Raghu Yeluri

Raghu Yeluri

Biography

Raghu Yeluri is a Principal Engineer in the Intel Architecture Group at Intel with focus on virtualization, security and cloud architectures. He is responsible for understanding enterprise and data center needs, developing reference architectures and implementations aligned with Intel virtualization, security and cloud related platforms and technologies. Prior to this role, he has worked in various architecture and engineering management positions in systems development, focusing on service-oriented architectures in engineering analytics and information technology. He has multiple patents and publications, and has co-authored an Intel Press book on Cloud Computing – "Building the Infrastructure for Cloud Computing, an essential handbook for IT Professionals".

Contributions

rss  subscribe to this author

Sudhir S. Bangalore

Sudhir S. Bangalore

Biography

Sudhir S Bangalore is a Senior Systems Engineer in Intel Architecture and Systems Integration (IASI) group, which is part of Intel Architecture Group, and is focused on developing solutions to enable virtualization and cloud security, with focus on Intel Architecture and associated ingredients. He is responsible for understanding enterprise and data center needs, developing reference implementations and innovative solutions to meet these needs with Intel technologies. Prior to this role, he has worked as a architect and a key engineer on Intel’s Enterprise Access Management framework and implementation. Sudhir has a Master’s degree in Computer Science, and has been with Intel for more than 10 years.

This article and more on similar subjects may be found in the Intel Technology Journal, Volume 16 issue 4 "End to End Cloud Computing".

Contributions

rss  subscribe to this author

Bookmarks

Service Security and Compliance in the Cloud Published: June 27, 2013 • Service Technology Magazine Issue LXXIII PDF

Abstract: One of the biggest barriers impeding broader adoption of cloud computing is security—the real and perceived risks of providing, accessing and control services in multitenant cloud environments. IT managers need higher levels of assurance that their cloud-based services and data are adequately protected as these architectures bypass or reduce the efficacy and efficiency of traditional security tools and frameworks. The ease with which services are migrated and deployed in a cloud environment brings significant benefits, but they are a bane from a compliance and security perspective. IT managers are looking for greater assurances of end-to-end service level integrity for these cloud-based services. This article explores challenges in deploying and managing services in a cloud infrastructure from a security perspective, and as an example, discusses work that Intel is doing with partners and the software vendor ecosystem to enable a security enhanced platform and solutions with security anchored and rooted in hardware and firmware to increase visibility and control in the cloud.

Introduction

The cloud computing approach applies the pooling of an on-demand, self- managed virtual infrastructure, consumed as a service. This approach abstracts applications from the complexity of the underlying infrastructure, which allows IT to focus on the enabling of business value and innovation. In terms of cost savings and business flexibility, this presents a boon to organizations. But IT practitioners unanimously cite security, control, and IT compliance as primary issues that slow the adoption of cloud computing. These results often denote general concerns about privacy, trust, change management, configuration management, access controls, auditing, and logging. Many customers also have specific security requirements that mandate control over data location, isolation, and integrity that typically use legacy solutions that rely on fixed hardware infrastructures.[REF-27]

Under the current state of cloud computing, the means to verify a service’s compliance with most of the aforementioned security challenges and requirements are labor-intensive, inconsistent, nonscalable, or just not possible. For this reason, many corporations only deploy less critical applications in the public cloud and restrict sensitive applications to dedicated hardware and traditional IT architectures.[REF-28] For business- critical applications and processes and sensitive data, however, third-party attestations of security controls usually aren’t enough. In such cases, it is absolutely critical for organizations to be able to verify for themselves that the underlying cloud infrastructure is secure enough for the intended use.[REF-29]

This requirement drives the next frontier of cloud security and compliance: building a level of transparency at the bottom-most layers of the cloud by developing the standards, instrumentation, tools, and linkages to monitor and prove that the IaaS clouds’ physical and virtual servers are actually performing as they should and meet defined security criteria. Today, security mechanisms in the lower stack layers (for example, hardware, firmware, and hypervisors) are almost absent.

