Rebuilding Bloombase Data-at-Rest Security with NVIDIA DPUs and GPUs

Bloombase
6 min readApr 24, 2023

--

Sean Xiang, CEO, Bloombase
Ash Bhalgat, Sr. Director, Cloud, Telco & Cybersecurity Market Development, NVIDIA

This week at the RSA Conference, Bloombase is proud to announce the general availability (GA) of their latest StoreSafe Intelligent Storage Firewall release, accelerated by the NVIDIA BlueField data processing unit (DPU) and NVIDIA DOCA software framework. StoreSafe is designed and purpose-built for the next generation software-defined hardware-accelerated data centers using DPUs for efficiency and acceleration of storage workloads. We want to share with you, our partners and customers, this collaboration and the results we have achieved working with NVIDIA technology. Why did we choose to focus on flash storage use cases? Why post-quantum cryptography (PQC)? And finally, how did being a member of the NVIDIA Inception Program for startups help Bloombase?

With that in mind, we will take a closer look at the challenges facing data security and protection in today’s digital world in the following sections, and how Bloombase is addressing these with NVIDIA’s new data center and AI technologies.

Big AI, Big Data

In recent years, the public’s interest in conversational generative AI platforms, like OpenAI’s ChatGPT and Google’s Bard and image generation services like OpenAI Dall-E and Midjourney, has skyrocketed. While these platforms have provided us with unparalleled productivity and fun, they also pose data security threats that are often overlooked. The amount of sensitive data that these AI platforms have generated could well be prime targets for cyber threats and data breaches, let alone valuable digital assets created by the generative AI that are regarded as “crown jewels”.

Generative AI has the potential to revolutionize many aspects of our lives, including the way we create, invent, and do business. With its ability to learn and understand at an unprecedented level, generative AI could help us discover new drugs, design new polymers, develop new software, invent new algorithms, automate business operations and much more. Microsoft’s latest launched 365 Copilot feature is doing just that: providing human-like assistance for their Office tools and business applications on their Power Platform.

What this means is that the information generated will no longer be limited to trivial or amusing content: the cat with Holi colors or Pope Francis in a white puffer, but will also include valuable and groundbreaking discoveries, such as new medical formulae that could be worth billions of dollars, songs that top the chart on Spotify, movies that would become blockbusters, or innovative business processes that could turn a business from loss to profit.

High Speed Everything: Compute, Network, Storage

With the realization of AI, we will see rapid expansion of labor force and creative capacity, reaching levels that are ten, a hundred, or even a thousand times greater than what currently exists on planet Earth. This would lead to a substantial increase in the amount of information produced, which, in turn, would have a profound impact on how the data are exchanged and stored.

As the digital universe continues to expand at an unprecedented rate, there is an urgent requirement for high-capacity data storage and high-speed access than ever before. Furthermore, the emergence of high-speed storage technologies, such as Terabit Ethernet and all-flash arrays (AFAs), has only compounded this challenge, as organizations must now contend with the need to manage and secure faster and ever-growing data storage systems.

The Impossible Data Classification

This explosion of digital data also presents a significant challenge for organizations, as they struggle to keep up with the volume and complexity of the data they generate and store. The pace of data generation is expected to far exceed what human beings could review and organize through manual data discovery and classification.

Adding to this challenge is the lack of knowledge of the sensitivity of the data, making it difficult to determine the appropriate level of access clearance and protection. Even if one has enough staffing to manually classify the data, it would create an even bigger loophole from data privacy’s standpoint. This is because once data has been seen by a human, it cannot be unseen, and the data is perpetually leaked and no longer truly secure.

Why Quantum-safe Cryptography?

Quantum computers have the potential to break many of the existing cryptographic algorithms that are used to protect data, including those that are widely used for secure communication, such as RSA and elliptic curve cryptography (ECC). Quantum computers can solve certain mathematical problems much faster than classical computers, making them more effective at breaking cryptographic codes.

The National Institute of Standards and Technology (NIST) has been developing Post-Quantum Cryptography (PQC) standards to provide cryptographic algorithms that will withstand attacks from quantum computers. NIST finalized the list of PQC algorithm candidates in 2022.

Experts expect there will be a rise in “steal now, crack later” attacks, which aim to steal data encrypted by traditional encryption cipher algorithms now and then use brute force or other cracking methods to decipher the stolen information at a later time by use of quantum computers.

