MIT Researchers Working On Better Cloud Security

Cloud computing, making use of the computational capability of computers on the internet, offers a lot of promise to both large companies and small, but how secure is their data when it's in the cloud? Vulnerabilities exist and researchers are working on fixes.

Back in 2005, MIT researchers demonstrated that even if data was encrypted when in the cloud, the memory pattern usage of accessing the data could be used to ferret out cryptographic keys by programs that had no other purpose than to spy on the cache use of the other programs.

Speaking at the International Symposium on Computer Architecture, MIT researchers described a new secure hardware component named "Ascend". Ascend disguises a server's memory-access patterns, making it impossible for an attacker to infer anything about the data being stored. Ascend also thwarts another type of attack, known as a timing attack, which attempts to infer information from the amount of time that computations take.

What Ascend basically does is place the memory addresses in a tree structure, similar to a family tree, in random order, that can be traversed to get to the required data. Once the address is located, it is randomly swapped with an address in another node in the tree. The result is that the program never appears to be accessing the same memory address as it will be traversing a different path through the tree every almost every time.

If you are interested in data security, jump to the source link to read the detail on their research.