Cloud providers and the IT community are working earnestly to address these requirements, enabling cloud services to be deployed and managed with confidence, with controls and policies in place to monitor trust and compliance of these services in cloud infrastructures. Specifically, Intel Corporation and other technology companies have come together to enable a cloud infrastructure that is highly secure and based on a hardware root of trust, which provides tamper proof measurements of key physical and virtual components in the computing stack, including the hypervisors. These organizations are collaborating to develop a framework to integrate the secure hardware measurements provided by the hardware root of trust into adjoining virtualization and cloud management software. The intent is to improve visibility, control, and compliance for cloud services. For example, having visibility into the trust and integrity of cloud servers allows cloud orchestrators to provide improved controls on onboarding services for their more sensitive workloads—offering more secure hardware and subsequently better controlling the migration of workloads and meeting security policies.

We will discuss how cloud providers and organizations can use the hardware root of trust as the basis for deploying secure and trusted services. In particular, we’ll cover Intel® Trusted Execution Technology (Intel TXT) and the Trusted Compute Pool usage models, and envision the necessary ecosystem for implementing them.

Security in the Cloud

Security is a key barrier to the broader adoption of cloud computing. The real and perceived risks of providing, accessing and controlling services in multitenant cloud environments can slow or preclude the migration to services by IT organizations. In a non-virtualized environment, the separation provided by physical infrastructure is assumed to provide a level of protection for applications and data. In the cloud, this traditional physical isolation between applications no longer exists. Cloud infrastructure is multi-tenant, with multiple applications utilizing a shared common physical infrastructure. This provides the benefit of much more efficient resource utilization. However, because the physical barriers between applications have been eliminated, it is important to establish compensating security controls to minimize the potential for malware to spread through the cloud. This section covers the security challenges in the cloud, and provides a set of requirements that have to be addressed for cloud security.

Cloud Concepts

Cloud computing moves us away from the traditional model where organizations dedicate computing power (and devices) to a particular business application, to a flexible model for computing where users access applications and data in shared environments.[REF-3] Cloud computing is a model for enabling ubiquitous, on-demand network access to a shared pool of convenient and configurable computing resources (such as networks servers, storage, applications, and services). Considered a disruptive technology, cloud computing has the potential to enhance collaboration, agility, efficiency, scaling, and availability; it provides the opportunity for cost reduction through optimized and efficient computing.

Many definitions attempt to address cloud computing from the perspective of different roles—academicians, architects, engineers, developers, managers, and consumers. For this article we’ll focus on the perspective of IT network and security professionals; more specifically, for the security architects at service providers and enterprises in their quest to provide a more transparent and secure platform for cloud services.

The National Institute of Standards and Technology (NIST) defines cloud computing through five essential characteristics, three cloud service models, and four cloud deployment models.[REF-14][REF-30] They are summarized in visual form in Figure 1.

Cloud service delivery is divided among three archetypal models and various derivative combinations. The three fundamental classifications are often referred to as the SPI Model, where SPI refers to Software, Platform, or Infrastructure (as a Service), respectively defined thus[REF-5]:

img

Figure 1 - nIST cloud computing dimensions[REF-14] (Source: nIST Special publication 800-53, "recommended Security Controls for Federal Information Systems and organizations," revision3, 2010)

  • Software as a Service (SaaS) - The capability where applications are hosted and delivered online via a web browser offering traditional desktop functionality, such as Google Docs, Gmail, and MySAP.
  • Platform as a Service (PaaS) - The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications developed using programming languages and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly application hosting environment configurations.
  • Infrastructure as a Service (IaaS) - The capability where a set of virtualized computing resource, such as compute and storage and network are hosted in the cloud; customers deploy and run their own software stacks to obtain services. The consumer does not manage or control the base, underlying cloud infrastructure but has control over operating systems, storage, deployed applications, and possibly limited control of select networking components (such as host firewalls).

