14 DAY TRIAL // More organizations realized lately that besides the obvious benefits brought by cloud-based structures, the use of these innovative technologies also brings forth a lot of issues. North Carolina State University researchers claim they discovered a more secure way for the system to handle processes.
PcPro informs us that the latest discovery will improve storage techniques and information will be processed in a way that doesn't compromise its integrity.
By separating functions and workflows as soon as they hit the cloud servers and by isolating sensitive information from the virtual machine manager's other tasks , an enhanced protection can be obtained.
What the new technique actually does is that it isolates the sensitive components that might be easily harmed or that might contain delicate information, by using a software framework, to a single strong core, while the rest would operate on separate cores.
“A long-standing concern in cloud computing is that attackers could take advantage of vulnerabilities in a hypervisor to steal or corrupt confidential data from other users in the cloud,” revealed one of the researchers.
Dubbed “Strongly Isolated Computing Environment” (SICE), the mechanism uses a layer of protection that requires minimum system resources and significantly reduces the components that could be compromised by malware. Furthermore, by reducing the quantity of the code, they downsize the risk of a successful attack.
“We have significantly reduced the ‘surface’ that can be attacked by malicious software,” revealed Peng Ning, a professor of computer science at NCSU.
“For example, our approach relies on a software foundation called the Trusted Computing Base, or TCB, that has approximately 300 lines of code, meaning that only these 300 lines of code need to be trusted in order to ensure the isolation offered by our approach. Previous techniques have exposed thousands of lines of code to potential attacks. We have a smaller attack surface to protect.”
As we've seen lately, cloud computing is covering ground in organizations world wide, but as it turns out, most company managers fear the implications of a system that is improperly secured. It remains to be seen if the breakthrough the researchers are talking about can be successfully implemented to offer the safeguarding these structures need.