SGX-SSD: A Policy-based Versioning SSD with Intel SGX
This addresses security vulnerabilities in storage systems for users of versioning SSDs, though it is an incremental improvement building on existing SGX technology.
The paper tackles data tampering attacks on versioning SSDs by proposing SGX-SSD, a system that uses Intel SGX to selectively preserve file history based on policies, ensuring integrity for important files while saving space.
This paper demonstrates that SSDs, which perform device-level versioning, can be exposed to data tampering attacks when the retention time of data is less than the malware's dwell time. To deal with that threat, we propose SGX-SSD, a SGX-based versioning SSD which selectively preserves file history based on the given policy. The proposed system adopts Intel SGX to implement the version policy management system that is safe from high-privileged malware. Based on the policy, only the necessary data is selectively preserved in SSD that prevents files with less priority from wasting space and also ensures the integrity of important files.