Researchers eye memory access as cloud security loophole and propose a solution

SUMMARY:
Outside an on-premise firewall, data in the cloud needs ample security protection. MIT researchers have drawn up a system to keep attackers from learning about data when it goes to and from memory.

Encryption is a critical tool for keeping data secure as it travels to and lives inside of public clouds, but when a chip needs to send or receive data stored outside its circuitry in off-chip memory, it’s possible for an attacker to learn about workloads and figure out what to target.

Researchers at MIT have been developing a system called Ascend to prevent those security vulnerabilities involving memory access, according to a Tuesday news release from the school.

Ascend does a few things to minimize the likelihood that a cyberattack could ascertain information from the transmission of data to and from memory. First off, it proposes a novel way of querying memory addresses for data:

What Devadas and his collaborators — graduate students Ling Ren, Xiangyao Yu and Christopher Fletcher, and research scientist Marten van Dijk — do instead is to arrange memory addresses in a data structure known as a “tree.” A family tree is a familiar example of a tree, in which each “node” (in this example, a person’s name) is attached to only one node above it (the node representing the person’s parents) but may connect to several nodes below it (the person’s children).
With Ascend, addresses are assigned to nodes randomly. Every node lies along some “path,” or route through the tree, that starts at the top and passes from node to node, without backtracking, until arriving at a node with no further connections. When the processor requires data from a particular address, it sends requests to all the addresses in a path that includes the one it’s really after.

What’s more, whenever a chip asks a single memory address for data, Ascend switches around the address with some other memory address.

The system also hampers efforts to read into the frequency of a chip’s requests for data in memory by sending out many periodic requests, even when the chip doesn’t actually want more data because it’s busy. This is important because a long gap between requests could indicate a particularly challenging and therefore important workload worth targeting during an attack.

This architecture “hasn’t been built yet,” said one of the researchers, Srini Devadas, a professor of electrical engineering and computer science at MIT, according to the news release. Hopefully it will be built soon, though, because cloud security is becoming a bigger deal by the day.

More companies are leaving behind on-premise applications and taking up Software as a Service (SaaS) products instead. Meanwhile providers of Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) might be interested in incorporating the architecture into their servers so as to provide better security to their customers. News of cyberattacks and government snooping only amplify concerns about security on shared infrastructure, making solutions like Ascend more enticing.

As published on http://gigaom.com/2013/07/02/researchers-eye-memory-access-as-cloud-security-loophole-and-propose-a-solution/

About Shailendra Nair

AI Generalist & Executive Tech Leader in Insurance & Benefits Tech. Driving growth, trust, and resilience from AIG to Marsh McLennan. I am an AI Generalist and Executive Technology Leader with a career dedicated to reimagining how insurance and benefits ecosystems work in a digital first world. My expertise spans Insurance & Benefits Tech, digital transformation, and cybersecurity, with a proven ability to turn technology into both a growth engine and a resilience enabler. I have worked with global leaders such as PepsiCo, Allianz, AIG, and Marsh McLennan, experiences that gave me a rare mix of perspectives across insurance carriers, broking, and benefits advisory. This combination allows me to design solutions that balance global standards, local compliance, and client expectations while driving measurable business value. My strength lies in full stack insurance technology leadership, covering Property & Casualty, Life, and Benefits. I bring hands-on expertise in infrastructure, cloud, security, and enterprise architecture, combined with data platforms, AI automation, and digital ecosystems. Having led across this spectrum, I can translate complex technology into practical outcomes that deliver trust, scale, and innovation. As an AI Generalist, I focus on impact: • Building automation first operations that scale efficiently. • Designing chatbots and intelligent assistants to empower employees and clients. • Deploying AI-driven QA frameworks to improve speed and accuracy. • Exploring agentic AI roles to support compliance and transformation. My philosophy is simple: technology should reduce friction, inspire confidence, and accelerate growth. I design platforms that enhance sales, revenue, and client stickiness, proving that tech can directly enable business outcomes. At the same time, I remain deeply client centric a solution enabler who thinks out of the box to solve real challenges and deliver measurable ROI. 🌍 What excites me most is reimagining benefits ecosystems for the future of work. Employees demand seamless digital first experiences, organizations need efficiency, and regulators require trust and security. My mission is to build ecosystems that are secure, resilient, innovative, and human focused.

View all posts by Shailendra Nair →

This entry was posted in Technology and tagged Technology. Bookmark the permalink.