Discount Offers

Personal Self Defence Spray UK's No1 Spray Legal Pepper Spray Clone UK Sale Only

£22.99
End Date: Monday Dec-18-2017 9:46:38 GMT
Buy It Now for only: £22.99
Buy It Now | Add to watch list

SIA Licensed Security Tie Pin Badge K4S® Exclusive Design

£5.75
End Date: Monday Dec-11-2017 19:04:15 GMT
Buy It Now for only: £5.75
Buy It Now | Add to watch list

Security bouncer door supervisor bomber jacket coat Medium

£51.83
End Date: Monday Nov-20-2017 16:06:16 GMT
Buy It Now for only: £51.83
Buy It Now | Add to watch list

Combat Trousers Security Bouncer Police Security Door Supervisor

£19.19
End Date: Monday Nov-20-2017 16:47:09 GMT
Buy It Now for only: £19.19
Buy It Now | Add to watch list
0024413
Visit Today : 1
Visit Yesterday : 1
This Month : 20
This Year : 324
Total Visit : 24413
Hits Today : 3157
Total Hits : 3598155
Who's Online : 1

events

Hardware-driven security in the hybrid cloud

Sponsored One of the greatest barriers to broader cloud adoption is security.

However much the big cloud providers insist that their global networks of bit barns are more secure and tightly operated than those of their enterprise customers, it is those same customers who are ultimately liable for protecting the data under their control. For highly regulated industries like healthcare or financial services, the penalties for a data breach make it simply too risky to process sensitive data anywhere else outside their own systems . This means that they are missing out on the advantages of cloud services, such as greater operational flexibility and the potential to save on some of the capital expenditure costs of on-premise IT systems. Public cloud in particular presents a number of challenges for keeping data secure, largely because an organisation is effectively choosing to run workloads on infrastructure that it does not own or control . While an organisation can take steps to lock down its own systems and deploy tools to detect or prevent intrusion, there are limits on what a customer can do to the cloud provider s infrastructure.

Encryption of sensitive data is now routine both in the cloud and on-premise, but this largely protects data only when it is at rest, stored on disk . In order to be processed, it still has to be in the clear while in memory so that any required operation can be performed on it, whereupon it is vulnerable to being accessed by an attacker that may have compromised the system. In any case, industry experts have long realised that software only solutions simply will not cut the mustard, since they can ultimately be compromised or bypassed in some way . Instead, security needs to be rooted in hardware capabilities that cannot be altered or disabled by malicious code.

There have already been attempts at building security into silicon . Intel platforms have had Trusted Execution Technology (TXT) for some time, while chips based on the ARM architecture have had its TrustZone technology for over a decade . Oracle also added Silicon Secured Memory (SSM) into it SPARC processors when the M7 was introduced. The main purpose of Intel TXT was and is to ensure a secure startup, verifying that low-level code such as an operating system kernel or hypervisor has not been compromised . But this is not a complete solution as it does not prevent malware or an attacker from compromising the system once it is up and running.

Oracle s SSM is part of the software-in-silicon capabilities built into newer SPARC chips, and is designed to guard access to blocks of memory by associating them with a version number . Code accessing the memory block must present the same version number, offering some protection against buffer overruns . But this might not prove much protection against a determined attacker that may have compromised the system, as explained by The Register1 at the time. What is required is some mechanism that can prevent access to data while it is being processed, even if an attacker has managed to penetrate the system . This is no trivial task, since a compromise of the software stack at the operating system or hypervisor level would enable an attacker to simply pluck data out of an application s memory space.

Perhaps the most ambitious move to address this problem is Intel s Software Guard Extensions (SGX), one of the new capabilities introduced to the Xeon server platform with the latest chips based on the Skylake architecture. SGX is designed to allow the creation of isolated and protected memory blocks within the server s memory space, inside which code can be placed in order to safely process sensitive data . These memory blocks are known as Trusted Execution Environments (TEEs) or alternatively as enclaves. To enable this, SGX provides a new privileged execution mode and several new instructions .

These are used at runtime to create an enclave and deploy the trusted code into it, before locking it down . Once created, the enclave memory region cannot be accessed by any other code, and functions inside the enclave can only be accessed via carefully controlled entry points. In principle, SGX is somewhat similar to ARM s TrustZone, but the latter simply divides the entire system into secure and non-secure environments, with hardware enforced separation between the two . SGX, in contrast, enables multiple applications to each have their own enclave for any portion of their code that deals with sensitive data . The upshot of this is that applications running on an SGX-enabled system are split into trusted and untrusted code, with the trusted code deployed in the enclave kept as small as possible in order to reduce the possibility of security vulnerabilities being introduced.

