StronglyIsolatedComputingEnvironment
Latest
NC State researchers team with IBM to keep cloud-stored data away from prying eyes
The man on your left is Dr. Peng Ning -- a computer science professor at NC State whose team, along with researchers from IBM, has developed an experimental new method for safely securing cloud-stored data. Their approach, known as a "Strongly Isolated Computing Environment" (SICE), would essentially allow engineers to isolate, store and process sensitive information away from a computing system's hypervisors -- programs that allow networked operating systems to operate independently of one another, but are also vulnerable to hackers. With the Trusted Computing Base (TCB) as its software foundation, Ping's technique also allows programmers to devote specific CPU cores to handling sensitive data, thereby freeing up the other cores to execute normal functions. And, because TCB consists of just 300 lines of code, it leaves a smaller "surface" for cybercriminals to attack. When put to the test, the SICE architecture used only three percent of overhead performance for workloads that didn't require direct network access -- an amount that Ping describes as a "fairly modest price to pay for the enhanced security." He acknowledges, however, that he and his team still need to find a way to speed up processes for workloads that do depend on network access, and it remains to be seen whether or not their technique will make it to the mainstream anytime soon. For now, though, you can float past the break for more details in the full PR.
