Saturday Mar 07, 2015

Stopping Security Breaches with a Revolution in Chip Design

Perhaps the most significant value to customers of Oracle’s recently announced SPARC M7 chip  design is the enhanced security it provides.

You only have to browse the daily news headlines to understand just how important security is to Oracle’s enterprise customers today.  Names like Target, Home Depot, Wal-Mart, JP Morgan Chase, Apple and many more immediately come to mind.  Top-level executives are losing their jobs over this.   To quote a March 6, 2015 Fortune Magazine article on “5 Huge Cyber-security Breaches”,

“Hackers have been slipping through corporate computer defenses like they’re Swiss cheese.”

At the Hot Chips Conference in August of 2014 Oracle unveiled the next generation SPARC M7 processor,  a revolutionary change in its microprocessor design, highlighting an architecture advancement called “Software in Silicon.”   SPARC engineers collaborated with Oracle’s software engineers to hardwire specific software techniques directly onto the SPARC M7 chip.  And don’t think this happened over night -- this has been ongoing work between hardware and software teams for a good portion of the 5 years since Oracle purchased Sun Microsystems, along with the rights to the SPARC microprocessor.

In his keynote speech at Oracle OpenWorld 2014, Larry Ellison referred to the M7’s security feature as

the most important piece of engineering we’ve done in security in a very, very long time.” 

So back to the Swiss cheese --

One very important security innovation inherent in this new SPARC M7 microprocessor design is “application data integrity,” or ADI.  ADI makes sure that a memory area is accessed only for the purpose for which it was allocated.  Memory allocation issues are often the source of cyber-security breaches.  ADI can prevent any read or write of data beyond the breadth of the data.  And what is revolutionary is that it does it in hardware – actually in the silicon of the forthcoming SPARC M7 processor.

But that is just the tip of the iceberg.  ADI does a lot more to stop malicious attacks of valuable corporate data.  For example, stopping a security bug like Heartbleed, which is a severe memory handling vulnerability in the OpenSSL library.  Heartbleed can trick the server into sending more memory than a given user is authorized to access, with potential user names, passwords and security key information that should be protected.  When the ADI feature is enabled, it can protect against the Heartbleed bug by detecting an invalid memory access on the server.  Exactly how this works is clearly demonstrated in this short demo of this feature in action.  Check it out -- its pretty cool!

If you are a developer and you want to test this stuff out, Oracle has announced a new Software in Silicon Cloud where you can do that!  This cloud is a secure environment with ready-to-run virtual machine environments. In addition, it includes Oracle Solaris Studio 12.4, which provides a tool set that detects numerous types of memory corruption and can aid developers in quickly improving code reliability.  In fact, an upcoming Studio 12.4 update uses the Software in Silicon ADI feature to help the code analyzer work at near hardware speeds to allow developers to quickly find and fix memory errors with minimal overhead.  Check out Raj Prakash’s blog [Move Over Purify and Valgrind, There is a New Kid in Town], for some staggering numbers on how it compares to other memory access checkers.

Here are some further links to check out  --- note that we have a live webinar on this March 18th:


Thursday Jan 15, 2015

Webinar: Start Testing Your Application Code Today!

Oracle ISV Engineering is offering an exciting opportunity to learn about the NEW offering for developers who want early access to the revolutionary Software in Silicon technology in the forthcoming Oracle SPARC M7 processor running Oracle Solaris 11.  In this LIVE webinar (8:00am PST on Jan 21), developers will learn how to use the NEW Software in Silicon Cloud to dramatically improve reliability and security, and accelerate application performance in today’s market.

Course Title:    Oracle's Software In Silicon Features Available for Developers Today!
Target Audience:  Application Developers with experience on Oracle Solaris
Event Date:    January 21, 2015
Event Time:    8-9:00am PST (Pacific Standard Time)

** Replay of this webinar available HERE **

Software in Silicon implements accelerators directly into the processor to deliver a rich feature-set that enables quick development of more secure, robust, reliable, and faster databases and applications.  With the Oracle Software in Silicon Cloud, developers can have a secure environment in which to test and improve their software as well as exploit the unique advantages of Oracle's Software in Silicon technology.  Angelo Rajadurai, Software Engineer with ISV Engineering, will provide an explanation of the technical details of the Software In Silicon features and a demonstration of how developers can use the Software in Silicon Cloud to test these features on their applications today.

