Reliably auditing your cloud provider security from the bare silicon on up.

New Proof of Concept for Measuring and Monitoring Cloud Infrastructure Security

RSA, Intel and VMware have teamed up to bring us their proof of concept for reliably auditing and securing infrastructure cloud services. Their new solution is called the Hardware Root of Trust. One of the biggest issues with cloud services is that there's no reliable mechanism that allows cloud customers to audit their providers security when and how they want to. Cloud customers want the ability to run their own security audits, ensure that proper security measures are always in place and be able to control their security policies inside their own private cloud. To solve this problem RSA, Intel and VMware have put their heads together and come up with an interesting solution that they showcased at the RSA conference this month. Given the interest, and growing need, for solutions in this area lately I thought their proof of concept warranted some mention.

For most Infosec professionals the thought of using a cloud service to host any data or process that could be construed as containing sensitive, regulated, or personal identifying information raises serious red flags. Today the amount of security visibility that cloud providers offer to their customers ranges from none to generic audit reports. Instead of your provider proving to you that they meet your security policy and compliance requirements they provide all their customers with either a generic compliance report they generate or have a 3rd party auditor generate for them. Either way, the visibility that you need is not offered. You then have two choices, don't use a cloud service, or change your existing security policies and compliance requirements so they mesh with the policies of your cloud provider and the reports they generate for you. Obviously, this is not ideal. The good news is that both the industry and cloud providers are taking this issue very seriously and scrambling to come up with viable solutions.

The most promising solution I've seen yet is the proof of concept from RSA, Intel and VMware called the Hardware Root of Trust. There solution tackles a heretofore unsolvable problem: Verifying the security of the cloud's infrastructure layers from the chipset to the hypervisor and on up from there. The premise being that if you cannot ensure, or have visibility into, the security of your private cloud infrastructure layer then auditing the operating system and applications on top of it are of suspect reliability. The end goal of hardware root of trust is to offer cloud providers, and their customers, the ability to measure and monitor the security conditions within a private cloud's physical and virtual machines. This ability must then be offered to cloud customers on a continuous and reliable basis to allow for spot checks and periodic audits.

In a nutshell, the Hardware Root of Trust will offer the customers of cloud providers that adopt the solution a customizable portal into their private cloud infrastructure resources. Each customer will have the ability to tailor their security portal (using the RSA Archer framework) to meet their auditing, visibility, and compliance needs. These multi-tenant portals will be updated near real-time and provide each customer with visibility into the hardware and hypervisor security of their private cloud. This new visibility also offers customer the ability to audit any SLA agreements they have with their cloud provider around allocation of cloud resources and enforcement of co-residency restrictions.

Why should you audit your hardware and hypervisor you may ask? Well, these previously quite safe components have recently experienced a rash of new targeted attacks, virtual rootkits, hypervisor malware and other such nastiness. Examples of these are the Intel chip SMM vulnerability and exploit code, the blue pill virtual rootkit, Xen virtual rootkit and the SubVirt project just to name a few. The bottom line is that you can no longer take for granted that your server hardware, chipsets, bios, cards, memory, etc are inherently security. Next gen hackers can hide their rootkits in any of those places. When that happens the malware becomes virtually undetectable by the operating system, hypervisor, or any other software mechanism because the malware is hiding in a place that has equal or superior system level permissions on the server. In the case of many virtual rootkits (like bluepill), the existing operating system or hypervisor is transparently moved so that the rootkit becomes the new bottom layer between the hardware and the operating system or hypervisor. In this way the rootkit is able to intercept any and all system calls to the CPU, memory, disk, or any other hardware resource on the server.

Here are the solutions that make up the Hardware Root of Trust proof of concept:
-Intel Trusted Execution Technology in their Westmere processor
-VMware ESXi and vCenter Technology
-RSA enVision seim with ADML
-RSA Archer Portal framework
-RSA DLP solutions

To find out more info check out RSA's website here
http://www.rsa.com/innovation

You can read about Intel's TXT technology here
http://www.intel.com/technology/security/

The opinions and information presented here are my PERSONAL views and not those of my employer. I am in no way an official spokesperson for my employer.

More from Jamey Heary:
* Credit Card Skimming: How thieves can steal your card info without you knowing it
* Google Nexus One vs. Top 10 Phone Security Requirements
* Why you should always shred your boarding pass
* Video rental records are afforded more privacy protections than your online data
* The truth about new SSL attacks
* 2009 Top Urban Legends in IT Security/a>

Go to Jamey’s Blog for more articles on security.

• Cisco
• Outsourcing
• Security
• cloud computing security
• cloud security
• hardware root of trust
• hardware trust
• Heary
• infrastructure cloud security
• Jamey Heary
• root of trust
• security