Partnership will redesign data centre computing to improve security of the cloud – Imperial College London

admin on January 31, 2022 Leave a Comment

A new partnership between Imperial and the Technology Innovation Institute (TII) in Abu Dhabi aims to boost the security of cloud computing services.

Cloud computing, in which data and software are accessed via the internet rather than stored locally on personal laptops and smartphones, was until quite recently a novel concept, but is now a pervasive feature of our digital lives. It powers widely used mobile messaging and email apps, and the productivity suites that office workers use to collaborate online. It will play an even greater role when the Internet of Things (IoT) takes off and devices such as kitchen appliances and industrial machinery become internet-connected as standard, reporting sensor data to cloud servers.

But Professor Peter Pietzuch in Imperials Department of Computing, the partnerships academic lead, says that the devices and operating systems typically used to host cloud services in data centres were not designed with cyber security in mind. Security has not changed much from traditional operating systems that pre-date the internet and the era of cloud services, he says.

Limitations with the security of these systems have contributed to the regular occurrence of data theft, ransomware attacks in which cybercriminals hijack an organisations data and demand a ransom to restore it and attacks from other kinds of malware. These threats could pose ever greater risks to society as vital infrastructure such as the NHS becomes increasingly reliant on digital services and IoT.

The research partnership between Imperial and TII will work toward mitigating these risks by redesigning the hardware and software that the cloud runs on, from the ground up. The project aims to rethink what the hardware and software stack in cloud environments should look like when you design them with security in mind, says Professor Pietzuch.

The project will address the key challenge of ensuring data centre servers are isolated from one another so that a malicious cloud tenant cannot access data belonging to another, while also enabling servers to communicate efficiently for legitimate purposes, particularly for data-intensive computation tasks that are sometimes parallelised over thousands of machines.

The project will work toward developing software and hardware architectures, building on existing AArch64 and RISC-V processor architectures, to allow data to be well compartmentalised while enabling efficient sharing.

Dr Shreekant (Ticky) Thakkar, Chief Researcher at TIIs Secure Systems Research Centre (SSRC), said: The research project with Imperial aims to find solutions based on AArch64 and fits nicely with other research and use cases as SSRC is doing a lot of work on ARM-based and RISC-V platforms and on OS [operating systems] in phones and drones. Easily applicable to todays mobile devices, the projects solutions will simplify the unification of cloud and edge security approaches.

We are talking about new low-level security mechanisms in moderncomputer architectures, says Professor Pietzuch. Malicious attackers can currently exploit unauthorised access to data in a lot of ways for example, to leak data or install ransomware. Instead of thinking about very specific high level attacks and coming up with mitigations against them, our approach will deal with a number of security challenges by helping create a hardware and software stack that is secure at every layer.

Professor Pietzuch emphasises that this requires fundamental research. This is a scientific problem. Companies have been plugging one hole after the other, but there is no end in sight. What were trying to do is step back and consider how to fundamentally rethink software stacks so we dont face the same repeated problems. We need a fundamental shift so we can move to something less vulnerable, or in the future things could get worse and worse.

A lot of people at TII are applied industrial researchers. They bring in an industry view where they ask the right types of questions. They talk about usability aspects and when we devised the project they provided very useful input, steering things so we are aware of where the hard problems lie. Its great to be partnering with them on this important project.

Dr Rebeca Santamaria-Fernandez, Director of Industry Partnerships and Commercialisation for Imperials Faculty of Engineering, said: Cyber security is an area in which we can only make real headway by bringing together basic research of the kind carried out at Imperial and an understanding from industry experts of the problems and challenges faced in the real world. Im delighted about this partnership, which will combine the world-leading expertise of Professor Pietzuch and colleagues and the fantastic resources and expertise of the Technology Innovation Institute.

Imperial facilitates industry partnerships, technology commercialisation, and other activities that help translate research into real-world benefits for industry and society through its Enterprise Division.

Read the original:
Partnership will redesign data centre computing to improve security of the cloud - Imperial College London

Related Posts
Posted in Cloud Computing

Comments are closed.