A new partnership between Imperial and the Technology Innovation Institute (TII) in Abu Dhabi aims to increase the security of cloud computing services.
Cloud computing, in which data and software are accessed over the Internet rather than stored locally on personal laptops and smartphones, was until recently a novel concept, but it is now a ubiquitous feature of our digital lives. It powers widely used email and mobile messaging applications, and the productivity suites that office workers use to collaborate online. It will play an even bigger role when the Internet of Things (IoT) takes off and devices, such as kitchen appliances and industrial machinery, connect to the Internet in a standard way, reporting sensor data to cloud servers.
Many of the digital services we use every day are hosted in the cloud, but the hardware and software you use weren’t designed with cybersecurity in mind. “Security hasn’t changed much from traditional operating systems before the Internet and the era of cloud services,” says Professor Pietzuch.
But Professor Peter Pietzuch in empire IT Department, the association’s academic leader, says the devices and operating systems typically used to host cloud services in data centers were not designed with cybersecurity in mind. “Security hasn’t changed much from traditional operating systems that predate the Internet and the era of cloud services,” he says.
Limitations with the security of these systems have contributed to the regular occurrence of data theft, ransomware attacks, in which cybercriminals hijack an organization’s data and demand a ransom to restore it, and attacks by other types of malware. These threats could pose increasing risks to society as vital infrastructure such as the NHS becomes increasingly dependent on digital services and the IoT.
The research partnership between Imperial and IIT will work to mitigate these risks by re-engineering the hardware and software that the cloud runs on, from the ground up. “The project aims to rethink what the hardware and software stack should look like in cloud environments when you design them with security in mind,” says Professor Pietzuch.
The project will address the key challenge of ensuring data center servers are isolated from one another so that one malicious cloud tenant cannot access data belonging to another, while still allowing servers to communicate efficiently. for legitimate purposes, particularly for data-intensive computing tasks that are sometimes in parallel on thousands of machines.
This is a scientific problem. Companies have been plugging one hole after another, but there is no end in sight. We’re trying to take a step back and rethink software stacks so we don’t face the same issues over and over again. We need fundamental change or things could get worse and worse. Professor Peter Pietzuch IT Department
The project will work towards the development of software and hardware architectures, building on existing AArch64 and RISC-V processor architectures, to allow data to be well compartmentalized while allowing efficient sharing.
Dr. Shreekant (Ticky) Thakkar, TII Secure Systems Research Center (SSRC) Chief Investigator, said: “The research project with Imperial aims to find solutions based on AArch64 and fits very well with other investigations and cases. of use, as SSRC is doing a great deal of work on ARM and RISC-V based platforms and OS [operating systems] on phones and drones. Easily applicable to today’s mobile devices, the project’s solutions will make it simple to unify security approaches in the cloud and at the edge.”
“We are talking about new low-level security mechanisms in modern computing architectures,” says Professor Pietzuch. “Malicious attackers can currently exploit unauthorized access to data in many ways, for example to exfiltrate data or install ransomware. Instead of thinking about very specific high-level attacks and finding mitigations against them, our approach will address a number of security challenges by helping to create a hardware and software stack that is secure at every layer.”
Fundamental research meets applied thinking
Professor Pietzuch emphasizes that this requires fundamental research. “This is a scientific problem. Companies have been plugging one hole after another, but there is no end in sight. What we’re trying to do is take a step back and consider how to fundamentally rethink software stacks so that we don’t face the same problems over and over again. We need a fundamental change to be able to move on to something less vulnerable, or in the future things could get worse and worse.”
Cybersecurity is an area where we can only really make progress if we bring together basic research of the kind that is conducted at Imperial and industry experts’ understanding of the issues and challenges we face in the real world. Dr. Rebeca Santamaría-Fernández Director of Industrial Associations and Marketing, Faculty of Engineering
“Many people at TII are applied industrial researchers. They bring an insight into the industry where they ask the right kind of questions. They talk about usability aspects and when we devised the project they provided very useful information, guiding things so that we are aware of where the difficult problems lie. It’s great to partner with them on this important project.”
Dr. Rebeca Santamaría-Fernández, Director of Industry Partnerships and Commercialization at Imperial’s College of Engineering, said, “Cybersecurity is an area where we can only really make progress by bringing together basic research of the kind that is being conducted at Imperial and the understanding of industry experts of the issues and challenges faced in the real world. I am delighted with this partnership, which will combine the world-leading expertise of Professor Pietzuch and his colleagues and the fantastic resources and expertise of the Technology Innovation Institute.
Imperial facilitates industry associations, technology commercialization and other activities that help translate research into real benefits for industry and society through its Business Division.