A Brief Review on Some Architectures Providing Support for DIFT
It provides a comparative overview for researchers and practitioners in computer security, but it is incremental as it synthesizes existing work.
This survey reviews hardware architectures for Dynamic Information Flow Tracking (DIFT) to address security vulnerabilities in software and hardware systems, focusing on integrated/in-core designs and their trade-offs between security, generality, and versatility.
Dynamic Information Flow Tracking (DIFT) is a technique to track potential security vulnerabilities in software and hardware systems at run time. The last fifteen years have seen a lot of research work on DIFT, including both hardware-based and software-based implementations for different types of processor architectures. This survey briefly reviews some hardware architectures that provide DIFT support. Starting from introducing different approaches for hardware based DIFT, this survey focuses on integrated/in-core architectures. Protection schemes, including tagging system, tag propagation, and tag checking for each architecture will be discussed. The survey is organized in such a way that it illustrates the evolution of integrated DIFT architectures, each architecture tries to improve the precious proposed architectures generality/versatility weaknesses. However, improving security while providing generality and versatility is kind of trade-offs. This survey compares the architectures from different aspects to show the trade-offs clearer.