RAMSES: Secure high-performance computing for sensitive data

📅 2026-06-26
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the longstanding challenge in high-performance computing (HPC) of simultaneously achieving high computational performance and robust security for sensitive data, particularly in highly regulated domains such as life sciences. The authors propose a novel, high-security HPC platform that enforces end-to-end encryption across the entire data lifecycle—covering data at rest, in transit, and in use. This is accomplished through the first-time deep integration of AMD hardware-based memory encryption, IBM Storage Scale file-level encryption, and Thales CipherTrust centralized key management, complemented by operating system hardening and mandatory multi-factor authentication. The resulting architecture complies with major security standards including GDPR, ISO/IEC 27001, and FIPS, while significantly minimizing performance overhead. Biomedical benchmarking demonstrates that stringent security and high performance can indeed coexist effectively, achieving a unified balance between safety and efficiency.
📝 Abstract
Traditionally, the architecture of high-performance computing (HPC) systems is tailored for speed, while highly secure computer systems must sacrifice speed for security. However, a wide range of scientific domains, such as the life sciences, call for a combination of performance and security to allow processing sensitive data at scale. Here, we present RAMSES (Research Accelerator for Modeling and Simulation with Enhanced Security), an HPC system designed from the ground up to deliver high performance within a robust security framework. RAMSES integrates hardware-based memory encryption of AMD processors with state-of-the-art file encryption from IBM Storage Scale and the Thales CipherTrust manager, establishing an HPC platform that ensures continuous encryption throughout the data life cycle - at rest, in transit, and in use - in compliance with major data protection standards (European General Data Protection Regulation, ISO/IEC 27001 certification, and Federal Information Processing Standards). In addition, we implemented advanced operating system hardening, a multi-layered security architecture, and mandatory multi-factor authentication to adapt the HPC environment to increased security demands. Benchmark results from the biomedical sector demonstrate that the performance impact of the secure environment is limited and that integration of the conflicting requirements speed and security can be achieved while preserving a coherent, flexible, and user-friendly system.
Problem

Research questions and friction points this paper is trying to address.

high-performance computing
data security
sensitive data
memory encryption
compliance
Innovation

Methods, ideas, or system contributions that make the work stand out.

hardware-based memory encryption
end-to-end data encryption
secure high-performance computing
multi-layered security architecture
multi-factor authentication
🔎 Similar Papers
No similar papers found.
P
Peter Heger
IT Center Cologne (ITCC), University of Cologne
L
Lech Nieroda
IT Center Cologne (ITCC), University of Cologne
R
Roland Pabel
IT Center Cologne (ITCC), University of Cologne
C
Christoph Stollwerk
IT Center Cologne (ITCC), University of Cologne
S
Stefan Borowski
IT Center Cologne (ITCC), University of Cologne
K
Kamil Tokmakov
NEC Deutschland GmbH
M
Michael Commer
IT Center Cologne (ITCC), University of Cologne
M
Martin Peifer
Department of Translational Genomics, University of Cologne
Stefan Wesner
Stefan Wesner
University of Cologne, Parallel and Distributed Systems
Parallel and Distributed Systems
V
Viktor Achter
IT Center Cologne (ITCC), University of Cologne