网络与信息安全学报2024,Vol.10Issue(2):22-46,25.DOI:10.11959/j.issn.2096-109x.2024022
RDMA协议应用及安全防护技术综述
Survey on RDMA protocol applications and security protection technologies
摘要
Abstract
The remote direct memory access(RDMA)technology,which has been effectively utilized to enhance data transfer rates and reduce CPU utilization,has played a significant role in various domains such as cross-regional data center transfers,high-performance computing,and rapid data read/write operations.However,despite its emerging status,RDMA has been lacking in widely recognized security solutions.With the expansion of RDMA applications from dedicated network environments to general Ethernet networks,the need to address the security risks faced by these applications has become imperative.A set of protective measures were established to ensure security without compromising transmission efficiency.Furthermore,the unique underlying implementation and protocol design of RDMA technology have resulted in incompatibility with existing mature security solutions and have led to the confrontation with specific security risks.The development of RDMA attack and defense technologies and the provision of security guarantees for the forthcoming widespread application of RDMA technology were elucidated The principles of RDMA technology and its implementation were proposed,with examples drawn from the InfiniBand(IB)and the RDMA over converged Ethernet(RoCE)second edition protocols.The security risks faced by RDMA applications in relevant scenarios were investigated,and a summary of the research progress in the RDMA security field over recent years was provided.Effective security solutions addressing these risks were compiled and,after their defensive capabilities were proven,a comparison of their advantages and disadvantages was conducted through theoretical analysis and experimental data.Finally,improvement plans and prospects for technological optimization in the RDMA attack and defense field were proposed.关键词
远程直接内容读写/无限带宽协议/基于以太网的RDMA协议/协议漏洞/协议防护Key words
remote direct memory access/InfiniBand protocol/RDMA over converged Ethernet/protocol vulnerability/protocol protection分类
信息技术与安全科学引用本文复制引用
刘雨蒙,唐正梁,路松峰,朱建新,刘运渠..RDMA协议应用及安全防护技术综述[J].网络与信息安全学报,2024,10(2):22-46,25.基金项目
2023年湖北省重大攻关项目(No.2023BAA027) (No.2023BAA027)
湖北省重点研发计划项目(No.2021BAA038) (No.2021BAA038)
深圳市科技计划基础研究项目(No.JCYJ20210324120002006) (No.JCYJ20210324120002006)
深圳市科技计划技术攻关项目(No.JSGG20210802153009028)The 2023 Hubei Province Major Research and Development Project(No.2023BAA027),The Hubei Prov-ince Key Research and Development Program Project(No.2021BAA038),The Basic Research Project of Shenzhen Sci-ence and Technology Plan(No.JCYJ2021032412002006),The Shenzhen Science and Technology Plan Technology Research Project(No.JSGG20210802153009028) (No.JSGG20210802153009028)