But the chief difference in how SGX differs from previous silicon-based security schemes is that the processor itself is the only hardware component that needs to be trusted . It does not require a Trusted Platform Module (TPM) as the root of trust or for attestation of code, for example, as TXT does. Theoretically, this should mean that SGX enclaves should be secure from prying even if the operating system, hypervisor, firmware, and even Intel s Management Engine2 have all been compromised by an attacker . This is a level of security that was not practical to achieve before chips with SGX became available. The first major outing for this technology is going to come from Microsoft .

In September, the firm announced its Azure cloud platform will be the first to support enclaves secured by Intel s SGX, using servers based on the latest Skylake Xeon processors. How this will ultimately be made available to customers has yet to be fully detailed by Redmond, but the firm said it intends to implement encryption-in-use for its Azure SQL Database service and SQL Server . Azure CTO Mark Russinovich also gave a demonstration of what this might look like at the firm s Ignite conference in September. The demo revolved around a sample HR application running queries against a cloud database with two columns – social security number and salary where the stored value was protected using the Always Encrypted feature . A Stored Procedure was deployed into an enclave then passed the encryption key over a secure channel so that it was able to process queries that reference the encrypted columns.

To date, Intel s SGX has had only limited traction, but Microsoft s Azure cloud is widely used by large enterprise firms, and seems likely to drive interest in this method for keeping data secure while it is being processed . If it proves a hit, we can expect to see it implemented in more platforms, both in the cloud and on-premise there is certainly scope for a technology that can keep data secure, even if malware has compromised the server your application is running on. No single security technology can ever be totally bulletproof .

As The Register reported earlier this year, researchers found a way to extract information from an SGX enclave3 using a fiendish side-channel attack .

However, such attacks can be mitigated if the rest of the platform is carefully designed, and SGX means that Intel s latest Xeon chips offer the best foundation currently available for a platform capable of keeping the most sensitive data secure.

Sponsored by Intel

Sponsored: Getting the most value from cloud phone systems4

References

  1. ^ The Register (www.theregister.co.uk)
  2. ^ Intel s Management Engine (www.theregister.co.uk)
  3. ^ extract information from an SGX enclave (www.theregister.co.uk)
  4. ^ Getting the most value from cloud phone systems (go.theregister.com)

Russian hackers targeted BT and British media organisations, says top security chief

  • 1/48 14 November 2017

    Four-time Olympic champion Sir Mo Farah after he was awarded a Knighthood by Queen Elizabeth II

    PA

  • 2/48 13 November 2017

    Restoration work continues on the Palace of Westminster

    Rex Features

  • 3/48 12 November 2017

    A veteran takes his hat off during the Remembrance Sunday Cenotaph wreathe laying ceremony

    REUTERS

  • 4/48 11 November 2017

    Members of the Western Front Association during a service at the Cenotaph to mark the Armistice Day

    EPA

  • 5/48 10 November 2017

    David Davis and Michel Barnier

    REUTERS

  • 6/48 9 November 2017

    Britain’s newly appointed Secretary of State for International Development, Penny Mordaunt, leaves Downing Street

    AP

  • 7/48 8 November 2017

    Priti Patel leaves number 10 Downing street through the back entrance

    EPA

  • 8/48 7 November 2017

    School children and their teacher from Thomas Tallis School look at pictures on display at the Red Star Over Russia exhibition at the Tate Modern in London

    Philip Toscano/PA

  • 9/48 6 November 2017

    A cast of The Wrestlers, two men taking part in the Greek sport pankration, is lowered into place at Natural Trust’s Stowe Landscape Garden near Buckingham

    PA

  • 10/48 5 November 2017

    Protesters in Trafalgar Square, London, during the Million Mask March bonfire night protest

    PA

  • 11/48 4 November 2017

    Protestors take part in the ‘Justice Now: Make it Right for Palestine’ march, organised by the Palestine Solidarity Campaign, in central London

    PA

  • 12/48 3 November 2017

    People queue outside an Apple store in London to purchase the new iPhone X upon its release in the U.K . The iPhone X is positioned as a high-end, model intended to showcase advanced technologies such as wireless charging, OLED display, dual cameras and a face recognition unlock system

