Communications of the ACM
Hardware Trick Could Keep Cloud Data Safe
A new chip could help make data in the cloud more secure by concealing how data is requested from the cloud.
Credit: Getty Images
Massachusetts Institute of Technology (MIT) researchers have created Ascend, a chip that could protect data in the cloud by concealing the way in which central processing units request information in cloud servers.
Assuming that data is already encrypted, Ascend addresses side-channel attacks in which perpetrators gain information about a program's behavior by gauging measures such as computation time, memory traffic, and power consumption.
Ascend changes the pattern of memory-access events by rearranging all memory addresses into a binary-tree structure, which resembles a family tree in which each node is connected to only one parent node but could have multiple child nodes. Memory addresses are randomly assigned to a node, with a location on a path that can start from the tree's root and end at the tip. Using this approach, the memory controller reads not only the address of the data that is being requested, but the whole path of addresses.
Although this technique, called Oblivious RAM, is not theoretically new, this is the first time that a processor design has directly incorporated applications for the method. The MIT team believes that hardware is preferable to the more typical software approach to security because hardware is designed more carefully and offers greater stability.
From IEEE Spectrum
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found