Secure enclaves can help reduce data breaches dramatically and support the value of the cloud securely
“The world runs on software” and “software is eating the world” are phrases you have probably heard over the years. No doubt we cannot imagine living in a world where things such as the internet, computers, mobile phones and other expected technologies do not exist.
These days our financial transactions depend on software, and countless databases store our personal information. Our shopping and online browsing are tracked and analyzed. Everything from state secrets to intellectual property is stored and communicated under software control.
Physical security such as locks, guards and CCTV were developed to prevent crime, which has always been part of society. These days, hackers can steal information and money by exploiting software vulnerabilities, all at a great distance away and with complete anonymity, completely bypassing any physical security measures. Today companies are working on new ways to protect data confidentiality (keep it private), data integrity (prevent it from being changed) and data availability (the ability to use it when we need to).
Software Vulnerability is the Problem
The problem, though, is that software by its very nature is vulnerable. Its blessing—to continually adapt, tune and be improved—is also its curse. It can be changed and corrupted and malicious software can be inserted. It is very expensive and difficult to write software securely, and with increasing complexity and demand it becomes essentially impossible. Financial and competitive pressures demand that software developers produce code quickly, with functionality and convenience valued over security.
Because of this, software vulnerabilities result in data leakage, compromised systems and malware. Despite heavy fines and regulations, data breaches have become routine occurrences. Everything is vulnerable, from applications to operating systems to firewalls, and needs constant patching. These days it is common to assume systems will be breached and you can only hope that organizations will be able to detect and respond rapidly to minimize the damage.
A Valuable Tool in Cryptography
A valuable tool to address these threats is cryptography, made up of strong algorithms that mathematicians assure us are secure against any known attacks. But with these implementations typically in software, errors can be made. And if the integrity of the software system is breached, then even cryptography can’t save us. In addition, cryptography depends on keys, and if a key is compromised, then so is the data it is protecting. Both the keys along with the data need to be secured.
This is where hardware provides an advantage. Hardware security modules (HSMs) are application-specific devices that provide cryptographic services to applications. They use physical entropy sources to generate strong cryptographic keys and provide strong logical and physical protection for the attacks, such as tamper prevention and detection. HSMs also provide a closed operating environment with hardened operating systems and secure boot code and certified implementations of cryptographic algorithms with tightly defined APIs and a small attack surface.
The most common uses of HSMs are to secure financial transactions in banking applications, such as credit card payments. In enterprises HSMs are used to secure PKI systems and other security-critical applications. A popular success story for hardware-based security is in mobile devices, which often have special hardware security systems (e.g. Apple Secure Enclave and ARM TrustZone) for the secure storage and use of cryptographic keys and biometric data. Credit card smartcard chips offer widespread protections and Trusted Platform Module (TPM) chips offered on many PC motherboards have had some success too.
However, since these are dedicated hardware devices, they are often too expensive, inflexible, non-scalable and difficult for organizations to use for widespread adoption. And they do not operate in the cloud, where enterprises are increasingly moving their software and data due to significant financial and operational benefits. Without hardware-based protections, cloud security concerns abound, particularly around cloud-based servers, which are owned and operated by third parties and often shared between various customers. Also concerning is the fact that servers connected to the internet are particularly vulnerable to attack. And while cryptography can secure data at rest and data in motion, it alone cannot protect data in use. Data that is in use sits unencrypted in system memory, completely unprotected against malware and hacking or a criminal with physical access to the server. And this goes for servers in private data centers too, which are vulnerable.
Secure Enclaves: a New Approach in Data Security
A new approach to addressing the problem of protecting data in use can be found in hardware-based security in the form of secure enclaves. Secure enclaves allow applications to execute securely and enforced at the hardware level by the CPU itself. All data is encrypted in memory and decrypted only while being used inside the CPU. The data is still completely protected, even if the operating system, hypervisor or root user are compromised. With secure enclaves, data can be fully protected across its full life cycle—at rest, in motion and in use—for the first time.
Advanced secure enclaves offer further security using a process called “attestation” to verify that the CPU is genuine and the application is the correct one and hasn’t been altered. Operating in secure enclaves gives users complete confidence that code is running as intended and that data is completely protected, wherever it is. This approach is gaining traction; for example, it enables sensitive applications including machine learning and artificial intelligence to be run in the cloud. Secure enclaves enable the new concept of confidential computing.
By software’s nature, it is not able to protect highly sensitive or valuable data. Cryptography helps, but it requires high-quality, well-protected keys. To address this, hardware-based security is often deployed in banking and in particularly vulnerable applications such as credit cards and mobile devices. But once in the cloud, sensitive data is completely unprotected when in use by cloud-based software applications. However, hardware-based security in the form of secure enclave technology can now provide a solution to that problem, promising to reduce data breaches dramatically and enabling the cloud to finally live up to its true potential, all the while protecting data.