    Getty

  • 13/48 2 November 2017

    British Prime Minister Theresa May greets Israeli Prime Minister Benjamin Netanyahu outside 10 Downing Street in London . The pair are today celebrating the centenary of a British declaration that ultimately led to the foundation of the state of Israel

    Getty

  • 14/48 1 November 2017

    Mammatus clouds over St Mary’s Lighthouse in Whitley Bay, Northumberland

    Owen Humphreys/PA

  • 15/48 31 October 2017

    Women protest outside Downing Street as they join a demonstration demanding rights for working mothers

    Getty Images

  • 16/48 30 October 2017

    England’s under 17’s pose with the World Cup trophy as they arrive back to the UK

    PA

  • 17/48 29 October 2017

    Leicester City remembrance day fixture between between Leicester City and Everton at King Power Stadium

    Plumb Images/Leicester City FC via Getty Images

  • 18/48 27 October 2017

    Spiderman steals a seat on the Iron Throne from Game of Thrones at MCM London Comic Con’s opening day

    Rex Features

  • 19/48 26 October 2017

    British fashion designer Vivienne Westwood holds up a paper against the governments policy on fracking outside Downing Street in London

    AFP/Getty

  • 20/48 24 October 2017

    Members of a delegation of indigenous and rural community leaders from 14 countries in Latin America and Indonesia, The Guardians of the Forest campaign, demonstrate against deforestation in London during a stop on their way to the United Nations Framework Convention on Climate Change (UNFCCC) Conference of the Parties 23 (COP 23) in Bonn, Germany

    Tolga Akmen/AFP/Getty

  • 21/48 23 October 2017

    Gemma Davis, 23, cleans the dolls’ house during it’s annual clean at the National Trust’s Calke Abbey property, in Ticknall, Derbyshire . The dolls’ house was used by the family’s various generations of children between 1860 and the Second World War in their school room

    PA

  • 22/48 18 October 2017

    Prince William and Kate chat with West Ham player Mark Noble and manager Slaven Bilic during the Coach Core graduation ceremony

    Getty Images

  • 23/48 17 October 2017

    Jellyfish washed up on Sidmouth beach after storm Ophelia hit the UK

    Getty Images

  • 24/48 16 October 2017

    A red sun appears in Mid-Wales before storm Ophelia hits

    Paul Williams / Alamy Live News

  • 25/48 15 October 2017

    The Duchess of Cambridge dances with Paddington Bear as they attend a charities forum event at Paddington train station in London on October 16, 2017 . The Duke and Duchess of Cambridge and Prince Harry joined children from the charities they support on board Belmond British Pullman train at Paddington Station . The event was hosted by STUDIOCANAL, with support from BAFTA through its BAFTA Kids programme, and before embarking Their Royal Highnesses met the cast and crew from the forthcoming film Paddington 2

    AFP/Getty Images

  • 26/48 15 October 2017

    Large waves crash along sea defences and the harbour as storm Ophelia approaches Porthleven in Cornwall, south west Britain

    REUTERS

  • 27/48 14 October 2017

    Hillary Clinton gives a speech as she is presented with a Honorary Doctorate of Law at Swansea University in Swansea, Wales . The former US secretary of state and 2016 American presidential candidate is also visiting the UK to promote her new book, ‘What Happened’

    Matthew Horwood/Getty

  • 28/48 13 October 2017

    A lone protestor demonstrates outside Workmen Cuadrilla’s shale gas fracking drilling rig near Westby in Blackpool . Engineers have begun to build the new rig at the site off Preston New Road in preparation for extracting gas . The site will be the first in the UK to extract shale gas since 2011

    Getty

  • 29/48 11 October 2017

    Photographs of missing Syrians are displayed as people, including a group of Syrian women, stand atop a double-decker bus during a demonstration by ‘Families for Freedom’ in Parliament Square in London

    Getty

  • 30/48 9 October 2017

    Workmen erect scaffolding around the Elizabeth Tower, commonly known called Big Ben, during ongoing renovations to the Tower and the Houses of Parliament

    AFP/Getty

  • 31/48 6 October 2017

    An order of service is carried ahead of the funeral service for Coronation Street actress Liz Dawn, real name Sylvia Ann Ibbetson, outside Salford Cathedral .

