With a similar threat model,conventional software mechanisms aimed at various levels of security can be categorized as intra-address space protection(IASP)including memory safety,control-flow integrity,syscall filteri...With a similar threat model,conventional software mechanisms aimed at various levels of security can be categorized as intra-address space protection(IASP)including memory safety,control-flow integrity,syscall filtering,and isolation.When enhancing security,software-only IASP methods result in an expanded trusted computing base(TCB)and can lead to performance slowdowns,making it challenging to strike a balance between security and performance.Recent studies indicate that hardware-assisted methods enhance efficiency by encapsulating hardware primitives and utilizing specialized microarchitecture designs.They also enhance security by reducing the trusted computing base’s attack surface.However,there has been limited discussion regarding the key challenges in current hardware-assisted IASP studies.This paper conducts a comprehensive survey of hardware-assisted IASP and discusses critical design issues,such as metadata management strategies,protection comprehensiveness,protection granularity,and processor complexity.Through a qualitative analysis of existing methods,this paper summarizes the research trends in hardware-assisted IASP technologies and emphasizes the importance of isolation models,access control strategies,and cross-compartment switching in future hardware-assisted IASP designs.展开更多
Based on the perspective of sustainability transitions(ST)theory,the paper dissects the opera-tional mechanisms of protected space driving emerging technology industrialization from an external system perspective,whic...Based on the perspective of sustainability transitions(ST)theory,the paper dissects the opera-tional mechanisms of protected space driving emerging technology industrialization from an external system perspective,which is on the basis of defining essential characteristics and func-tional attributes of protected space.Meanwhile,it structures a three-dimensional evaluation model of protected space from the perspective of internal mechanism by introducing the policy mixes method.Finally,taking the Chinese New Energy Vehicle(NEV)industry as the example and using the system dynamics modeling method,the paper designs different simulation schemes from three dimensions of horizontal evolution trend,three types of policy instrument change and policy mixes of protected space,to predict and analyze the operation effect of protected space.The results show that the Chinese NEV industry is in the stage of market niche entry,and corresponding measures should be taken to increase the market scale,form effective demand and scale effect,and promote the diffusion of market niche;the effect of policy mixes is better than that of the single policy instrument;specific policy mixes should be adopted to develop simultaneously from both the supply and demand sides to improve the industrialization level of NEV.展开更多
基金supported in part by the Strategic Priority Research Program of Chinese Academy of Sciences(CAS)under Grant Nos.XDA0320000 and XDA0320300.
文摘With a similar threat model,conventional software mechanisms aimed at various levels of security can be categorized as intra-address space protection(IASP)including memory safety,control-flow integrity,syscall filtering,and isolation.When enhancing security,software-only IASP methods result in an expanded trusted computing base(TCB)and can lead to performance slowdowns,making it challenging to strike a balance between security and performance.Recent studies indicate that hardware-assisted methods enhance efficiency by encapsulating hardware primitives and utilizing specialized microarchitecture designs.They also enhance security by reducing the trusted computing base’s attack surface.However,there has been limited discussion regarding the key challenges in current hardware-assisted IASP studies.This paper conducts a comprehensive survey of hardware-assisted IASP and discusses critical design issues,such as metadata management strategies,protection comprehensiveness,protection granularity,and processor complexity.Through a qualitative analysis of existing methods,this paper summarizes the research trends in hardware-assisted IASP technologies and emphasizes the importance of isolation models,access control strategies,and cross-compartment switching in future hardware-assisted IASP designs.
基金supported by the National Nature Science Foundation of China under Grants No.71874037the Surface Project of the National Nature Science Foundation of China under Grant No.71673062+1 种基金Guangdong Natural Science Fund Project under Grant No.2018A030313397Guangdong Soft Science Key Project under Grant No.2018B070714019。
文摘Based on the perspective of sustainability transitions(ST)theory,the paper dissects the opera-tional mechanisms of protected space driving emerging technology industrialization from an external system perspective,which is on the basis of defining essential characteristics and func-tional attributes of protected space.Meanwhile,it structures a three-dimensional evaluation model of protected space from the perspective of internal mechanism by introducing the policy mixes method.Finally,taking the Chinese New Energy Vehicle(NEV)industry as the example and using the system dynamics modeling method,the paper designs different simulation schemes from three dimensions of horizontal evolution trend,three types of policy instrument change and policy mixes of protected space,to predict and analyze the operation effect of protected space.The results show that the Chinese NEV industry is in the stage of market niche entry,and corresponding measures should be taken to increase the market scale,form effective demand and scale effect,and promote the diffusion of market niche;the effect of policy mixes is better than that of the single policy instrument;specific policy mixes should be adopted to develop simultaneously from both the supply and demand sides to improve the industrialization level of NEV.
