Oxford and Cybersecurity 2 – Trusted Computing
Articles,  Blog

Oxford and Cybersecurity 2 – Trusted Computing


[Andrew Martin:] Every time you sit down at a computer, you have to trust that it’s going to do what you expect, whether it’s that you type your email and you trust that it’s only going to go to
the person you put as the addressee, or whether it’s that
you’re receiving your bank statement and you trust that what
you see on the screen is really what the bank knows about your transactions and balance. In order to do that, you have to rely on a
vast number of components, both in your own computer, and in the network and the servers at the other side of the network. One thing that we know
goes wrong is that computers catch viruses. Computers have people breaking
into them electronically and changing the way they behave, so this field of Trusted Computing has developed, which is trying to think about how the design might be changed in such a way that that can’t take place. In the past, we’ve tended to keep
most of our data and our documents, all the things that matter to us, on a hard disk on our own computer, or perhaps on a server that’s on our local network
within the building where we’re working, or something of that sort. That’s turned out to be not as efficient, as having a whole lot of computers somewhere else. [Documentary Presenter:]
“Thanks to today’s super computers…” [Andrew Martin:] We can share those
servers if, when some people are asleep, other people are working – all those things. The Cloud can actually be
a very green approach to computing. But the downside is, if I’ve got particular data that I value for myself, or if I’m processing somebody’s private data and I’ve got a strong legal obligation
to process it carefully and fairly and safely, it’s much harder for me to know whether
that’s actually happening… if it’s on some server in The Cloud and there may actually
be a copy of it in Ireland and in San Francisco. When I’ve got no further use for it, I still have no guarantee that when I press delete, it will actually get deleted. It may persist forever
because somebody else may find it useful, or they may carelessly fail
to delete it when I asked them to. I need to protect my data, my processing, my resources from the other users of the same Cloud resource. I’m actually sharing that server with
another company who might be my competitor. I need to be fairly sure that
my competitor doesn’t get my data, so I need the server to be good enough
to make sure that doesn’t happen. The idea behind the T Clouds Project was to do this work of making sure that the software running on a server in The
Cloud is exactly the software that I wanted and only releasing the data that
might be quite personal or commercially sensitive, when I’ve got a guarantee
that it’s running the right software. [Sadie Creese:] It’s a two-way authentication. What you’ll be familiar with at the moment is that, if you do online banking, you go in and you authenticate yourself to the bank, the bank doesn’t really do the same to you. So we have a bunch of
technologies designed here in Oxford that solve that two-way piece. [Andrew Martin:] Alongside that, you need
lots of other pieces for the trust story, you need to know who the service provider is, what kind of policies they have
around staff behaviour and server management, who gets access to the room where all the servers are, and all sorts of other things. But all of those things
sit in the background compared to making sure that
you’ve actually got the right software running.

Leave a Reply

Your email address will not be published. Required fields are marked *