As the digital assets market continues to mature, digital coins such as crypto currencies are becoming more common place. Central banks are now trying to establish their own digital currencies. Previous assets that were not liquid such as corporate bonds, real estate, and derivatives are being tokenized as a digital asset. Financial institutions having to quickly find solutions to support digital assets are faced with opportunities and challenges. All stakeholders in the digital assets industry, regardless of whether they are aware of it, are exposed to some degree of risk when it comes to managing private keys used to sign transactions. If you control the private keys, you control the assets.
As financial institutions are seeking to offer services to their customers for digital asset management, many are relying upon digital asset custody technology platforms to compete. Companies building these robust digital asset custody services are embracing hardware protections for key material and air-gapped isolation for their applications over software only key management solutions. IBM is co-creating with digital custody providers to deliver end-to-end solutions that help a client de-risk their digital assets initiatives, and IBM Hyper Protect is an ideal target technology to deploy both cloud and on-premises to help financial institutions compete.
Blockchain distributed ledgers, smart contracts, and related digital asset technology show promise to revolutionize value transfer across many industries. While the distributed ledgers themselves implement a high degree of cybersecurity measures at their core thanks to cryptology and consensus among multiple nodes, the whole ecosystem does have some possible weak points at its edges that need to be properly secured. One of them lies in the management of the wallets and private keys that control the assets being digitally represented.
Most web-based crypto wallets are custodial wallets today. The biggest disadvantage of using a custodial wallet is the fact that your private keys are managed and controlled by an external entity (third-party). Hackers often look for vulnerabilities to dodge security features and steal funds from custodial wallets. Financial institutions need to carefully plan for cybersecurity at different levels from network and infrastructure, through systems, to applications, and consider the opportunity of differentiation through advanced cybersecurity prevention. Given the nature of digital assets, wherein a physical asset is represented as a digital token on a digital ledger or blockchain, the highest level of protection is needed when authenticating access to digital assets to ensure rightful ownership. Regulations are racing to catch up with how to protect digital assets. Digital Custody providers must safeguard digital assets from insiders & outsiders, in other words, they must operate as a zero-trust enterprise. Whether on-premises or on the IBM Cloud, IBM’s Hyper Protect Services are uniquely engineered for the trusted computing needs of digital assets.
Confidential computing is designed to eliminate the data security vulnerabilities that exist when data is in use. It helps defend against cybercrimes by leveraging security capabilities designed into the hardware called Trusted Execution Environments, or secure enclaves. IBM's confidential computing strategy focuses on providing secure and trusted computing environments that protect sensitive data and workloads throughout their lifecycle, using a zero-trust approach. These solutions are based on the hardware technologies of IBM Z and IBM LinuxONE. Delivered with a sustainability, security, and scalability mindset, this infrastructure provides 100% encryption of application and database data1, is designed for 99.999% availability and to run isolated workloads for multi-tenant protection and has an assessed risk rating that is 1/20 compared to other platforms2 based on an IBM sponsored study. IBM Secure Execution for Linux extends an IBM Z or IBM LinuxONE server’s ability to run physically separated logical partitions (LPAR) evaluated under the Common Criteria at Evaluated Assurance Level 5+ to provide isolated secure enclaves as virtual servers.
A key solution of IBM’s confidential computing portfolio is Hyper Protect Virtual Servers. With Hyper Protect Virtual Servers the system administrators can still perform their job, executing tasks like creating, starting, stopping, and deleting virtual servers. But unlike solutions that offer operational assurance (trust that your admins will not access your data), Hyper Protect Virtual Servers are designed to deliver technology enforced protections such that admins cannot access the data within the secure enclave of the virtual server.
Another key aspect of a zero-trust approach to digital assets is the protection of the keys used to sign transactions. Digital Asset Custody providers are scaling to manage thousands of wallets increasing the number of private keys they must maintain control over – posing increase risks and challenges to their business. Loss of control over private keys through cyber-attack can result in irreversible asset loss. For superior protection, private keys need to be managed inside Hardware Security Modules, or HSMs. On IBM Cloud, Hyper Protect Crypto Services provides a HSM with FIPS 140-2 Level 4 certified hardware3, the highest in the industry. It is single tenant, so the HSM isn’t shared with anyone else. HPCS also has ‘Keep Your Own Key’ technology, which gives clients exclusive control over their entire key hierarchy, including the HSM master key.
The Hyper Protect team has been building plug and play options adapted to suit client strategy and architectural requirements in this rapidly expanding space. A growing ecosystem of more than 90 technology partners are building and deploying solutions that take advantage of higher levels of confidential computing, offered by Hyper Protect Services.
In Q4 of 2023, IBM announced the latest addition to their portfolio: IBM Hyper Protect Offline Signing Orchestrator. IBM’s clients have been asking for a cold storage solution from IBM, and we have delivered leveraging IBM’s most secure infrastructure, IBM Z and LinuxONE, along with Hyper Protect Virtual Servers.
The challenge with today’s wallet options for storing digital assets is that clients are forced to choose either speed by leveraging a hot wallet that is connected to the internet, or security, by leveraging a cold wallet that is physically isolated or air-gapped and completely offline, but not both. Access to the cold wallet is a manual process, typically requiring an operator to be escorted by a datacenter admin to physically walk the laptop or USB with the private keys across the data center to the offline hardware for signing and back again.
Regulations are evolving to require private keys, used in signing transactions, to be stored in these cold wallets. As financial institution clients continue to add customers, there will be more cold transactions resulting in more manual operations, and the more manual operations there are, the risk in human error increases. This type of manual process just isn’t scalable.
To address this gap in protection, IBM has developed the IBM Hyper Protect Offline Signing Orchestrator (OSO). OSO brokers communications between two different applications that are designed not to communicate directly with each other for security purposes, passing transactions between two Hyper Protect Virtual Servers running in different IT environments separated using Logical Partition (LPAR) technology while ensuring it is never connected to both at the same time. This solution allows clients to consolidate their hot and cold wallets onto the highly secure LinuxONE platform. Ultimately OSO eliminates human interaction to reduce the risk of insider attacks, costs are reduced because there is no need to pay datacenter admins to perform these tasks, and the process is automated and policy driven eliminating, operational errors and allowing for significant scalability.
The platform, in conjunction with strong operational security practices, is designed to help clients secure you’re their most valuable assets and is built upon a foundation of security and over 50 years of experience in enterprise computing. The IBM Hyper Protect Digital Assets Infrastructure is designed to provide a secured framework robust basis for banks, exchanges, and custodians to deploy their commercial or custom solutions for managing digital assets.
To learn more about creating a digital assets infrastructure with IBM Hyper Protect Services, visit https://www.ibm.com/cloud/digital-assets-platform.
---
Henry Welborn is a Senior Technical Staff Member (STSM) in the IBM Z hybrid cloud organization. He has over 25 years of experience in IBM software, with a focus on cloud native DevSecOps technologies. He is currently the senior architect for the Hyper Protect Services family of products for IBM Cloud, including Hyper Protect Crypto Services, Wazi as a Service, and IBM Digital Assets Platform.
[1] See “Enabling pervasive encryption through IBM Z stack innovations” in IBM Journal of Research & Development, Vol. 62, No. 3, March-May 2018
[2] See Solitaire white paper, sponsored by IBM. “Scaling the Digital Mountain: Enabling a secure, agile and efficient organization” ”SIL risk profiling sets the LinuxONE platform risk rating at less than 1/20 of any of the alternative solutions.”
[3] See https://www.ibm.com/security/cryptocards