The Micro and Macro of Secure Cloud Computing
Ultimately, encrypted data needs to be decrypted to run through compute cycles.
This leads to basic data security questions of how long it remains in the clear, under what conditions, and with what degree of segmentation integrity. It raises questions on whose responsibility is it to assure this data protection: operating systems, platform technologies, DevOps engineering, apps providers, cloud service providers, hardware vendors?
I’ve repeatedly sought clarity on protection of sensitive data in clear text in the compute stages.
Either we narrow the compute system perimeter, or minimize the time of execution. Or both to offer least exposure. Through 2013-15, I watched with great anticipation a new technology come to market—Intel developed and commercialized its Software Guard Extensions or SGX that creates a protective memory enclave to cordon off processes for secure computation or browsing.
Today, with the Wintel platform, several servers and desktops vendors have adopted Windows (and now Unix) supporting SGX. Here, the Digital Rights Management policies can be set for SGX where only the trusted enclave sees the pre-defined data in clear text and runs the required service for the application. Cool, powerful security stuff!
Time for SGX to be leveraged for public clouds!
Microsoft just announced a Confidential Computing concept for Azure cloud based on the SGX secure enclave technology that offers subscribers a Trust Execution Environment (TEE). Here, Azure extends encryption for data at rest and data in transit by creating encryption for data in use for Azure SQL database and SQL server.
And why is this significant? Because it’s a hybrid solution that covers on premises Windows 10 and Windows Server 2016 as well as Azure SQL database and server. That’s true cloud design.
Its hard to run entire VMs within SGX, but with the use of Java Native Interface (JNI), research has already shown that micro-services can be run within cloud SGX environments with under 10% performance penalty. Docker images with Intel SGX SDK and PSWs are already available for use with apps using Intel SGX. Now that’s promising if deployed within a public cloud like Azure as well.
Yet another just-in-time technology for enhanced micro-service security!
But the power of clouds is as much in its macro-federation capabilities...
Another research from Microsoft caught my eye this month as it complements the micro and macro capabilities of Azure: Muti-party Computation. Here, if two or more parties have data that they dont want to share with each other, but would like to analyze as a whole, cloud federation with encryption enables a cool solution. Here, the individual data sets remain encrypted under the key management of each respective party, and are pooled in the public cloud as a scalable data lake. Then with permissions or purchases of the data sets, the cloud can process the data and return analyzed results. Note that none of the parties have access to the others’ clear text data, and neither does the cloud service provider as the processing can be run in the Confidential Computing domain of SGX processing.
Think about benchmarking enabled between competitive entities who would normally never have exposed their information to each other, or where each entity has say PII data it cannot legally disclose. Entire business, organization or public sector data lakes can be aggregated to enable big data analytics at a scale that simply isn’t possible today.
That’s end-to-end cloud computing as it should be: Secure by design.
The Micro and the Macro of Cloud Computing is looking increasingly secure to me!
(Several cloud security technologies and capabilities are being developed by AWS, Google and other cloud service providers as well and will be addressed in follow on blogs)
http://www.zdnet.com/article/azure-confidential-computing-microsoft-boosts-security-for-cloud-data/
https://www.springerprofessional.de/en/secure-cloud-micro-services-using-intel-sgx/12338098
Great blog Satchit Dokras