Gidauniyar Linux ta Sanar da Consungiyar putididdigar identididdigar Sirri

Gidauniyar Linux ta sanar kafuwar Ididdigar putididdigar Confididdiga, wanda makasudin sa shine haษ“aka fasaha da buษ—aษ—ษ—un ฦ™a'idodin da suka danganci amintaccen sarrafa bayanai a ฦ™waฦ™walwar ajiya da lissafin sirri.

Kamfanoni irin su Alibaba, Arm, Baidu, Google, IBM, Intel, Tencent da Microsoft sun riga sun shiga aikin saita, wanda aka tsara don haษ“aka haษ—in fasaha don keษ“ance bayanai a cikin ฦ™waฦ™walwar ajiya yayin lissafi a wani tsaka tsaki. Babban burin shine samar da kudade don kula da dukkanin tsarin sarrafa bayanai a cikin rufaffen tsari, ba tare da nemo bayanai a bude ba a wasu matakai.

Bukatun na consortium galibi sun haษ—a da fasahar da ke da alaฦ™a da amfani da bayanan ษ“oye a cikin tsarin lissafi, watau amfani da keษ“aษ“ษ“un enclaves, ladabi don sarrafa lissafi da yawa, magudi na ษ“oyayyen bayanai a ฦ™waฦ™walwa da cikakken keษ“ewar bayanai a cikin ฦ™waฦ™walwa (misali, don hana mai gudanarwa-tsarin mai gudanarwa damar isa ga bayanai cikin ฦ™waฦ™walwar ajiyar tsarin baฦ™o).

An gabatar da wadannan ayyukan don ci gaba mai zaman kansa a matsayin ษ“angare na Consididdigar putididdigar identwarewar Sirri:

  • Intel ta ษ—auki matakin ci gaba da haษ“aka haษ—in gwiwa na abubuwan da aka buษ—e a baya don amfani da fasaha SGX (Protectionarin kariyar software) akan Linux, ciki har da SDK tare da saitin kayan aiki da dakunan karatu.

    SGX yana ba da shawarar yin amfani da umarnin sarrafa keษ“aษ“ษ“en masarufi wanda aka saita don ware keษ“aษ“ษ“un wuraren ฦ™waฦ™walwar ajiya masu amfani zuwa aikace-aikacen matakin mai amfani waษ—anda ษ“oyayyen abun cikin su kuma ba za a iya karanta su da gyaggyara su ba koda da kwaya da lambar da aka aiwatar a cikin yanayin. ring0, SMM da VMM.

  • Microsoft ya gabatar da tsarin Open Enclav, que le ba da damar ฦ™irฦ™irar aikace-aikace don gine-gine daban-daban TEE (Amintaccen Yanke Yanke Yanayi) ta amfani da API guda ษ—aya da wakilci mara misaltuwa na rashi. Aikace-aikacen da aka shirya ta amfani da Open Enclav na iya gudana akan tsarin tare da aiwatarwa da yawa. Daga TEE, a halin yanzu Intel SGX kawai ke tallafawa.
    Ana ฦ™irฦ™irar lambar don tallafawa ARM TrustZone. Ba a bayar da rahoton Tallafi don Keystone, AMD PSP (Platform Security Processor) da AMD SEV (Tsare Sirrin Kariyar Sirri).
  • Red Hat ya ba da aikin Enarx, wanda ke ba da takaddar ษ“oye don ฦ™irฦ™irar aikace-aikacen duniya don gudana a cikin keษ“aษ“ษ“u waษ—anda ke tallafawa wurare masu yawa na TEE, waษ—anda ba su da haษ—in gine-ginen kayan aiki, kuma suna ba da izinin amfani da harsunan shirye-shirye da yawa (ta amfani da lokacin tafiyar WebAssembly). Aikin yanzu yana tallafawa fasahar AMD SEV da Intel SGX.

Daga cikin irin ayyukan da ba a kula da su ba, ana iya kiyaye su tsarin Asylo, wanda injiniyoyin Google suka haษ“aka, amma ba shi da izini na hukuma na Google.

Tsarin yana sauฦ™aฦ™a daidaita aikace-aikacen don matsar da wasu ayyukan da ke buฦ™atar babbar kariya zuwa gefen shimfidar kariya. Daga cikin kayan keษ“ewar kayan masarufi a cikin Asylo, Intel SGX ne kawai ke tallafawa, amma ana samun wadataccen tsarin kayan aikin komputa mai amfani da software.

 TEE (Amintaccen Yanayin kashewa) yana nuna cewa mai sarrafawa yana ba da keษ“aษ“ษ“en yanki, wanda ke ba shi damar ษ—aukar ษ“angarorin ayyukan aikace-aikacen da tsarin aiki a cikin wani yanayi na daban, abun cikin ฦ™waฦ™walwar ajiya da lambar aiwatarwa a cikin abin da ba za a iya samun damar daga mai masaukin, ba tare da la'akari da irin damar da ake da ita ba.

Don aiwatar da shi, nau'ikan algorithms na ษ“oyewa, ayyuka don sarrafa maษ“allan sirri da kalmomin shiga, hanyoyin tabbatarwa, da lambar don aiki tare da bayanai masu mahimmanci za a iya matsar da su.

Idan akwai tsarin daidaitawar rundunar, maharin ba zai iya tantance bayanan da aka ajiye a cikin kewayen ba kuma za'a iyakantashi ne kawai ta hanyar aikace-aikacen waje.

Amfani da kayan tallafi na kayan masarufi ana iya ษ—auka azaman madadin yin amfani da hanyoyin ษ“oyayyen ษ“oye na homomorphic ko ladabi na lissafin sirri don kare lissafi, amma Ba kamar waษ—annan fasahohin ba, haฦ™ฦ™in mallaki ba shi da tasirin tasiri na lissafi tare da bayanai masu mahimmanci kuma yana sauฦ™aฦ™e haษ“akawa.

Source: https://www.linuxfoundation.org


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel รngel Gatรณn
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.