Ascend worth the wait: to minimize the chance of theft during data transfer

Source: Internet
Author: User
Keywords MIT Cloud Security Ascend
Tags access address cloud cloud environment cloud security data data encryption data security

Public cloud environment, data encryption has become a key means to ensure data security. But when a chip needs to send or receive data stored outside of the chip, it will give the attacker an opportunity to learn about the workload and pinpoint the target.

At a MIT press release on July 2, researchers brought a system called Ascend that addresses the security flaws that involve memory access.

Ascend, through a series of measures to minimize the possibility of an attacker getting information from memory data transfers, invented a new way of querying memory addresses:

Devadas, along with his graduate students Ling Ren, Xiangyao Yu, Chistopher Fletcher, and research scientist Marten van Dijk, replaced the memory address structure with a "tree" data structure. Genealogy is one of the most common examples of tree structures where each "node" is a person's name; each node has its own unique node, which is its parent in the genealogy; however, they all may have several subordinates Nodes, that is, children.

Ascend randomly assigns addresses to nodes. Each node has a specific path to the root node, and these paths and nodes form a minimum spanning tree. When the processor needs the data of a node, it sends the request to all the nodes on the corresponding path.

More importantly, Ascend will swap this address with other memory addresses when the chip needs to access a single memory address. This is the case where accessing the same address multiple times is rare because it requires traversing the same path.

Even when the chip is busy and does not need to read data from memory, the system also sends periodic requests to prevent attackers from gaining real memory access frequency. This is important because the huge gaps in requests can highlight some special needs, and attackers can find important work worth attacking.

One of the researchers, Srini Devadas, a professor of electrical engineering and computer science, affirmed that the system is not yet completed, but given the widespread use of cloud services today, Ascend is definitely worth the wait.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.