    A former Woolworths shop girl from Leeds, who first set foot on Weatherfield’s famous cobbles in 1974, Dawn, who had four children, died peacefully last week at home with her family around her. PA

  • 32/48 5 October 2017

    Melanie Kramers of Oxfam poses while wearing a mask of Foreign Secretary Boris Johnson, with assorted props used in political campaigns, in the store room at Oxfam’s headquarters in London . The props have all been used in the charity’s campaigns over the years to raise awareness of issues affecting people in poverty . Today marks 75 years since Oxfam’s founding in the middle of the Second World War

    Getty

  • 33/48 4 October 2017

    A visitor poses in front of an art work by Czech Repblic artist Anna Hulacova entitled ‘Ascension Mark I’ during a photocall for the Frieze Art Fair in London

    AFP/Getty

  • 34/48 2 October 2017

    Britain’s Chancellor of the Exchequer Philip Hammond arrives to speak at the Conservative Party’s conference in Manchester

    Reuters/Hannah McKay

  • 35/48 1 October 2017

    Protesters holding flags and placards demonstrate along Oxford Street during the annual Ashura march in London . Thousands of protesters march through London today to mark Ashura and celebrate the defeat of the Islamic State in Iraq and Syria . Ashura is a Muslim festival of remembrance that falls on the tenth day of Muharram in the Islamic calendar

    Jack Taylor/Getty

  • 36/48 30 September 2017

    Protesters hold up placards during the London March for Choice, calling for the legalising of abortion in Ireland after the referendum announcement, outside the Embassy of Ireland in central London

    Chris J Ratcliffe/AFP

  • 37/48 29 September 2017

    Former UKIP leader Paul Nuttall (C) speaks with delegates at the UKIP annual conference being held at the The Riviera International Centre in Torquay

    Matt Cardy/Getty

  • 38/48 27 September 2017

    England and West Indies fans enjoy themselves during the 4th Royal London One Day International between England and West Indies at The Kia Oval in London

    Mike Hewitt/Getty

  • 39/48 26 September 2017

    Labour Leader Jeremy Corbyn takes photographs during Shadow Secretary of State for Business, Energy and Industrial Strategy Rebecca Long-Bailey’s speech in the main hall, on day three of the annual Labour Party Conference in Brighton

    Dan Kitwood/Getty Images

  • 40/48 24 September 2017

    Naked bathers enter the water as they take part in the North East Skinny Dip at Druridge bay in Druridge, England . The popular annual event takes place around the autumn equinox at Druridge Bay as the sun rises .

    Participant registration fees have been pledged to the mental health charity MIND. Getty

  • 41/48 23 September 2017

    Rollo Maughfling, Archdruid of Stonehenge and Britain (R) conducts a ceremony as druids, pagans and revellers gather in the centre at Stonehenge, hoping to see the sun rise, as they take part in a autumn equinox celebrations at the ancient neolithic monument of Stonehenge near Amesbury in Wiltshire, England . Several hundred people gathered at sunrise ar the famous historic stone circle, a UNESCO listed ancient monument, to celebrate the equinox which is a specific moment in time that occurs twice a year when the Earth tilts neither towards (summer) or away (winter) from the sun in either the northern or southern hemisphere . Although yesterday marked the actual meteorological calendar change from summer to autumn, for druids, the following dawn is when they celebrate ‘the dawning of the new season’ following the day of equal night, which it is named after. Getty

  • 42/48 22 September 2017

    Britain’s Prime Minister Theresa May delivers her Brexit speech at the Complesso Santa Maria Novella in Florence, Italy .

    British Prime Minister Theresa May will seek to unlock Brexit talks on September 22, after Brussels demanded more clarity on the crunch issues of budget payments and EU citizens’ rights

    AFP

  • 43/48 21 September 2017

    People protest against the actions of the Spanish government in front of the Spanish consulate in Edinburgh . Spanish police stormed ministries and buildings belonging to Catalonia’s regional government yesterday, in an attempt to try and put a stop to the region’s independence referendum

    Pep Masip/Alamy

  • 44/48 20 September 2017

    One of the final 55m turbine blades is manoeuvred into position . The last of 116 wind turbines have been installed at the Rampion Offshore Wind Farm 13 kms off the Brighton Coast . It will provide enough electricity to supply the equivalent of half the homes in Sussex

    Mike Hewitt/Getty Images

  • 45/48 16 September 2017

    An armed police officer patrols in Horse Guards Parade in London . An 18-year-old man has been arrested in Dover in connection with yesterday’s terror attack on Parsons Green station in which 30 people were injured . The UK terror threat level has been raised to ‘critical’

