Data in use
Data[1] in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers.
Scranton, PA data scientist Daniel Allen in 1996 proposed Data in use as a complement to the terms data in transit and data at rest which together define the three states of digital data.
Alternative definitions
Data in use refers to data in computer memory. Some cloud software as a service (SaaS) providers refer to data in use as any data currently being processed by applications, as the CPU and memory are utilized.[2]
Concerns
Because of its nature, data in use is of increasing concern to businesses, government agencies and other institutions. Data in use, or memory, can contain sensitive data including digital certificates, encryption keys, intellectual property (software algorithms, design data), and personally identifiable information. Compromising data in use enables access to encrypted data at rest and data in motion. For example, someone with access to random access memory can parse that memory to locate the encryption key for data at rest. Once they have obtained that encryption key, they can decrypt encrypted data at rest. Threats to data in use can come in the form of cold boot attacks, malicious hardware devices, rootkits and bootkits.
Full memory encryption
Encryption, which prevents data visibility in the event of its unauthorized access or theft, is commonly used to protect Data in Motion and Data at Rest and increasingly recognized as an optimal method for protecting Data in Use.
There have been multiple projects to encrypt memory. Microsoft Xbox systems are designed to provide memory encryption and the company PrivateCore presently has a commercial software product vCage to provide attestation along with full memory encryption for x86 servers.[3] Several papers have been published highlighting the availability of security-enhanced x86 and ARM commodity processors.[1][4] In that work, an ARM Cortex-A8 processor is used as the substrate on which a full memory encryption solution is built. Process segments (for example, stack, code or heap) can be encrypted individually or in composition. This work marks the first full memory encryption implementation on a mobile general-purpose commodity processor. The system provides both confidentiality and integrity protections of code and data which are encrypted everywhere outside the CPU boundary.
For x86 systems, AMD has a Secure Memory Encryption (SME) feature introduced in 2017 with Epyc.[5] Intel has promised to deliver its Total Memory Encryption (TME) feature in an upcoming CPU.[6][7]
CPU-based key storage
Operating system kernel patches such as TRESOR and Loop-Amnesia modify the operating system so that CPU registers can be used to store encryption keys and avoid holding encryption keys in RAM. While this approach is not general purpose and does not protect all data in use, it does protect against cold boot attacks. Encryption keys are held inside the CPU rather than in RAM so that data at rest encryption keys are protected against attacks that might compromise encryption keys in memory.
Enclaves
Enclaves enable an “enclave” to be secured with encryption in RAM so that enclave data is encrypted while in RAM but available as clear text inside the CPU and CPU cache. Intel Corporation has introduced the concept of “enclaves” as part of its Software Guard Extensions. Intel revealed an architecture combining software and CPU hardware in technical papers published in 2013.[8]
Cryptographic protocols
Several cryptographic tools, including secure multi-party computation and homomorphic encryption, allow for the private computation of data on untrusted systems. Data in use could be operated upon while encrypted and never exposed to the system doing the processing.
See also
- Also see Alternative Definition section of Data At Rest
- Homomorphic encryption is a form of encryption that allows computation on ciphertexts.
- Zero-knowledge proof is a method by which one party (the prover) can prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x.
- Secure multi-party computation is a method for parties to jointly compute a function over their inputs while keeping those inputs private.
- Non-interactive zero-knowledge proof (NIZKs) are zero-knowledge proofs that require no interaction between the prover and verifier.
- Format-preserving encryption (FPE), refers to encrypting in such a way that the output (the ciphertext) is in the same format as the input (the plaintext)
- Blinding is a cryptography technique by which an agent can provide a service to a client in an encoded form without knowing either the real input or the real output.
- Example privacy-enhancing technologies
References
- ^ a b M. Henson and S. Taylor "Beyond full disk encryption:protection on security-enhanced commodity processors", "Proceedings of the 11th international conference on applied cryptography and network security", 2013
- ^ "CipherCloud encrypts data across multiple cloud apps". Searchstorage.techtarget.com. 2012-09-06. Retrieved 2013-11-08.
- ^ GCN, John Moore, March 12, 2014:"How to lock down data in use -- and in the cloud"
- ^ M. Henson and S. Taylor "Memory encryption: a survey of existing techniques", "ACM Computing Surveys volume 46 issue 4", 2014
- ^ "Secure Memory Encryption (SME) - x86". WikiChip.
- ^ "Total Memory Encryption (TME) - x86". WikiChip.
- ^ Salter, Jim (26 February 2020). "Intel promises Full Memory Encryption in upcoming CPUs". Ars Technica.
- ^ "Intel Software Guard Extensions (SGX) Is Mighty Interesting". Securosis. 2013-07-15. Retrieved 2013-11-08.