IBM, the multinational technology corporation, has launched a new cold storage solution called the IBM Hyper Protect Offline Signing Orchestrator, or OSO for short, which is an air-gapped cold storage solution for digital assets.
An air-gapped cold storage solution for digital assets is a method of storing digital assets offline and isolated from any internet-connected devices. This is done to protect the assets from cyberattacks, as hackers cannot access them if they are not connected to the internet.
Air-gapped cold storage solutions typically use two devices: one to store the private keys and one to generate transactions. The private keys are never stored on the internet-connected device, and the transaction-generating device is only connected to the internet when it is necessary to create a transaction.
The product was launched in collaboration with digital asset manager Metaco, a Ripple subsidiary and IBM partner. The solution provided by IBM addresses common vulnerabilities found in traditional cold storage methods, particularly those associated with manual transaction initiation and execution.
The company has announced the launch of the new product in its 必利勁 ank” rel=”noreferrer noopener”>blog post: “Today, IBM is announcing IBM Hyper Protect Offline Signing Orchestrator (OSO)—a new technology to help deploy cold storage solutions for digital assets, and the latest addition to its confidential computing portfolio.”
It also stated: “OSO is designed to address the limitations of current cold storage offerings for digital assets, including the need for people to perform manual procedures for the execution of a cold storage transaction.”
According to IBM, the way OSO works is that it is designed to address the vulnerabilities mentioned above in its statement by removing the manual functions of starting and finishing a transaction. The principle it follows is similar to that of a time-release safe, which cannot be opened upon a request but only opens when a predetermined time has elapsed, or certain conditions are met.
OSO will be using this same principle as it will be configured to imitate only transactions from cold storage to blockchain, and vice versa when it reaches a specific before-mentioned time slot or only through proper authorization from a body that includes more than one individual that governs the operations.
By using such an approach, the company believes that it will protect the system from the most common forms of insider attacks like physical access, manipulation from the administrative side, or coercion attacks. This means that if the malicious actors somehow manage to gain access to the system either physically or remotely, they can only start a transaction at the approved slots, and no transaction will be processed before or after that slot. Even if they initiate the transaction at the given time, they would still need authorization from multiple approved parties before they would be able to transfer those assets into their desired accounts.
Furthermore, the air-gapped aspect of the system explained above will make it able to become more resistant to potential attacks.