In support of these service models and the NISTs deployment models (public, private, and hybrid), many efforts are centered around the development of both open and proprietary APIs that seek to enable things such as management, security, and interoperability for cloud computing. Some of these efforts include the Open Cloud Computing Interface Working Group, Amazon EC2 API, VMware’s DMTF-submitted vCloud API, Sun’s Open Cloud API, Rackspace API, and GoGrid’s API, to name just a few. Open, standard APIs will play a key role in cloud portability, federation, and interoperability as well as common container formats such as the DMTF’s Open Virtualization Format (OVF).[REF-5]

The architectural mindset used when designing solutions has clear implications on the future flexibility, security, and mobility of the resultant solution, as well as its collaborative capabilities. As a rule of thumb, perimeterized solutions are less effective than de-perimeterized solutions in each of the four areas. Careful consideration should also be given to the choice between proprietary and open solutions for similar reasons.

The NIST definition emphasizes the flexibility and convenience of the cloud, which allows customers to take advantage of computing resources and applications that they do not own for advancing their strategic objectives. It also emphasizes the supporting technological infrastructure, considered an element of the IT supply chain that can be managed to respond to new capacity and technological service demands without the need to acquire or expand in-house complex infrastructures.

Understanding the dependencies and relationships between the cloud computing deployment and service models is critical to understanding cloud security risks and controls. With PaaS and SaaS built on top of IaaS, as described in the NIST model (above)[REF-14] inherited capabilities introduce security issues and risks. In all cloud models the risk profile for data and security changes, and is an essential factor in deciding which models are appropriate for an organization. The speed of adoption depends on how security and trust in the new cloud models can be established.

Cloud Security, Trust, and Assurance

There is a significant amount of focus and activity across various standards organizations and forums to define the challenges, issues, and a solution framework to address these drivers. The Cloud Security Alliance, NIST, and the Open Cloud Computing Interface (OCCI), are examples of organizations promoting cloud security standards. Following are the key drivers for cloud security[REF-17][REF-12]:

  • Visibility, compliance, and monitoring: providing seamless access to the security controls, conditions, and operating states within the cloud’s virtualization and hardware layers for auditability and at the bottom-most infrastructure layers of the cloud security providers. The measured evidence would enable organizations to comply with security policies and with regulated data standards and controls such as FISMA and DPA.[REF-13]
  • Data discovery and protection: cloud computing places data in new and different places—not just user data, but also the application and VM data (source). Key issues include data location and segregation, data footprints, backup, and recovery.
  • Architecture: standardized infrastructure and applications lead to more opportunity to exploit a single vulnerability many times—the BORE (Break Once, Run Everywhere) principle. Considerations for the architecture include: 1) Protection; how do you protect against attacks with standardized infrastructure when the same vulnerability can exist at many places, due to the standardization? 2) Multitenant environment; how do you ensure that systems and applications are appropriately and sufficiently isolated? 3) Security policies; how do you ensure that security policies are accurately and fully implemented across cloud architectures?
  • Identity management: identity management (IdM) is described as the management of individual identities, their authentication, authorization, roles, and privileges/permissions within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime, and repetitive tasks.[REF-25] From a cloud security perspective, questions like, "how do you control passwords and access tokens in the cloud?" and "how do you federate identity in the cloud?" are very real and thorny questions for cloud providers and subscribers to address.
  • Automation and policy orchestration: the efficiency, scale, flexibility, and cost-effectiveness that cloud computing brings is because of the automation; the ability to rapidly deploy resources, scale up and scale down with processes, applications, and services provisioned securely "on-demand." A high degree of automation and policy evaluation and orchestration are required so that security controls and protections are handled correctly with very minimal scope of errors and with minimal intervention.

