PrivateCore
   HOME

TheInfoList



Click Here for Items Related To - PrivateCore
OR:
PrivateCore on:   [Wikipedia]   [Google]   [Amazon]

PrivateCore is a venture-backed startup located in
Palo Alto, California Palo Alto (; Spanish for "tall stick") is a charter city in the northwestern corner of Santa Clara County, California, United States, in the San Francisco Bay Area, named after a coastal redwood tree known as El Palo Alto. The city was es ...
that develops software to secure server data through server attestation and memory
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...
. The company's attestation and memory encryption technology fills a gap that exists between “ data in motion” encryption ( TLS,
email encryption Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication. Email is prone to the disclosure of information. Most emails a ...
) and “ data at rest” encryption (
disk encryption Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that g ...
, tape encryption) by protecting “
data in use Data in use is an information technology term referring to active data which is stored in a non-persistent digital state typically in computer random-access memory (RAM), CPU caches, or CPU registers. Scranton, PA data scientist Daniel Allen in 19 ...
” ( random access memory). PrivateCore memory encryption technology protects against threats to servers such as
cold boot attack In computer security, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer's random-access memory (RAM) b ...
s, hardware
advanced persistent threat An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may ...
s,
rootkits A rootkit is a collection of software, computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence o ...
/bootkits, computer hardware supply chain attacks, and physical threats to servers from insiders. PrivateCore was acquired by Facebook (now Meta Platforms) on 7 August 2014.


History

PrivateCore was founded in 2011 by security veterans from
VMware VMware, Inc. is an American cloud computing and virtualization technology company with headquarters in Palo Alto, California. VMware was the first commercially successful company to virtualize the x86 architecture. VMware's desktop software ru ...
and
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
with
seed funding Seed money, sometimes known as seed funding or seed capital, is a form of securities offering in which an investor invests capital in a startup company in exchange for an equity stake or convertible note stake in the company. The term ''seed'' su ...
from
Foundation Capital Foundation Capital is a venture capital firm located in Silicon Valley. The firm was founded in 1995, and in 2012 managed more than $2.4 billion in investment capital. History Foundation Capital was founded in 1995. The firm raised its sevent ...
.Angellist, PrivateCore, June 6, 2012: "PrivateCore"
/ref> PrivateCore “virtualizes” physical security and enables service providers and enterprises deploy servers processing sensitive data in outsourced environments while maintaining security around data in use.Dark Reading, Robert Lemos, January 31, 2013:"The Physical Security Factor With Cloud Providers"
/ref> The company's memory encryption technology has been spurred by a number of industry trends including the increasing sophistication of hackers, a larger number of servers in outsourced environments, larger amounts of sensitive data being placed in persistent memory, and
x86 virtualization x86 virtualization is the use of hardware-assisted virtualization capabilities on an x86/x86-64 CPU. In the late 1990s x86 virtualization was achieved by complex software techniques, necessary to compensate for the processor's lack of hardware-as ...
technology which can increase the environment attack surface. PrivateCore was acquired by
Facebook Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dustin Mosk ...
, a deal that was announced on 7 August 2014.Reuters, Kurt Wagner, August 7, 2014:"Facebook Acquires Security Startup PrivateCore to Better Protect Its Data Centers"
/ref>TechCrunch, Sarah Perez, August 7, 2014:"Facebook Buys Secure Server Technology Provider PrivateCore"
/ref>


Technology

PrivateCore's focus is securing data-in-use on
x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel based on the Intel 8086 microprocessor and its 8088 variant. The 8086 was intr ...
servers. The company has taken advantage of recent microprocessor innovations including larger microprocessor caches and hardware cryptographic acceleration technology that enable more effective methods of encrypting memory while maintaining acceptable application performance. The technology approach goes beyond previous academic research efforts such as TRESOR. PrivateCore assumes that the only element that need be trusted in a system is the Central Processing Unit (CPU). The firm uses
Trusted Platform Module Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a ...
(TPM) chips and Intel
Trusted Execution Technology Intel Trusted Execution Technology (Intel TXT, formerly known as LaGrande Technology) is a computer hardware technology whose primary goals are: * Attestation of the authenticity of a platform and its operating system. * Assuring that an authent ...
(Intel TXT) to provide remote server attestation. PrivateCore also supports the cryptographic hardware acceleration provided by Intel
AES-NI An Advanced Encryption Standard instruction set is now integrated into many processors. The purpose of the instruction set is to improve the speed and security of applications performing encryption and decryption using Advanced Encryption Standard ...
technology. PrivateCore technology is positioned as being most applicable to outsourced or hosted environments where the enterprise cannot have trust in the compute infrastructure.StartUpBeat, StartUpBeat Editor, June 25, 2012:"PrivateCore has built a private computing platform that gives users a high level of data security, online or off"
/ref>


Products

The PrivateCore vCage product portfolio comprises vCage Manager and vCage Host. vCage Manager validates the integrity of
x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel based on the Intel 8086 microprocessor and its 8088 variant. The 8086 was intr ...
servers running Linux as well as the vCage Host. vCage Host installs on bare-metal servers and provides a hardened hypervisor based on KVM that can secure server random access memory (RAM) with AES encryption. vCage Host does this by loading a secure hypervisor into CPU cache and acting as a gateway to encrypt memory paging in and out between the CPU cache and RAM. vCage memory encryption leverages the KVM hypervisor but also has the potential to support other hypervisors. vCage Host supports existing KVM management tools. vCage supports a number of use cases including creating
OpenStack OpenStack is a free, open standard cloud computing platform. It is mostly deployed as infrastructure-as-a-service (IaaS) in both public and private clouds where virtual servers and other resources are made available to users. The software pl ...
trusted computing pools as well as protecting x86 servers in co-location and bare-metal cloud environments. vCage Manager and vCage Host became generally available on 11 February 2014.GCN, John Moore, March 12, 2014:"How to lock down data in use -- and in the cloud"
/ref>


References


External links

* {{Official website, http://www.privatecore.com
Physical Privilege Escalation and Mitigation in the x86 World
talk given by the founders at CanSecWest 2013 Computer security companies Cryptography Companies based in Palo Alto, California Software companies established in 2011 2014 mergers and acquisitions Software companies based in the San Francisco Bay Area 2011 establishments in California Software companies of the United States