Engineering

Tightening Cloud Computing Security

Imagine sharing a backyard with your neighbor. Security concerns would abound, from unwanted visitors to missing tools and unruly pets.

Sheng Wei, assistant professor of computer science and engineering, said the perils of a shared backyard illustrate potential security challenges of a high-speed computing platform: the CPU-FPGA hybrid, an architecture that boosts cloud computing’s speed.

He’s tightening security with a $496,940 Faculty Early Career Development Program award, the National Science Foundation’s prestigious award for outstanding pre-tenure faculty.

In CPU-FPGA systems, the computer’s brain – its CPU – is placed alongside a field-programmable gate array – the FPGA – a customizable hardware chip. Together, these “neighbors” accelerate performance, with the CPU outsourcing tasks to the FPGA.

But this communication creates a vulnerable “shared yard” that attackers can exploit, wreaking havoc on cloud computing applications such as medical image processing and scientific computing.

To stymie attacks, Wei is building a hardware “fence” that physically separates CPU-FPGA components into secure and nonsecure domains. A secure agent embedded in the secure domain thwarts malicious communications between the domains.

He’s also developing a programming tool that automatically slices secure versus nonsecure information, easing the burden for developers. It’s the first of its kind for a CPU-FPGA system.

To test his technologies, Wei partners with Adobe Research, Visa Research and Nebraska’s Holland Computing Center.