This article focuses on the first set of security drivers–visibility, compliance, and monitoring. Before we delve into these, we should start with a baseline definition of some key security concepts. These terms will form the foundation of what visibility, compliance and monitoring would entail. Let us start with baseline definitions for the terms security, trust, and assurance[REF-23]:

  • Security. Concerns the confidentiality, availability and integrity of data or information. Security also includes authentication and nonrepudiation.
  • Trust. Revolves around the assurance and confidence that people, data, entities, information or processes will function or behave in expected ways. Trust may be human to human, machine to machine (for example, handshake protocols negotiated with in certain protocols), human to machine (for example, when a consumer reviews a digital signature advisory notice on a Web site), or machine to human. At a deeper level, trust might be regarded as a consequence of progress towards security or privacy objectives.
  • Assurance. Provides the evidence or grounds for confidence that the security controls implemented within an information system are effective in their application. Assurance can be obtained by: 1) actions taken by developers, implementers, and operators in the specification, design, development, implementation, operation, and maintenance of security controls; 2) actions taken by security control assessors to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system.

While the cloud provides organizations with a more efficient, flexible, convenient, and cost-effective alternative to owning and operating their own servers, storage, networks, and software, it also erases many of the traditional, physical boundaries and controls that help define and protect an organization’s data assets. Physical servers are replaced by virtual ones. Perimeters are established not by firewalls alone but also by highly mobile virtual machines. As virtualization proliferates throughout the data center, the IT manager can no longer point to a specific physical node as being the home to any one critical process or data, because virtual machines (VMs) move around to satisfy policies for high availability or resource allocation. Public cloud resources usually host multiple tenants concurrently, increasing the need for isolated and trusted compute infrastructure as a compensating control. However, mitigating risk becomes more complex as the cloud introduces ever expanding, transient chains of custody for sensitive data and applications. Regulatory compliance for certain types of data would similarly become increasingly difficult to enforce in such models.

For this reason, the vast majority of data and applications handled by clouds today isn’t business critical and has lower security requirements and expectations, tacitly imposing a limit on value delivered. Most organizations are already leasing computing capacity from an outside data center to host noncritical workloads such as Web sites or corporate e-mail. Some gone a small step further and have outsourced business functions such as sales force management to providers in the cloud. If their workloads were compromised or the business processes became unavailable for a short period of time, the organization might be highly inconvenienced, but the consequences would probably not be disastrous.

Higher-value business data and processes, however, have been slower to move into the cloud. These business-critical functions—for example, the cash management system for a bank or patient records management within a hospital—are usually run instead on in-house IT systems to ensure maximum control over the confidentiality, integrity, and availability of those processes and data. Although some organizations are using Cloud for higher value information and business processes, they’re still reluctant to outsource the underlying IT systems, because of concerns about their ability to enforce security strategies and to use familiar security controls in proving compliance.

Security and Compliance Challenges

The four basic security and compliance challenges to organizations are:

