PARALLEL DATA LAB 

PDL EVENTS
PAST TALK SERIES

PDL Talk Series

August 14, 2025


TIME: 12:00 noon - to approximately 1:00 pm EDT
PLACE: Virtual - a zoom link will be emailed closer to the seminar


SPEAKERS: Vikramraj Sitpal and Ranjit Noronha, Oracle

Securing Modern Databases with Hardware-Assisted Memory Isolation: Leveraging MPK (x86) and MTE (ARM) in Oracle DB
 Modern applications like Oracle Database are built atop a vast, ever-evolving ecosystem of closed and open-source components, and other complex software interactions. While this extensibility drives innovation, it also exposes critical risks: malicious or buggy code—whether from third-party libraries or arbitrary user code execution (think UDFs) – can attempt to steal or corrupt sensitive data, compromise shared memory, or tamper with fundamental structures. Traditional defenses such as virtualization, containers, and software-based memory protections (e.g., mprotect()) offer only partial solutions, often adding performance overhead and lacking the granularity needed to protect against in-process threats.

To address these challenges, bleeding-edge hardware features are redefining the landscape of application memory safety. On x86 platforms, Memory Protection Keys (MPK) provide mprotect-like functionality directly in userspace, allowing applications to assign protection "keys" to memory pages and efficiently update permissions with minimal overhead. Oracle leverages MPK, for example, in its Multilingual Engine (MLE). In AI vector search infrastructure, it enables the secure execution of custom distance function calculations written in JavaScript. Similarly, ARM’s Memory Tagging Extension (MTE) enables fine-grained memory “coloring,” tagging memory allocations and associating them with pointers to detect and prevent unsafe accesses.

In this talk, we present how Oracle Database leverages both MPK on x86 and MTE on ARM to enforce fine-grained, dynamic memory isolation. We discuss the integration of these hardware technologies to protect critical resources such as shared memory, effectively reducing the attack surface posed by untrusted or compromised code. We’ll highlight performance impacts, security advantages, and the transformative role these features play in fortifying Oracle Database deployments everywhere.

BIOS: Vikramraj is a Principal Member of Technical Staff (PMTS) at Oracle, focusing on database kernel development within the Database organization. He has had the opportunity to work on various modules, including memory, synchronization, resource management, and I/O. With experience across operating systems, storage systems, networks, distributed systems, and database technologies, he enjoys collaborating with others to solve challenging technical problems and contribute to Oracle’s ongoing innovation. He holds a Master’s degree in Computer Systems from Carnegie Mellon University (MSIN ’21)

Ranjit Noronha is a Senior Manager at Oracle. He manages ports of the database to different platforms such as AIX, Linux on Z-series, Solaris, HP/UX and Linux on ARM. He holds a PhD in Computer Science and Engineering from The Ohio State University.


CONTACTS


Director, Parallel Data Lab
VOICE: (412) 268-1297


Executive Director, Parallel Data Lab
VOICE: (412) 268-5485


PDL Administrative Manager
VOICE: (412) 268-6716