Tuesday Dec 30, 2014

CloudSigma Public Cloud built on Oracle Solaris

On September 30, 2014 CloudSigma issued a press release announcing a native Oracle Solaris-based Infrastructure-as-a-Service (IaaS) offering for the enterprise.  And following on that press release, Robert Jenkins, CEO of CloudSigma,  demonstrated how CloudSigma is deploying instances of Oracle Solaris in their public cloud in two separate presentations at Oracle OpenWorld 2014:

 - Oracle Solaris Strategy, Engineering Insights, and Roadmap [GEN7808]
 - Kernel Zones: Next-Generation Cloud Platform [CON7842]

This is a significant strategic move by CloudSigma, leveraging Oracle Solaris features to meet their business objective of building high availability cloud servers and cloud hosting in both Europe and the US, and demonstrates Oracle Solaris and SPARC traction and value in the public cloud space.  CloudSigma is a pure-cloud IaaS provider that offers one of the most customizable cloud offerings on the market.  They recognize that Oracle Solaris 11 is a complete, integrated cloud platform that  is engineered for the type of large scale enterprise cloud environments their customers are demanding.  They see the benefits of implementing Oracle Solaris cloud virtualization with zero performance loss and the highest consolidation ratios for large-scale applications.  

As an example, in his presentation at OpenWorld, Mr. Jenkins spoke to the excitement of leveraging "Remote Administration Daemon" (RAD), which is a standard system service that offers secure, remote administrative access to an Oracle Solaris system.  RAD enabled CloudSigma to incorporate Solaris very quickly without the burden of writing the code themselves, as they have done with Linux.

“We’ve been excited to see the recent developments in the Oracle Solaris offering and have worked closely with Oracle to demonstrate the unique power of this platform for the enterprise,” said Robert Jenkins, CloudSigma CEO. “This new service will allow customers to engage with a SPARC – Oracle Solaris environment in new ways, as well as bring the benefits of the cloud paradigm to existing Oracle Solaris based workloads.”

CloudSigma is seeing significant interest in this offering and have customers using it as an ideal testing and development platform ahead of their production deployments.  CloudSigma customers are also deploying Solaris for elastic workloads in a way they previously weren’t able to do for private dedicated hardware-based solutions.



The release of Oracle Solaris 11.2 has transformed it into a complete cloud platform with OS, virtualization and Software Defined Networking (SDN) capabilities as well as a full distribution of OpenStack.  The demand for Oracle Solaris in public clouds is increasing significantly and CloudSigma is just the beginning.

Monday Nov 03, 2014

EMC and Oracle Get Down To Business at Oracle OpenWorld


It should be no surprise to know that EMC Corporation and Oracle have a strong alliance built on a long-term relationship which drive a significant systems business for Oracle.  But what might be news is to see how these two companies have closely collaborated to drive technology integration and best practices around joint solutions for Oracle SPARC systems.  Just a few examples include their joint efforts around LDoms (Oracle VM Server for SPARC), and new feature integration with Oracle Solaris 11.2.  

Watch this short video filmed at Oracle OpenWorld this year to see how this technology collaboration is providing significant advantage to our customers.

Thursday Oct 23, 2014

Power of SPARC T5 scalability unleashed

I was working with a leading asset management vendor in the financial server sector who is using Python for a considerable amount of their software, a typical three-tier architecture, Database, Business Logic and User interface using Python as the main back-end language. Performance was critical for both latency (fast individual query response) and total throughput (being able to service a large amount of queries in parallel).

This was an opportunity to validate the quality of the scalability advantage of SPARC processors, with their large amount of cores and threads within a single chip.

In order to test the scalability of the SPARC processor in a Python environment, I decided to use the standard Python benchmark which is available in all the latest Python distributions. By running multiple benchmarks in parallel, I could then plot the scaling factor to see how linearly the total throughput would ramp up as more cores and threads were utilized.

[Read More]
About

How open innovation and technology adoption translates to business value, with stories from our developer support work at Oracle's ISV Engineering.

Subscribe

Search

Categories
Archives
« April 2015
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
  
       
Today
Feeds