  • Governance. Cloud computing typically increases an organization’s reliance on the cloud providers’ logs, reports, and attestations in proving compliance. When companies outsource parts of their IT infrastructure to cloud providers, they effectively give up some control over their information infrastructure and processes, even as they are required to bear greater responsibility for data confidentiality and compliance. While enterprises still get to define how information is handled, who gets access to that information, and under what conditions in their private or hybrid clouds, they must largely take cloud providers at their word or their SLA that security policies and conditions are indeed being met and may be forced to compromise to a capability that the provider can deliver. The organization’s ability to monitor actual activities and verify security conditions within the cloud is usually very limited and there are no standards or commercial tools to validate conformance to policies and SLAs.[REF-4][REF-12]
  • Co-Tenancy and Noisy or Adversarial Neighbors. Cloud computing introduces new risk resulting from co-residency, which is when different users within a cloud share the same physical requirement to run their virtual machines. Creating secure partitions between co-resident VMs has proven challenging for many cloud providers, ranging from the unintentional, "noisy-neighbor" (a workload that consumes more than its fair share of compute, storage or I/O resources, therefore "starving" other virtual tenants on that host), to the deliberately malicious; such as when malware is injected into the virtualization layer, enabling hostile parties to monitor and control any of the VMs residing on a system. Researchers at UCSD and MIT were able to pinpoint the physical server used by programs running on the EC2 cloud and then extract small amounts of data from these programs, by placing their own software there and launching a side-channel attack.[REF-4][REF-20]
  • Architecture and Applications. Cloud services are typically virtualized, which adds a hypervisor layer to the traditional IT services stack. This new layer in the service stack introduces opportunities for improving security and compliance, but also creates new attack surfaces and potential exposure to risks. Organizations must evaluate the new monitoring opportunities and the risks presented by the hypervisor layer and account for them in policy definition and compliance reporting.[REF-4][REF-20]
  • Data. Cloud services raise access and protection issues for user data and applications, including source code. Who has access, and what is left behind when you scale down a service? How do you protect data from the virtual infrastructure administrators and cloud co-tenants? Encryption of data—at rest, in transit, and eventually in use—would become a basic requirement. But encryption comes with a performance cost. If we truly want to encrypt everywhere, how do we do it cost effectively and efficiently? Finally, one area that is least discussed is "data destruction." There are clear regulations on how long data has to be saved (after which it has to be destroyed) and how to handle data disposal. Examples of these regulations include the Sarbanes-Oxley Act (SOX), Section 802 (7 years)[REF-22], HIPAA, 45 C.F.R. § 164.530(j) (6 years)[REF-17], and FACTA Disposal Rule.[REF-8]

Given that most organizations are using cloud services today for applications that are not mission critical or are of low value, security and compliances challenges seem manageable—but this is a policy of avoidance. These services don’t deal with data and applications that are governed by strict information security policies such as health regulations, FISMA regulations, and the Data Protection Act in Europe. The security and compliance challenges mentioned above would become central to cloud providers and subscribers once these higher-value business functions and data begin migrating to private cloud and hybrid clouds, creating very strong requirements for cloud security to provide and prove compliance. Industry pundits believe that cloud value proposition will increasingly drive the migration of these higher-value applications and information and business processes to cloud infrastructures. And as more and more sensitive data and business-critical processes move to cloud environments, the implications for security officers in organizations would be very wide- ranging to provide a transparent and deep compliance and monitoring framework for information security.

Cloud Service Security Requirements

This section addresses the key Security requirements as they pertain to launching Services in a Cloud Infrastructure.

Trust in the Cloud

One of the pillars of security in the cloud is trust.[REF-12] A trusted computing system will consistently behave in expected ways, and hardware and software will enforce these behaviors. Trusted computing uses cryptographic and measurement techniques to help enforce a selected behavior because it authenticates the launch and authorized processes. This authentication allows someone to verify that only authorized code runs on a system. This typically covers initial booting and may also cover applications and scripts. Usually, the establishment of trust of a particular component implies the ability to establish the trust for that component with respect to other trusted components. This trust path is known as the chain of trust, with the first component known as the root of trust.[REF-4][REF-9] It is implied that the root of trust be a trusted set of functions that are immune from physical and other attacks. Since an important requirement for trust is to be tamper-proof, cryptography or some immutable unique signature that identifies a component is used. For example: the hardware platform is usually a good proxy for a root of trust, since for most attackers the risk and difficulty of tampering directly with hardware exceeds the potential benefits. With the use of hardware as the initial root of trust, one can then measure software (such as hypervisor or operating system) to determine whether unauthorized modifications have been made to it. In this way, a chain of trust relative to the hardware can be established.

Trust techniques include hardware encryption, signing, machine authentication, secure key storage, and attestation.[REF-9][REF-6] Encryption and signing are well-known techniques, but these are hardened by the placement of keys in protected hardware storage. Machine authentication provides a user a higher level of assurance, as the machine is indicated as known and authenticated. Attestation provides a means for a third party (also called trusted third party) to affirm that firmware and software that are loaded are correct, true, or genuine. This is particularly important to cloud architectures based on virtualization.

