Back to Table of contents

Primeur weekly 2013-07-08

Special

Exploiting parallelism on Titan to reach exascale performance, eventually ...

The Cloud

A virtual chef-nutritionist for old people ...

BRABUS draws on IBM to deliver stylish upgrades for automobiles, planes and yachts through the Cloud ...

New hardware design protects data in the cloud ...

Oracle enhances Cloud management with new third generation release of Oracle Enterprise Manager 12c ...

Oracle announces general availability of Oracle Database 12c, the first database designed for the Cloud ...

New Oracle Database 12c innovations engineered with Oracle Storage Systems deliver next level of database-to-storage performance and efficiency ...

Rackspace and CERN openlab collaborate to deliver "Big Bang" with Hybrid Cloud ...

EuroFlash

Megware supercomputer at the University of Bayreuth secures TOP500 place ...

High Performance Computing facility to receive Government funding of 8 million euro ...

RSC supercomputers continue to lead in energy efficiency among Russian HPC systems in Green500 ...

Pittsburgh Supercomputing Center and Numascale AS to collaborate on improved memory systems for research ...

Bull launches the 2013 Bull-Joseph Fourier Prize, aimed at boosting the development of computer simulation ...

Kees Neggers honoured as an Internet Pioneer in the Internet Hall of Fame ...

World record in silicon integrated nanophotonics - More energy efficiency in the data communication ...

SURFnet and Russian Skoltech embark on joint e-Infrastructure project ...

USFlash

Parallella: an open source hardware project ...

Pleiades supercomputer to be augmented with next-generation SGI ICE-X systems ...

2014 Pennsylvania State Budget includes $500,000 for Pittsburgh Supercomputing Center ...

Senator Durbin leads dedication of new Mira supercomputer at Argonne National Laboratory ...

Microscopy technique could help computer industry develop 3D components ...

Cyclica Inc. is awarded access to IBM's Blue Gene/Q supercomputer to repurpose FDA approved drugs ...

Texas Advanced Computing Center deploys 20PB Big Data hub using DataDirect Networks High-Performance Storage System ...

More of the world's TOP500 supercomputers trust DataDirect Networks for best analytics and simulation performance, scale and lowest TCO ...

Indiana University to take lead in Defense Department effort securing software-defined networks ...

Graphene-based system could lead to improved information processing ...

NSF and Mozilla announce breakthrough applications on a faster, smarter internet of the future ...

Titan completes acceptance testing ...

New hardware design protects data in the cloud

2 Jul 2013 Cambridge - Cloud computing - outsourcing computational tasks over the Internet - could give home-computer users unprecedented processing power and let small companies launch sophisticated Web services without building massive server farms. But it also raises privacy concerns. A bank of Cloud servers could be running applications for 1,000 customers at once; unbeknownst to the hosting service, one of those applications might have no purpose other than spying on the other 999. Encryption could make Cloud servers more secure. Only when the data is actually being processed would it be decrypted; the results of any computations would be re-encrypted before they're sent off-chip.

In the last 10 years or so, however, it's become clear that even when a computer is handling encrypted data, its memory-access patterns - the frequency with which it stores and accesses data at different memory addresses - can betray a shocking amount of private information.

At the International Symposium on Computer Architecture in June, MIT researchers described a new type of secure hardware component, dubbed Ascend, that would disguise a server's memory-access patterns, making it impossible for an attacker to infer anything about the data being stored. Ascend also thwarts another type of attack, known as a timing attack, which attempts to infer information from the amount of time that computations take.

Similar designs have been proposed in the past, but they've generally traded too much computational overhead for security. "This is the first time that any hardware design has been proposed - it hasn't been built yet - that would give you this level of security while only having about a factor of three or four overhead in performance", stated Srini Devadas, the Edwin Sibley Webster Professor of Electrical Engineering and Computer Science, whose group developed the new system. "People would have thought it would be a factor of 100."

The "trivial way" of obscuring memory-access patterns, Srini Devadas explained, would be to request data from every address in the memory - whether a memory chip or a hard drive - and throw out everything except the data stored at the one address of interest. But that would be much too time-consuming to be practical.

