The lack of data center security is often a big hurdle for companies that want to move data and services to the cloud. But even that does not prevent more companies from moving to the cloud.
But the current security method--that is, encryption--may not be cut. (as a prime example of the NSA Prism Monitor crash), MIT researchers working on hardware for secure servers have found that software-based security is generally not trustworthy.
Srini Devadas, a professor of electrical engineering and computer science at MIT, says: "You think software security is like thousands of lines of code, you don't know who wrote it, but it's easy to trust the code." ”
Cloud data security is mainly based on a variety of encryption methods. Encryption can hide the exact data generated by Web Access, Web downloads, cloud-based software, or services, but encryption does not hide the occurrence of the access, or the fact that a particular Web site has been accessed. Memory access mode-makes it possible to see which Web site the user visited, the access time, whether or not encryption was used, which could reveal important information.
Devadas and his graduate students are experimenting with a hidden memory access pattern, or memory sleep mode.
The problem with the survey project is oblivious RAM (or O-ram). In the past, the use of O-ram for actual use required a lot of overhead.
"We invented the new O-ram, which would be an academic contribution," Devadas said. To make this whole thing work, you can't hide access patterns when each access becomes a millions visit. The new o-ram will do all the practical work. ”
Cloud data security: From the lab to the data center
The current security approach is not enough, Devadas stressed, "People don't set up encryption levels to protect themselves, but hardware security development and deployment takes longer than the corresponding parts of the software." ”
From research to finished product is the process of discarding countless ideas.
Devadas pointed out that "academic to commercial products is a very big gap between". Some of his projects were simply lying in the lab, though they had been deployed 10 years ago. Over the next year or so, Devadas and his team will focus on turning their concepts into actual silicon processors.
From the point of view of the software manufacturer, MIT's research bulletin has reached a good, or bad, time. The NSA Prism event illustrates the limitations of encryption for cloud security--sometimes the concept becomes realistic and the deadlines set make it possible.
"Since the concept of security, things will change very quickly," Devadas said, "You never know." It suddenly becomes a problem. "
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.