Can We Improve Energy Efficiency of Secure Disk Systems without Modifying Security Mechanisms? Xiaojun Ruan, Adam Manzanares, Shu Yin and Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin [email protected]
Improve energy efficiency of secure disk systems - nas09
Nov 19, 2014
Improving energy efficiency of security-aware storage systems is challenging, because security and energy efficiency are often two conflicting goals. The first step toward making the best tradeoffs between high security and energy efficiency is to profile encryption algorithms to decide if storage systems would be able to produce energy savings for security mechanisms. We are focused on encryption algorithms rather than other types of security services, because encryption algorithms are usually computation-intensive. In this study, we used the XySSL libraries and profiled operations of several test problems using Conky - a lightweight system monitor that is highly configurable. Using our profiling techniques we concluded that although 3DES is much slower than AES encryption,it more likely to save energy in security-aware storage systems using 3DES than AES. The CPU is the bottleneck in 3DES, allowing us to take advantage of dynamic power management schemes to conserve energy at the disk level.After profiling several hash functions, we noticed that the CPU is not the bottleneck for any of these functions,indicating that it is difficult to leverage the dynamic power management technique to conserve energy of a single disk where hash functions are implemented for integrity checking.
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Can We Improve Energy Efficiency of Secure Disk Systems without Modifying Security
Mechanisms?
Xiaojun Ruan, Adam Manzanares, Shu Yin and Xiao Qin
Auburn Universityhttp://www.eng.auburn.edu/~xqin
2 04/08/23
IntroductionIntroduction
04/08/23
IntroductionIntroduction
404/08/23
IntroductionIntroduction
Proposed Architecture
• Write requestsWrite requests • Read requestsRead requests • Data movementData movement • Power Power
ManagementManagement
Disk 1 Disk 2 Disk 3 Disk 4 Disk 5
Buffer Disks
RAM BufferRAM Buffer Buffer Disk Controller
Buffer Disk ControllerDisk RequestsDisk Requests
Security vs. Power Consumption
ACM Transactions on Information and System Security, Vol. 9, No. 2, May 2006.
R. CHANDRAMOULI et. al
Improve both Energy Efficiency and Security: Approach 1
• To improve the energy efficiency of security To improve the energy efficiency of security mechanisms in disk systems mechanisms in disk systems
Security Mechanisms
Improve Energy
Efficiency
Improve both Energy Efficiency and Security: Approach 2
• To integrate conventional security services To integrate conventional security services with energy-efficient disk architectures.with energy-efficient disk architectures.
Security Mechanisms
Energy Conservation Schemes
Table 1 System Parameters of the Testbed
CPU SpeedPentium 4 2.4 GHZ
Memory 512 MB
Operating System Ubuntu 7.10
USB 1.1 12 Mb/s
HD Bus IDE
XysslXyssl
• Implements many popular encryption Implements many popular encryption algorithmsalgorithms
• Provides sample programsProvides sample programs• Allowed us to develop software based Allowed us to develop software based
on the sample programson the sample programs
ConkyConky
• Lightweight system monitorLightweight system monitor• Highly configurableHighly configurable• Simple text configuration fileSimple text configuration file
ConkyConky
Testbed InformationTestbed Information
• Encryption AlgorithmsEncryption Algorithms• 3DES3DES• AESAES
• Hash FunctionsHash Functions• MD5MD5• SHA-1SHA-1• SHA-256SHA-256
• RSA Signature VerificationRSA Signature Verification
Possible BottlenecksPossible Bottlenecks
Receive
Encrypt or Verify
Store
Flash Drive (Network)
CPU
Hard Disk
Experiment ResultsExperiment Results
• MD5 VerificationMD5 Verification
Experiment ResultsExperiment Results
• MD5 VerificationMD5 Verification
Experiment ResultsExperiment Results
• SHA-1 VerificationSHA-1 Verification
Experiment ResultsExperiment Results
• SHA-1 VerificationSHA-1 Verification
Experiment ResultsExperiment Results
• RSA VerificationRSA Verification
Experiment ResultsExperiment Results
• RSA VerificationRSA Verification
Experiment ResultsExperiment Results
• Advanced Encryption StandardAdvanced Encryption Standard
Experiment ResultsExperiment Results
• Advanced Encryption StandardAdvanced Encryption Standard
Experiment ResultsExperiment Results
• 3DES3DES
Experiment ResultsExperiment Results
• 3DES3DES
A Sample Table
CPULoad
ReadLoad
WriteLoad
Save Energy for Reads?
Save Energy for Writes?
MD5 M H M Unlikely Yes
SHA1 M VH M Unlikely Yes
SHA2 M VH M Unlikely Yes
RSA M VH M No Yes
AES VH VH M No Yes
3DES EH M L Yes Yes
ConclusionConclusion• For MD5, SHA-1, SHA-2 and RSA, the For MD5, SHA-1, SHA-2 and RSA, the
bottleneck is the reading speed due to the bottleneck is the reading speed due to the network data transmitting rate.network data transmitting rate.
• For 3DES, bottleneck is CPU, because For 3DES, bottleneck is CPU, because 3DES algorithm’s workload is very high.3DES algorithm’s workload is very high.
• There is no space to save energy for There is no space to save energy for Bottleneck components Bottleneck components
Major drawbacks of this researchMajor drawbacks of this research• Workload was not representativeWorkload was not representative
• Dedicated I/O workload.Dedicated I/O workload.• Did not consider access patterns of a single Did not consider access patterns of a single
user / multiple usersuser / multiple users
• Test bed was not representative Test bed was not representative • An emulated network environment.An emulated network environment.• Only evaluated a single disk rather than parallel Only evaluated a single disk rather than parallel
disksdisks
Download the presentation slideshttp://www.slideshare.net/xqin74
Google: slideshare Xiao Qin
Download our paper
Google: Xiao Qin
X.-J. Ruan, A. Manzanares, S. Yin, M. Nijim, and X. Qin, “Can We Improve Energy Efficiency of Secure Disk Systems without Modifying Security Mechanisms?” Proc. 4th IEEE Int'l Conf. Networking, Architecture, and Storage, July 2009.
http://www.eng.auburn.edu/~xqin/pubs/nas09.pdf
Abstract: http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5197358
QuestionsQuestions
??
Related Documents