Cloud Governance, Risk, and Compliance

Centralized controls and the specialized expertise of cloud services providers will enable security technologies for the computing infrastructure to be deployed far faster and more efficiently in cloud environments than if those same technologies were deployed in traditional enterprise IT environments. In fact, we believe by the end of this year, cloud providers will be able to introduce the first IaaS clouds built on measured trust environments. These new, more secure clouds will give organizations more flexible, affordable and efficient alternatives for shifting high-value business processes and data into private clouds.

Although not every organization will need the high security afforded by a trusted computing environment, every organization using cloud services could benefit from the vastly improved control and transparency that a measured chain of trust enables. Simply being able to verify conditions in the cloud services stack down through the hypervisor is a huge step forward in providing visibility into actual states and activities within the cloud and in better regulating how cloud resources are managed. Internal and private clouds built on a measured chain of trust will:

  • Strengthen an organization’s ability to enforce differentiated policies in private clouds.
  • Enhance monitoring for compliance at all layers within the cloud.
  • Streamline the auditing process.
  • Allow for more flexible usage and billing for secure computing resources.

Hardware Root of Trust: Building Security from the Ground Up

Organizations that are using (or desire to use) cloud services are starting to require cloud service providers to better secure the hardware layer and provider greater transparency into the system activities within and below the hypervisor.[REF-4][REF-6] This means that cloud providers should be able to:

  • Give organizations greater visibility into the security states of the hardware platforms running the IaaS for their private clouds.
  • Produce automated, standardized reports on the configuration of the physical and virtual infrastructure hosting customer virtual machines and data.
  • Provide policy-based control based on the physical location of the server where the virtual machines are and control the migration of these virtual machines onto acceptable locations based on policy specifications (such as some FISMA and DPA requirements dictate).
  • Provide measured evidence that their services infrastructure complies with security policies and with regulated data standards.
img

Figure 2 - Summary of the top five trust issues from a cloud subscriber’s perspective [REF-17] (Source: orrin, S. Information Security and risk management Conference, 2011 ISaCa, Session 241: Building Trust and Compliance in the Cloud)

What is needed are a set of building blocks for the development of "Trustworthy Clouds." These building blocks can be summarized as [REF-17]:

  • Creating a chain of trust rooted in hardware that extends to include the hypervisor.
  • Hardening the virtualization environment using known best methods.
  • Providing visibility for compliance and audit.
  • Using trust as part of the policy management for cloud activity.
  • Leveraging infrastructure and services to address data protection requirements.
  • Using automation to bring it all together and achieve scale and management efficiency.

Cloud providers and other members of the IT community are preparing to address this need. A growing ecosystem of technology companies is collaborating to develop a new interoperable trusted computing infrastructure. The goal of this emerging infrastructure is to eliminate attacks such as virtual rootkits and to provide the foundation for a hardware root of trust, which establishes a bottom-up security structure based on hardware.

The Advantages of Cloud Services on a Trusted Computing Chain

The advantages of building cloud services on a trusted chain of computing resources include:

