Title :
Let´s stop trusting software with our sensitive data
Author :
Fletcher, C. ; van Dijk, M. ; Devadas, S.
Author_Institution :
MIT CSAIL, Cambridge, MA, USA
Abstract :
The paper states that people are trusting the cloud more and more to perform sensitive operations. Demanding more trust in software systems is a recipe for disaster. Suppose the people only trust hardware manufacturers and cryptographers, and not system software developers, application programmers, or other software vendors. It will be the hardware manufacturer´s job to produce a piece of hardware that provides some security properties. These properties will correspond to cryptographic operations being implemented correctly in the hardware and adding a modicum of physical security. The beauty of hardware is that its functionality is fixed. If we design our systems to only depend on hardware properties, then we need not worry about software changes or patches introducing new security holes-inevitable in current systems. How can it ensure privacy of data despite the practically infinite number of malicious programs out there? The Ascend processor attempts to achieve these goals; the only entity that the client has to trust is the processor itself.
Keywords :
cloud computing; cryptography; security of data; Ascend processor; cloud computing; cryptographic operation; data privacy; data security; malicious program; security property; sensitive data; software system; Cryptography; Encryption; Hardware; Internet; Software development;
Journal_Title :
Design & Test, IEEE
DOI :
10.1109/MDAT.2013.2259096