The new system works a lot like a time delay safe for digital assets with a policy engine to broker communications.
IBM announced the launch of IBM Hyper Protect Offline Signing Orchestrator (OSO), an air-gapped cold storage solution for digital assets, on Dec.
Working with digital asset manager Metaco, an IBM partner and Ripple subsidiary, and tier-1 banks, IBM developed the end-to-end asset encryption service to address common vulnerabilities found in typical cold storage solutions.
Per an IBM blog post:
“When it comes to offline or physically air-gapped cold storage, there are limitations, including privileged administrator access, operational costs and errors and the inability to truly scale. All these limitations are due to one underlying factor—human interaction.”
Cold storage
IBM designed OSO to address these vulnerabilities by removing the manual functions of initiating and conducting transactions.
This, according to the blog post and accompanying research, prevents most common forms of insider attack including physical access, administrative manipulation, and coercion attacks.
Further ensuring OSO’s resilience to attack, digital assets can be placed in “air-gapped” storage container.
Securing blockchain transactions
Administrators managing cold storage solutions in a typical air-gapped paradigm usually have to hand-carry physical storage devices such as laptops or USB drives to offline hardware in order to sign transactions.