  • Improving co-residency security by ensuring the launch of only trusted code. Protecting against untrusted software isn't just about malware; it also applies to more benign conditions, such as the improper migration or deployment of virtual machines. To illustrate, if load-balancing software or a cloud administrator attempts to move virtual machines from an unsecured computing platform to a secure, trusted one, the management software would prevent the incoming VMs, since it originated from an unsecured platform.
  • Preventing the unsafe transit of secure virtual machines. In the same way that VMs coming from an unsecured platform would not be allowed to move to secured platforms, VMs originating on secured platforms would not be allowed to move to unsecured ones. If, for instance, an administrator attempted to transfer a secured VM onto a new server, the virtualization management console would first perform a policy check on the outgoing VM and then measure the security configurations of the new server against accepted standards. If the new server couldn't meet the secure standards required to host the VM, the virtualization management console or security policy engine would block the VM's move and log the attempt.
  • Maximizing operational efficiency by creating trusted pools of systems. Once platform trustworthiness can be measured, cloud providers can put such measurements to use in building trusted pools of systems, all with identical security profiles. Hypervisors can then make more efficient use of secure clouds, moving VMs with similar security profiles within zones of identically secured systems for load balancing and other administrative purposes—all while protecting data in conformance with regulated standards and policies.
  • Building secure clouds customized to comply with the most rigorous requirements. The secure cloud's ability to map high-trust zones of systems will enable organizations and cloud providers to customize their clouds to comply specifically with PCI DSS, HIPAA, or other highly controlled information standards. Then, trusted pools of cloud-based resources— all compliant with the same set of information standards—could be dynamically allocated to optimize workloads. Such a scenario would extend the cloud's efficiency and scalability benefits to even the most strictly controlled business processes and heavily regulated industries. Furthermore, cloud services could be fine-tuned to provide different levels of data security. For instance, two clouds could be proven HIPAA-compliant, with one cloud tuned to provide lower-level security at a lower cost for data such as patients' insurance information. The other HIPAA-compliant cloud, handling sensitive health information such as patient medical histories, could be tuned for maximum security. By tailoring cloud service levels, security and pricing to the value of information handled within each cloud, organizations provisioning private clouds can buy only what they need, making the cost benefits and business case for moving into the cloud even more compelling.[REF-1]

Conclusion

The use models we've discussed in this article are early-stage implementations to address requirements that customers and industry bodies are defining now. However, these models do provide a foundation for enhanced security that can evolve with new technologies from Intel and others in the hardware and software ecosystem.

There are no "silver bullets" for security, where a single technology solves all problems—security is too multifaceted for such a simplistic approach. But it is very clear that a new set of security capabilities are needed, and it is best to start at the most foundational elements. Trusted platforms provide such a foundation. Such platforms provide:

  • Increased visibility into the operational state of the critical controlling software of the cloud environment through attestation capabilities; and
  • A new control point, capable of identifying and enforcing local "known good" configuration of the host operating environment and reporting the resultant launch trust status to cloud and security management software for subsequent use.

Each of these capabilities complements the other as they address the joint needs for visibility and control in the cloud. Of equal importance, these attributes can be available to both consumers of cloud services and the cloud service providers, thanks to common standards for key functions such as attestation, but also due to the work for the ecosystem to enable solutions are many layers. It is only through the integration of trust-based technologies into the virtualization and security management tools in traditional IT environments (tools such as security event information management (SEIM) or governance, risk, and compliance (GRC) console) that will deliver the required scale and seamless management that will help customers realize the benefits of cloud computing.

References

[REF-1] Amazon Web Services, "Overview of Security Processes," August 2010.

[REF-2] Barros, A. and Kylau, U., "Service Delivery Framework—An Architectural Strategy for Next-Generation Service Delivery in Business Network, Proceedings of the 2011 Annual SRII Global Conference, pp. 47–37, 2011.

[REF-3] Demirkan, H., Harmon, R.R., Goul, M., "A Service Oriented Web Application Framework," IT Professional, Vol. 13, no. 5, 15–21, 2011.

[REF-4] Curry S., Darbyshire J, Fisher Douglas, et al., "RSA Security Brief", March 2010.

[REF-5] Cloud Security Alliance, "Security Guidance for Critical Areas of Focus in Cloud Computing v2.1," 2009.

[REF-6] Cloud Security Alliance Group, "CSA-GRC Stack," , Accessed January 2012

[REF-7] E. Castro-Leon, E., Golden, B., Yeluri, R., Gomez, M., Sheridan, C., Creating the Infrastructure for Cloud Computing: An Essential Handbook for IT Professionals, Chapter 4, Intel Press, 2011.

[REF-8] "FACTA Disposal Rule goes into Effect Jun1 2005," Report on Federal Trade Commission Website. Retrieved February 2012 from http://www. ftc.gov/opa/2005/06/disposal.shtm

[REF-9] Intel Corporation. "Intel TXT," white paper, 2012, retrieved from http://www.intel.com/technolog y/security/downloads/arch-overview.pdf

[REF-10] ISACA (auditor’s perspective journal) http://www.isaca.org/Journal/ Past-Issues/2009/Volume-6/Pages/Cloud-Computing-An-Auditor-s- Perspective1.aspx.

