IBM announced a system for storing digital assets in complete isolation from the external network, even during the transfer of funds. The solution is based on the technical developments of the company’s confidential computing service and allows for minimizing the risks of external and internal cyberattacks.
The International Business Machines Corporation (IBM), one of the world’s largest manufacturers and suppliers of hardware and software, introduced IBM Hyper Protect Offline Signing Orchestrator (OSO), a new storage solution for digital assets.
OSO is a cold storage system for digital assets completely isolated from the external network. The solution was created in collaboration with Metaco, a crypto storage provider and subsidiary of Ripple Labs, and with the participation of several major banking institutions. The end-to-end asset encryption solution developed by IBM solved a number of problems associated with cold storage of assets.
Thus, OSO doesn’t feature transaction initiation and execution functions that would require physical interaction. The solution is configured to send transactions from cold storage and vice versa only at certain times or with the authorization of a multibody management scheme.
IBM analysts say this approach prevents the possibility of the most common types of insider cyberattacks. Even if an attacker somehow gains access to the system physically or remotely, they won’t be able to initiate a transaction instantly.
For additional protection, OSO stores digital assets in a completely isolated environment — in special air-gapped storage containers. These containers can only be accessed at specific times for specific purposes and require no administration. Information exchange between containers and blockchain applications is carried out through IBM’s Confidential Computing Service, which has no direct external network connectivity.
OSO will not only secure funds from hackers but also reduce administrative costs and prevent the possibility of errors in manual processes.
Crypto storage services were scheduled to be launched this year by Nasdaq, an international operator of stock exchanges.