National lab cracks big data security problem
- By Susan Miller
- Apr 26, 2018
Lawrence Livermore National Laboratory is looking for a partner to help further develop and commercialize its method for securely processing protected data in high-performance computing clusters.
With the growing demand for big data analysis and improvements in hardware, researchers have been running large-scale simulations in HPC and cloud environments. The lab saw the need for a way to secure data in high-performance computing centers and in cloud environments so that it could meet regulatory and privacy requirements.
Traditional HPC systems run their simulation and analysis tasks across hundreds or thousands of compute nodes that work together. Many users' jobs can run simultaneously, and the user need not be present when the job is launched on the cluster. Basic cybersecurity, on the other hand, requires user authentication, access control, encryption of data at rest and in transit, audits of sensitive data and secure management of encryption keys and logs.
Traditional encryption tools protect the data directly, which makes the information unavailable to the user. If the user wants to work with the data, it cannot be encrypted. Today's approaches to encryption in HPC clusters require significant changes to the operational environment, and only partially solve the problem.
Researchers at LLNL figured out how to process protected data on HPC systems with a minimal impact on the existing environment. The solution can be managed locally, scales to very large data sets and is compatible with unencrypted processing, meaning both encrypted and unencrypted jobs can run on the cluster simultaneously. It also protects against leaks between information domains and can work across organizational boundaries with compatible systems.
Because the system can be used to protect HPC storage, transport and processing of sensitive data, the lab expects it will be useful across a wide range of industries. The solution could even be used by "mutually distrustful parties" collaborating on specific tasks, LLNL officials said, because it allows the users to perform a specific software process without revealing either party's input data.
LLNL said it has filed for patent protection and has a copyright on the prototype code. More information is available here.
Susan Miller is executive editor at GCN.
Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.
Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.
Connect with Susan at email@example.com or @sjaymiller.