[REF-11] Kang, K., Strong, R., Fang, H., Chen, T., Rhodes, J., Zhou, R., "Complex service management in a hybrid cloud," Proceedings of the 2011 Annual SRII Global Conference, pp. 34–46, 2011.

[REF-12] Khan, K.M, Malluhi, Q., Establishing Trust in Cloud Computing, IEEE IT Professional, Vol. 12-5, pp. 20–27, September/October 2010.

[REF-13] NIST, "Recommended Security Controls for Information Systems," Special Publication 800-31-1, National Institute of Standards and Technology, 2005.

[REF-14] NIST Special Publication 800-53, "Recommended Security Controls for Federal Information Systems and Organizations," revision3, 2010.

[REF-15] NIST Special Publication 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems, 2010.

[REF-16] NIST Special Publication 800-88 Guidelines for Media Sanitization, Computer Security, 2008.

[REF-17] Orrin, S. Information Security And Risk Management Conference, 2011 ISACA, Session 241: Building Trust and Compliance in the Cloud.

[REF-18] Research paper—"Cloud Computing and Security - A Natural Match," http://www.trustedcomputinggroup.org/resources/cloud_computing_ and_security__a_natural_match

[REF-19] Research paper—"Security Issues and Solutions in Cloud Computing" http://wolfhalton.info/2010/06/25/security-issues-and-solutions-incloud- computing/"

[REF-20] Ristenpart, T., Tromer, E., et al., "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds," CCS’09, Chicago, Illinois, USA.

[REF-21] SOX 802 Final Rule: Retention of Records Relevant to Audits and Reviews. Retrieved February 2012 from http://www.sec.gov/rules/ final/33-8180.htm

[REF-22] Technical Report from RAND Corporation, Europe, "Handbook of Legal Procedures of Computer and Network Misuse in EU Countries, RAND" 2005 edition of the CSIRT Legal Handbook. Retrieved February 2012 from http://www.rand.org/pubs/technical_reports/2006/ RAND_TR337.pdf

[REF-23] Wesam Dawoud, Ibrahim Takouna and Christoph Meinel, "Infrastructure as a service security: Challenges and solutions," in 2010 The 7th International Conference on Informatics and Systems, 2010, pp. 1–8.

[REF-24] Wikipedia—Cloud computing security; Retrieved February 2012 from http://en.wikipedia.org/wiki/Cloud_computing_security

[REF-25] Yeluri.R, and Moreau. D., "Building Trust and Compliance in the Cloud," VMworld 2011 Technical Session.

[REF-26] Kaufman, L.M., Potter, B., Can Public-Cloud Security Meet Its Unique Challenges? IEEE Security & Privacy, July/August 2010.

[REF-27] Weinberg, N, Gartner: "Private Clouds Are a Last Resort," Network World, October 19, 2011 quoting Garner’s Daryl Plummer; retrieved February 25, 2012 from http://www.networkworld.com/ news/2011/101911-gartner-private-cloud-252151.html

[REF-28] Wenbo Mao, Attestation as a Service—Local Attestation for Cloud Security vs. Remote Attestation for Grid Security, EMC Community Network, retrieved February 25, 2012 from https://community.emc.com/ blogs/WenboMao/2010/04/25/attestation-as-a-service-local-attestation- for-cloud-security-vs-remote-attestation-for-grid-security

[REF-29] Mell, P, Grance, Timothy, The NIST Definition of Cloud Computing, NIST Special Publication 800-145, September 2011.

Copyright

Copyright © 2012 Intel Corporation. All rights reserved.
Intel, the Intel logo, and Intel Atom are trademarks of Intel Corporation in the U.S. and other countries.
*Other names and brands may be claimed as the property of others.