Safeguarding passwords, credit card numbers or cryptographic keys in computer programs will require less computational work in the future. Researchers at the Max Planck Institute for Software Systems in Kaiserslautern and Saarbrücken have come up with a new technology called ERIM to isolate software components from each other. This allows sensitive data to be protected from hackers when the data is processed by online services, for example. The new method has three to five times less computational overhead than the previous best isolation technology, making it more practical for online services to use the technology. This was reason enough for USENIX, a US-American computing systems association, and Facebook to award their 2019 Internet Defense Prize to the researchers.
Computer programs are like a fortress. Just as a fortress is protected by thick walls, moats and iron gates, firewalls and other security technologies prevent cyber criminals from maliciously exploiting software apps. And just as one poorly guarded gate or a supposedly secret escape tunnel may allow besiegers to capture a castle, all hackers need is a small security gap to gain access to all components of a software. In the worst case, they can then get their hands on the data that grants them access to user accounts or even allow them to make credit card payments. For example, the Heartbleed bug in the widely used OpenSSL encryption software made user names and passwords of various online services and programs vulnerable to hackers.