As migration to The Cloud seems inevitable, tech for decoupling trust into platforms from trust into platform owners will become increasingly important (at least for us, users). TEE-based tech, e.g. Intel SGX, is one approach, but has problems on its own. Are there alternatives?
-
Show this thread
-
One alternative is compiler-based code obfuscation. The advantage is we're not moving trust from one 3rd party (i.e. platform owner) to another 3rd party (i.e. processor vendor). Obvious problem: it is always(?) breakable, so could only provide cost-based guarantees...?
5 replies 1 retweet 15 likesShow this thread -
Speaking of which - what different levels of trust guarantees would you expect from a software/compute platform? E.g.: Level 1: availability Level 2: integrity (i.e. verbatim execution of user payloads) Level 3: confidentiality (i.e. no snooping) ?
9 replies 4 retweets 19 likesShow this thread
1-2 are satisfiable just by using multiple hosting providers and having fallback and consensus protocols, no? 3 is the difficult one.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.