Data in Use. Vendor agrees to maintain secure computing environments that are up to date with all appropriate security patches. Vendor agrees to monitor, respond to and log all access and access attempts to OSUWMC data. Vendor also agrees that within 30 days after termination of this Agreement, it shall certify that it will erase, destroy, and render unreadable, all OSUWMC Confidential Information according to Vendor’s retention schedules, and the standards enumerated in DOD 5015.2 or NIST 800-88rl, as amended, and that until such time that the Confidential Information is erased, destroyed, and rendered unreadable, the Confidential Information shall retain its confidential nature.
Data in Use. Vendor agrees to maintain secure computing environments that are up to date with all appropriate security patches. Vendor agrees to monitor, respond to and log all access and access attempts to OSUWMC data. Vendor also agrees that upon termination of this Agreement it shall erase, destroy, and render unreadable all OSUWMC data according to the standards enumerated in D.O.D. 5015.2 or NIST 800-88r1, as amended, and certify in writing that these actions have been complete within 30 days of the termination of this Agreement or within 7 days of the request of an agent of OSUWMC, whichever shall come first.
Data in Use. “Data in Use” is all data not in an at-rest state, which is kept only one particular node in a network (for example, in resident memory, or swap, or processor cache or disk cache, etc. memory). This data can be regarded as “secure” if and only if (a) access to the memory is rigorously controlled (the process that accessed the data off of the storage media and read the data into memory is the only process that has access to the memory, and no other process can either access the data in memory, or man-in-the-middle the data while it passes through I/O), and (b) regardless of how the process terminates (either by successful completion, or killing of the process, or shutdown of the computer), the data cannot be retrieved from any location other than the original at rest state, requiring re-authorization. Within the context of BOUNCE, and based upon the architectural solutions adopted, we will evaluate three main software solutions and approaches associated with data-in-use security: • Homomorphic Encryption42 - Homomorphic encryption is a form of encryption that allows computations to be carried out on cipher-text, thus generating an encrypted result which, when decrypted, matches the result of operations performed on the plaintext. Homomorphic encryption allows chaining together different services without exposing the data to each of those services. Homomorphic encryption schemes are malleable by design. This enables their use in cloud computing environment for ensuring the confidentiality of processed data. In addition, the homomorphic property of various cryptosystems can be used to create many other secure systems, for example secure voting systems, collision-resistant hash functions, private information retrieval schemes, etc.; • Verifiable Computation43 - Verifiable computing (or verified computation or verified computing) is enabling a computer to offload the computation of some function, to other perhaps untrusted clients, while maintaining verifiable results. The other clients evaluate the function and return the result with a proof that the computation of the function was carried out correctly. The introduction of this notion came as a result of the increasingly common phenomenon of "outsourcing" computation to untrusted users in projects such as XXXX@xxxx and also to the growing desire of weak clients to outsource computational tasks to a more powerful computation service like in cloud computing; • Secure Multi-Party Computation [87] - Secure multi-...
