - |
| dc.contributor.author | Yang, Ziyang | - |
| dc.contributor.author | Liu, Hongyi | - |
| dc.contributor.author | Chen, Ang | - |
| dc.date.accessioned | 2025-10-10T07:49:09Z | - |
| dc.date.available | 2025-10-10T07:49:09Z | - |
| dc.date.issued | 2022 | - |
| dc.identifier.citation | Proceedings of the 31st Usenix Security Symposium Security 2022, 2022, p. 2585-2600 | - |
| dc.identifier.uri | http://hdl.handle.net/10722/363760 | - |
| dc.description.abstract | Remote direct memory access (RDMA) has gained popularity in cloud datacenters. In RDMA, clients bypass server CPUs and directly read/write remote memory. Recent findings have highlighted a host of vulnerabilities with RDMA, which give rise to attacks such as packet injection, denial of service, and side channel leakage, but RDMA defenses are still lagging behind. As the RDMA datapath bypasses CPU-based software processing, traditional defenses cannot be easily inserted without incurring performance penalty. Bedrock develops a security foundation for RDMA inside the network, leveraging programmable data planes in modern network hardware. It designs a range of defense primitives, including source authentication, access control, as well as monitoring and logging, to address RDMA-based attacks. Bedrock does not incur software overhead to the critical datapath, and delivers native RDMA performance in data transfers. Moreover, Bedrock operates transparently to legacy RDMA systems, without requiring RNIC, OS, or RDMA library changes. We present a comprehensive set of experiments on Bedrock and demonstrate its effectiveness. | - |
| dc.language | eng | - |
| dc.relation.ispartof | Proceedings of the 31st Usenix Security Symposium Security 2022 | - |
| dc.title | Bedrock: Programmable Network Support for Secure RDMA Systems | - |
| dc.type | Conference_Paper | - |
| dc.description.nature | link_to_subscribed_fulltext | - |
| dc.identifier.scopus | eid_2-s2.0-85140978460 | - |
| dc.identifier.spage | 2585 | - |
| dc.identifier.epage | 2600 | - |