Data In Cloud Gets Hardware Protection2 min read
Thanks to a new hardware technology, the data encryption on the internet will be more secure. MIT researchers have conducted a study which has put emphasis on the usage of cloud computing. Cloud computing is a process which entails outsourcing computational tasks over the internet, this could be a significant boon for domestic computer users as it would put at their disposal unlimited processing power. It will also yield rich dividends for small firms which can launch web services without acquiring massive and expensive servers.
However, this flexibility comes at a cost as it raises privacy issues. A collection of cloud servers could be catering to thousands of customers simultaneously by running a host of diversified applications. This could provide an open window to miscreants who can sneak in an application that would have the sole purpose of carrying out reconnaissance of other applications. Detecting the presence of such a malicious program would be near what impossible for the hosting services provider. One way to safeguard against such applications is encrypting the servers. This would ensure that only during the processing phase data would be decrypted. The end result of processing would then be re-encrypted before they are sent off chip. Nevertheless with passing of time intruders have also evolved and have found ways to siphon shocking amount of private and classified information even when a server is handling encrypted data. A computer’s memory access pattern, the cycle via which it stores and accesses data at different memory addresses can provide a loophole.
A new piece of hardware named Ascend could be the solution to this quandary. What Ascend would do basically is to shield a server’s memory access patterns making it impossible for an intruder to deduce or siphon anything about the data being processed. Ascend also comes in handy against another form of notorious infiltration attack known as timing attack, this attack takes into consideration the amount of time data is being processed and allows the attackers to infer their course of action based on it. The creator of the Ascend while elucidating on his invention claimed that the conventional way of obscuring memory access patterns would be to request data from every address in the memory. This would return an enormous amount out of which everything else is thrown out except the data stored at one address of interest. This method works but it’s too time and resource intensive.
Ascend differs from this approach by assigning addresses to nodes randomly. The path of every node is the same on the tree, it interconnects with other nodes while starting at the top. This circumvents backtracking while the path continues till it reaches a node without any more nodes attached to it. This comes in really handy when data from a particular address is required, a request is sent to all the addresses in a path which includes the one that actually contains the desired information. This throws off the attacker and keeps the data secure.