    Jack Taylor/Getty Images

  • 46/48 13 September 2017

    Demonstrators hold banners during a protest to lobby MPs to guarantee the rights of EU citizens living in the UK, after Brexit, outside the Houses of Parliament

    Tolga Akmen/AFP

  • 47/48 12 September 2017

    Rupert van der Werff, Summer Place Auctions’ Natural History specialist, moves a one-year-old baby mammoth skeleton at Summers Place Auctions on September 12, 2017 in Billingshurst . A family of four mammoths, found together during building works near the Siberian city of Tomsk in 2002, will be on sale on November 21, 2017, and are expected to sell in the region of 250,000 – 400,000

    Rob Stothard/Getty Images

  • 48/48 11 September 2017

    Members of the Royal Navy carry supplies on board the amphibious assault ship HMS Ocean at the Naval Base in Gibraltar before leaving to provide humanitarian assistance and vital aid to British Overseas Territories and Commonwealth partners affected by Hurricane Irma .

    Britain has pledged 32 million (35 million euros, $42 million) in aid and sent hundreds of troops, supplies and rescue equipment on several flights to the British territories in the Caribbean since the disaster

    JORGE GUERRERO/AFP/Getty Images

  • After massacre, Las Vegas police beef up marathon security

    LAS VEGAS (AP) Las Vegas is posting snipers and surrounding tens of thousands of runners with other safety measures at a weekend marathon, the first large-scale outdoor event since a gunman killed 58 people at a country music festival. Police have beefed up security and tweaked their original safety plan for the annual event that starts on the Las Vegas Strip . Some participants say they will be running Sunday to stand up to evil .

    About 350 officers will be working to protect the runners as they pass by world-famous high-rise casino-hotels and the crime scene. “We’ve made a few changes, some subtle things,” Capt . Andrew Walsh said. “Obviously, the threat of a sniper attack is something that we know can happen . So, we added some counter-sniper surveillance posts along the route.” A high-stakes gambler and real estate investor killed 58 people and injured hundreds more on Oct .

    1 after shattering the windows of his hotel suite and unleashing gunfire on the Route 91 Harvest music festival below . From the 32nd floor of the Mandalay Bay casino-hotel, Stephen Paddock had an unobstructed view to rain bullets on the crowd, who had few places to hide.

    The police helicopter unit will be circling throughout the Rock ‘n’ Roll Marathon, set to begin just before sunset Sunday . Police also will have bomb-sniffing dogs. Semi-trucks, dump trucks, buses and other large city vehicles will be positioned at key intersections to try to prevent anyone from driving onto the course, Walsh said, following recent attacks in the U.S . and abroad in which vehicles have plowed into crowds.

    He acknowledged that the event presents a huge challenge to police and encouraged casino employees, visitors and others to alert authorities of anything suspicious . Security checkpoints will be set up for the Sunday races a marathon, half marathon and 10K and a Saturday 5K and concert. “With all the things that we’ve seen happen in the world, whether it’s in Texas at a church, whether it is in New York City on a bike path, or whether it’s here at a concert, the vulnerabilities that exist and try to predict and prevent each and every one of those is a tremendous challenge,” Walsh said.

    Organizers moved events away from the scene of the massacre . The concert, typically held at the outdoor venue where the shooting took place, was shifted miles north, across from the SLS hotel. The start of the marathon, usually outside Mandalay Bay, was moved a mile north to the front of the New York-New York casino-hotel .

    The race has always featured live bands every mile, but on Sunday, the first 2 miles when runners will go by the crime scene twice will be silent. Spokesman Dan Cruz said that will serve as an extended moment of silence. “Running the marathon symbolizes miles of grit, determination; these are driven athletes, who know all about adversity,” he said. “So, for them, it’s the perfect event to help Las Vegas bounce back.”

    Cruz said less than 50 people canceled, transferred or deferred their participation, and people still registered after the shooting. Judy Mace is among the 24,000 people who will run the half marathon . As she picked up her race package Thursday at a convention center, the Orlando, Florida, resident said she never considered canceling and is not concerned about her safety.

    “After going through the Pulse shooting in Orlando, you just get angry,” said Mace, 68. “They’re not going to do this to us . We will not back down . People asked me in Orlando, ‘Why are you going ?

    It’s probably dangerous.’ I said ‘No . I’m fine.'” ___

    Follow Regina Garcia Cano on Twitter at https://twitter.com/reginagarciakNO .