Where Security Meets High Performance Computing Sponsored Content by Dell EMC
As its power increases and its cost declines, High Performance Computing (HPC) is making an impact on the security field. The ability to use parallel processing to run at speeds of a teraflop or higher is now contributing to improved security in airports, online and elsewhere. At the same time, HPC itself creates a number of new security risks for organizations that employ it. This article looks at HPC’s impact on security. It also explores HPC’s own vulnerabilities and discusses how new solutions from Dell EMC and Intel help address them.
The Impact of HPC on Security
HPC has the potential to improve security on both physical and digital fronts. With airport security, for example, HPC makes it possible to analyze and correlate vast amounts of disparate data in a rapid time cycle. An HPC-assisted airport security system is able to compare results from facial recognition systems, other video input, flight data, “watch list” data and threat intelligence sources to identity security risks as they arise. It would be impossible for a person to put all these data sources together manually, nor would it even be feasible with standard computers. It’s early in the lifecycle for these sorts of HPC-driven physical security technologies, but its drivers include lower cost, higher-performing HPC clusters along with advances in APIs and integration.
The finance world presents another example of HPC’s applicability for security and crime prevention. Just as HPC can be used for high-frequency stock trading, the technology can also be put to work detecting a number of fraudulent trading practices. Trading irregularities like “front running,” where a financial institution trades on its own account ahead of its clients, can be extremely hard to detect in a busy trading environment. False positives abound. HPC gives fraud analysts and compliance managers sharper tools to use in the kind of sophisticated pattern recognition it takes to identity true fraud and distinguish it from other trades occurring simultaneously.
Online security benefits from HPC as well. Like the airport, a large social site, for example, may have tens of millions of people interacting with one another at any given moment. Most likely, 99.999% of these interactions are completely innocent. Yet, as we have seen, there are some situations where predatory interactions occur online but escape detection. HPC gives social networks and other online venues the ability to analyze interactions and profiles quickly enough to block harmful or illegal activity.
Security Issues in HPC
The nature of HPC as well as the settings it’s used in expose it to a variety of security risks. For one thing, when HPC is a key part of a security system, like in the airport scenario, HPC becomes a high profile target of attack. Other risks arise from the following factors:
- Openness – HPC is often used in scientific research and government settings. In a research institution like a university, there may be fewer controls over system access as well as back-end administrative access. Data sources may not be as well governed or secured as they might be in a private enterprise. Alternatively, the system may be accessible by people from multiple entities, given the open and sharing spirit of much research.
- Distributed data sources – Security in “big data” is related to security for HPC, as the two technologies overlap much of the time. The creation of “data lakes” used in big data, powered by HPC, may not have adequate security controls in place. Reasons for these deficiencies vary, but they often emerge from an ad-hoc creation of a data repository, perhaps from multiple sources. A research project might, for example, merge data streams from inputs as diverse as weather reporting, financial markets, device logs, geological instruments and so forth.
- Clusters – HPC environments are typically clustered, an architecture which exposes them to multiple risks. Given their generally heterogeneous nature, clustered HPC systems may require multiple management systems to operate. This can slow down the implementation of security policies and processes like security patch management – with vulnerabilities un-remediated as a result.
Mitigating HPC Risk at the Hardware Level
Dell EMC and Intel have devised numerous countermeasures to protect against HPC security risks. Dell EMC PowerEdge servers embed new hardware and system-level security features. They make it possible to recover to a trusted base in the event of a breach. PowerEdge servers are also designed to prevent unauthorized or inadvertent changes to their configurations through System Lockdown. An industry-first, System Lockdown prevents security-weakening changes to an HPC system’s administrative backend.
Other Dell EMC security features like SecureBoot, BIOS Recovery capabilities, signed firmware and iDRAC RESTful API (compliant with Redfish standards) provide further cyber protections. Dell EMC System Erase ensures data privacy by quickly and securely erasing user data from drives or wiping all non-volatile media when an HPC system is retired.
Intel processors form basis for robust, vulnerability-resistant platforms. Security features are embedded in each processor, including the “Skylake” family of processors which are used in Dell EMC HPC solutions. These include Intel® Identity Protection Technology, Intel® Advanced Encryption Standard New Instructions (Intel® AES–NI) and Intel® Trusted Execution Technology.
As new HPC capabilities transform the security field, the technology also exposes organizations to new security risks. Common HPC traits like openness, clusters and distributed data sources create potential vulnerabilities for data breaches. Defending HPC requires a multi-layered approach. The hardware itself, however, should play a key role in mitigating HPC security risks. Dell EMC PowerEdge addresses this need by offering servers and processors with built-in security capabilities. It’s a never-ending, constantly evolving task. Dell EMC is committed to working with the HPC community to devise security solutions for HPC environments.