What Srini Devadas and his collaborators - graduate students Ling Ren, Xiangyao Yu and Christopher Fletcher, and research scientist Marten van Dijk - do instead is to arrange memory addresses in a data structure known as a "tree". A family tree is a familiar example of a tree, in which each "node" - in this example, a person's name - is attached to only one node above it - the node representing the person's parents - but may connect to several nodes below it - the person's children.

With Ascend, addresses are assigned to nodes randomly. Every node lies along some "path", or route through the tree, that starts at the top and passes from node to node, without backtracking, until arriving at a node with no further connections. When the processor requires data from a particular address, it sends requests to all the addresses in a path that includes the one it's really after.

To prevent an attacker from inferring anything from sequences of memory access, every time Ascend accesses a particular memory address, it randomly swaps that address with one stored somewhere else in the tree. As a consequence, accessing a single address multiple times will very rarely require traversing the same path.

By confining its dummy requests to a single path, rather than sending them to every address in memory, Ascend exponentially reduces the amount of computation required to disguise an address. In a separate paper, which is as-yet unpublished but has been posted on-line, the researchers prove that querying paths provides just as much security as querying every address in memory would.

Ascend also protects against timing attacks. Suppose that the computation being outsourced to the Cloud is the mammoth task of comparing a surveillance photo of a criminal suspect to random photos on the Web. The surveillance photo itself would be encrypted, and thus secure from prying eyes. But spyware in the Cloud could still deduce what public photos it was being compared to. And the time the comparisons take could indicate something about the source photos: Photos of obviously different people could be easy to rule out, but photos of very similar people might take longer to distinguish.

So Ascend's memory-access scheme has one final wrinkle: It sends requests to memory at regular intervals - even when the processor is busy and requires no new data. That way, attackers can't tell how long any given computation is taking.
Source: Massachusetts Institute of Technology

Back to Table of contents

Primeur weekly 2013-07-08

Special

Exploiting parallelism on Titan to reach exascale performance, eventually ...

The Cloud

A virtual chef-nutritionist for old people ...

BRABUS draws on IBM to deliver stylish upgrades for automobiles, planes and yachts through the Cloud ...

New hardware design protects data in the cloud ...

Oracle enhances Cloud management with new third generation release of Oracle Enterprise Manager 12c ...

Oracle announces general availability of Oracle Database 12c, the first database designed for the Cloud ...

New Oracle Database 12c innovations engineered with Oracle Storage Systems deliver next level of database-to-storage performance and efficiency ...

Rackspace and CERN openlab collaborate to deliver "Big Bang" with Hybrid Cloud ...

EuroFlash

Megware supercomputer at the University of Bayreuth secures TOP500 place ...

High Performance Computing facility to receive Government funding of 8 million euro ...

RSC supercomputers continue to lead in energy efficiency among Russian HPC systems in Green500 ...

Pittsburgh Supercomputing Center and Numascale AS to collaborate on improved memory systems for research ...

Bull launches the 2013 Bull-Joseph Fourier Prize, aimed at boosting the development of computer simulation ...

Kees Neggers honoured as an Internet Pioneer in the Internet Hall of Fame ...

World record in silicon integrated nanophotonics - More energy efficiency in the data communication ...

SURFnet and Russian Skoltech embark on joint e-Infrastructure project ...

USFlash

Parallella: an open source hardware project ...

Pleiades supercomputer to be augmented with next-generation SGI ICE-X systems ...

2014 Pennsylvania State Budget includes $500,000 for Pittsburgh Supercomputing Center ...

Senator Durbin leads dedication of new Mira supercomputer at Argonne National Laboratory ...

Microscopy technique could help computer industry develop 3D components ...

Cyclica Inc. is awarded access to IBM's Blue Gene/Q supercomputer to repurpose FDA approved drugs ...

Texas Advanced Computing Center deploys 20PB Big Data hub using DataDirect Networks High-Performance Storage System ...

More of the world's TOP500 supercomputers trust DataDirect Networks for best analytics and simulation performance, scale and lowest TCO ...

Indiana University to take lead in Defense Department effort securing software-defined networks ...

Graphene-based system could lead to improved information processing ...

NSF and Mozilla announce breakthrough applications on a faster, smarter internet of the future ...

Titan completes acceptance testing ...