Feeds

Itanium inventor bobs to surface as chip's savior?

Secure64 to the rescue

  • alert
  • submit to reddit

Application security programs and practises

An extensible application environment for you and me

Not surprisingly, the company's approach relies on making the most out of Itanium.

When Itanium first hit the market, both Intel and HP spent a lot of time touting some of the features that separated Itanium from other processors. (They mention these features less often these days, focusing their marketing efforts instead on defending the chip's existence.) The four main "features" of Itanium at play here are its large register sets (128 general purpose and 128 floating point registers), the fact that it can crank through 6-8 instructions per cycle, its security compartments technology and its 4 privilege levels - again for added security.

Secure64 rightly believes that none of the major OSes out there makes terribly good use of these unique features in Itanium. The chance is there for a company to build software that can scream on Itanium and do so with very high levels of security. The company seems to think that the existence of an OS that can truly make use of all Itanium has to offer will spur adoption of the processor.

In its patent applications, Secure64 describes its Itanium-friendly software as a type of "extensible application environment." The good, old EAE.

A customer would hypothetically load a CD with the run-time EAE into a low-end Itanium server with the EAE serving as the operating system. The Secure64 EAE would then work its magic, initializing memory and setting up the protection ID keys and compartments available with Itanium. All told, the EAE eats up a minimal set of system resources - say 2 percent - and turns over the rest of the server to the applications.

The first use for such a product will likely be something in the web acceleration realm. The server would boot up with a caching engine, real-time compression (gzip64), SSL64, DDoS, routing functions and support for those third-party TCP/IP offload cards discussed above. Secure64's patent materials describe the EAE-powered boxes generally being used as web servers, secure web servers, proxy servers, secure proxy servers and application servers.

Secure64 documentation obtained by The Register shows that the company believes systems running its software will show a 20x performance improvement on web workloads, while providing much improved scaling. In addition, Secure64 is looking to provide customers with a 100x reduction in the costs associated with churning through web services transactions.

Secure64 is claiming that it will be virtually impossible to write worms or viruses that can attack the EAE, as it makes use of Itanium's rich security features. Third-parties can write applications to the EAE that make similar use of these security functions.

The Secure64 patent application also describes the EAE as having a rich set of partitioning functions. The company has focused on making each partition very stable and secure via the means described above and has also paid attention to ways partitions can be tuned for specific applications.

"The customized execution environment then has direct access and control over the system resources within its partition," Secure64 writes in one application. "That is, there are no operating system abstractions interposed between the customized execution environment and the system resources allocated to the customized execution environment. Advantageously, with the operating system abstractions out of the way, the customized execution environment may implement a computational and/or I/O structure that is simpler, is tuned for a particular application, and can take advantage of certain processor or other system resource features that are not exploited by the (general purpose OS)."

Itanic revival

Not knowing exactly what Secure64 will end up unveiling next year makes it tough to guess how well the technology will be accepted or what exactly it will compete against. Other companies - Sun comes most immediately to mind - have talked about attacking web edge types of workloads with a new class of multicore chips. These processors can handle numerous requests at once, and Sun has discussed similar 20x performance improvements with web services transactions. It's more difficult, however, to guess how well products from Sun and others would stack up on the security front against Secure64.

In some ways, the Secure64 EAE seems like a very sophisticated version of VMware's ESX Server product aimed specifically at the 64-bit computing market. Like ESX Server, the EAE pushes the OS out of the way and provides a nice set of virtualization tools. Again, companies like Sun and HP have been doing similar things with their versions of Unix. Secure64's biggest plus would be that it has tuned its software for Itanium only and thrown out any general purpose OS nonsense that would hamper web workload performance. That certainly makes it a unique player in the market, which is exactly what you want from a start-up.

With its rich ties to HP, it's not hard to imagine Secure64 quickly appearing as an option for HP's Integrity server customers. This is a big "in" since HP accounts for about 85 percent of the Itanium ecosystem.

The appliance idea never seems to take off as well as start-ups hope, and we have our doubts Secure64's play. That said, it sure would be something to see the originator of Itanium bring the chip back to life using his intimate knowledge of the chip's architecture as Secure64's biggest weapon. ®

The present

Secure64
Patent I
Patent II

The past

Worley pushes for Itanium
Worley interview
Cranstone interview

Related stories

IBM, Moore's Law and the POWER 5 chip
How MS will end the Dell - Intel love-in
Intel is killing Itanium one comment at a time
IBM benchmark leaves server rivals breathless
Intel nuances Itanium; Microsoft ignores it

Eight steps to building an HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.