This development has raised concerns among organizations and businesses about the security of their critical data. It’s not reassuring to know that your data encryption methods are safe today but likely to be cracked in the future by a quantum computer. To mitigate these risks, it is recommended to re-encrypt the data using PQC ciphers, even if such data have already been locked down on disks by the existing encryption tools on the market.

NVIDIA Accelerated Data Center Infrastructure

NVIDIA is a leader in AI, high-speed networking and accelerated data center infrastructure. Bloombase is a proud member of NVIDIA Inception, a program designed to help startups evolve faster through access to cutting-edge technology and NVIDIA experts, opportunities to connect with venture capitalists, and co-marketing support to heighten their visibility.

To address the data management challenges of the ChatGPT era, Bloombase is using NVIDIA technologies to develop new solutions that combine advanced data-at-rest encryption with high-speed storage and networking technologies. Our collaboration pushes the boundaries of data security and protection to the next level, enabling organizations to protect their sensitive data in the face of ever-evolving cyber threats and data center environments.

The collaboration between Bloombase and NVIDIA began with the utilization of NVIDIA’s BlueField DPU to enable the development of new solutions that combine high-speed storage and networking with advanced encryption capabilities. By utilizing the offload and acceleration capabilities of BlueField, Bloombase StoreSafe intelligent storage firewall provides high-bandwidth and low-latency data-at-rest encryption for disk storage systems, in particular, all-flash arrays (AFAs). Further, to automatically classify and prevent sensitive data leakage, Bloombase leveraged the NVIDIA Morpheus cybersecurity AI framework and NVIDIA data center GPUs to build an AI-powered storage firewall.

As we previously discussed, one of the challenges is the quantum computing threat, which could render traditional encryption ciphers useless. Bloombase has adopted PQC technologies and incorporated them into our products, making sure that the storage infrastructure is resilient against such attacks.

To Conclude

In the not-too-distant future, we will be seeing a sharp rise in computer-generated information that is considered to be very important and valuable. We can expect to see an increase in cyberattacks that are more severe and widespread. These attacks will likely be initiated by hackers and crackers who possess AI know-how, and their targets may include businesses, nation-states, and even individuals like us, with the aim of obtaining monetary gain or other purposes.

Our call-to-action to our customers is to get prepared and to adopt effective countermeasures to protect their “crown-jewel” data now before it becomes too late.

The time to act is now!

Data-at-Rest Encryption Powered by NVIDIA BlueField DPU

Discover how Bloombase StoreSafe for NVIDIA BlueField DPU delivers low-latency data-at-rest encryption for all-flash arrays: https://youtu.be/QGgOKC_oXP4

Discover Sensitive Data with AI

Check out how Bloombase StoreSafe Intelligent Storage Firewall utilizes NVIDIA Morpheus and data center GPUs to detect and classify sensitive information on storage: https://youtu.be/YOUD61QjEzA

Encryption for Terabit Ethernet Storage

See how Bloombase StoreSafe utilizes NVIDIA ConnectX SmartNICs to achieve transparent encryption of all-flash storage on Terabit Ethernet: https://youtu.be/PJCk2KgGO_k

Take a Test Drive

If you want to have a test drive of Bloombase StoreSafe Intelligent Storage Firewall for NVIDIA BlueField DPU, fill out the form at https://bloombase.com/go/eval

For More

https://www.bloombase.com
https://www.bloombase.tv
https://www.linkedin.com/company/Bloombase
https://twitter.com/Bloombase
https://www.facebook.com/Bloombase
https://www.instagram.com/bloombase
https://www.nvidia.com/en-us/networking/products/data-processing-unit
https://developer.nvidia.com/networking/doca
https://resources.nvidia.com/en-us-accelerated-networking-resource-library/bluefield-and-doca-bloombase
https://www.nvidia.com/en-us/networking/ethernet-adapters
https://developer.nvidia.com/morpheus-cybersecurity
https://www.nvidia.com/en-us/data-center/technologies/hopper-architecture
https://www.nvidia.com/en-us/gpu-accelerated-applications/?search=Bloombase

This article originally appeared on https://www.bloombase.com/blog/rebuilding-bloombase-data-at-rest-security-with-nvidia-dpus-and-gpus/.

--

--

Bloombase
Bloombase

Written by Bloombase

#Bloombase is an intelligent storage firewall company. For more, check out https://www.bloombase.com.

No responses yet