Posted on Friday, October 19 2018 @ 11:34 CEST by Thomas De MaesschalckDAWG isn't fully developed yet, the current technique doesn't offer protection against the full spectrum of currently-known attacks, but MIT is confident it will be able to do so with further work. Interestingly, DAWG promises minimal performance impact.
The team's work builds on Intel's Cache Allocation Technology (CAT), introduced in 2016 to improve security but which failed to go far enough to prevent Spectre and Meltdown. Playfully dubbed DAWG, somewhat awkwardly backronymed as 'Dynamically Allocated Way Guard', the system provides a method to completely isolate each program thread from others - and, crucially, has a minimal performance impact above that of CAT while requiring only minor modifications to the underlying operating system to implement.
'We think this is an important step forward in giving computer architects, cloud providers and other IT professionals a better way to efficiently and dynamically allocate resources,' claims lead author Vladimir Kiriansky. 'It establishes clear boundaries for where sharing should and should not happen, so that programs with sensitive information can keep that data reasonably secure.'
Via: Bit Tech
