1. Technical Field
The present disclosure relates to direct remote memory access in network communication.
2. Related Art
Network communication is commonly used by computing systems and devices to send and receive information. Typically, a computing system uses a network interface card send and receive information. Continuous efforts are being made to improve the efficiency at which information is sent and received.
One option for improving network communication is to use remote direct memory access (“RDMA”). RDMA allows data to move directly from one computing system memory to another computing system memory, without extensively involving either computing system's operating system. Various specifications for RDMA based communication have been established by various organizations, for example, the RDMA Consortium, InfiniBand Trade Association (IBTA) and Internet Engineering Task Force (IETF). The specifications provide guidelines for remote direct memory access.
For executing RDMA operations, typically, a portion of a computing system's memory is registered so that another device (for example, a network interface card) can directly place information to or read information from the registered memory. During the registration process, a memory key is generated. Before a remote node is allowed to access the registered memory, the network interface card verifies the remote memory key. However, this level of authentication is not very strong and may raise security issues. For example, an unauthorized person may run an unauthorized program on computing system and obtain access to the memory keys by guessing, searching or using any other technique. Once the memory key is compromised, one can potentially access the registered memory. This problem can be serious, especially, with the rampant popularity of Internet based communication.
Therefore, it is desirable to provide a method and system for secure RDMA communication that does not rely solely on standard memory key verification.