Tuesday, March 20, 2012

[gfmmvtwm] Memory only hosting

A hosting provider offers servers with no hard drives.  In the event of a physical breach (e.g., subpoena), there are no hard drives to steal.  Must avoid hard drive backed virtual memory (swap), too.

Various proximity and intrusion sensors quickly wipe sensitive RAM memory (avoiding the cold boot attack).

Data is stored at a separate site (encrypted) and manually reloaded into memory whenever necessary.  This will be inconvenient but is the price to pay for security.

There's a bit of a devilish detail of how to initialize the cryptography: after a server wipe, how do you reestablish a secure connection to a blank slate server?  Perhaps it automatically reinstalls an OS and the hosting provider tells you the new SSH key.

No comments :