vCage Cloud Deployment Protects Tor Data in Use from Compromise
This PrivateCore Tor deployment provides undeniable evidence that organizations can achieve private computation in the public cloud. Without vCage full memory encryption, Tor servers operating in hosted provider environments expose secret key material in memory, where it can be accessed through NSA PRISM-type programs. Using PrivateCore vCage, no trace of Tor server code or data is maintained in memory or on disk, eliminating the possible exposure of secret key material through memory forensics.
As demonstrated by the NSA PRISM program, information owned by an organization can be handed to authorities without their knowledge by cloud service providers who control the cloud servers. While organizations need to respond to lawful requests for information such as the NSA PRISM program, PrivateCore vCage enables them to remain in control of servers in the cloud and prevent access without their prior authorization.
Click to Tweet: .@PrivateCore vCage memory #encryption software enables #PRISM proof Tor server http://bit.ly/1gCCkMP
“PrivateCore vCage is a very important step forward for cloud security that uses a brilliant design created by experts who really know what they are doing,” said Felix “FX” Lindner, Head of
Service providers and enterprises face growing risks of physical access to sensitive data through the proliferation of outsourced IT infrastructures in untrusted environments including the cloud, co-location facilities and remote sites. Sensitive data-in-use is subject to compromise due to lawful requests, such as the recently disclosed NSA PRISM program, as well as illegal compromise. For example, state actors can target server memory which typically contains sensitive information such as digital certificates, encryption keys, intellectual property and personally identifiable information. While sensitive data may be protected by encryption while at rest or in transit, it is unprotected and “in the clear” while in use. PrivateCore’s unique vCage software encrypts data-in-use without requiring application or hardware modifications.
“The NSA PRISM program has raised concerns around the world among organizations considering deploying sensitive data in the public cloud. This proof of concept shows that data in the public cloud can remain under the control of the owner under any circumstance,” said
Service providers and enterprises interested in learning more about PrivateCore vCage can contact email@example.com.
PrivateCore is the private computing company. PrivateCore vCage software transparently secures data-in-use with full memory encryption for any application, any data, anywhere on standard x86 servers. PrivateCore was founded in 2011 by security industry veterans from the IDF, VMware and Google. The company is based in
PrivateCore and vCage are trademarks of
Marc Gendron PR