On the 4/7/2011 Virtualization Security Podcast, we were joined by Wyatt Starnes of Harris Corporation. Wyatt is the Vice President of Advanced Concepts of Cyber Integrated Solutions at Harris. What this means, is that Wyatt is one of the key folks of the Harris Trusted Cloud initiative. Trust is a funny word, and we have written about that in the past.
Granted their approach could be used for a Secure Multi-Tenant Public Cloud, and I feel will be required for such a cloud to exist. So what is their approach? It all starts with a company Harris bought a while back: SignaCert which is a different approach to what Tripwire does today (as Wyatt Starnes was an original founder of Tripwire). SignaCert has an ever growing database of software signatures. The software signature gathering component and process becomes part of the supply chain for all components into the Harris Trusted Cloud. These components include signatures for routers, switches, operating systems, and applications which are generated as close to the software release process as possible.
Consider Figure 1, if we build a chain of trust starting at the hardware, today we can:
- Use TPM as the basis for a Hardware Root of Trust.
- Use TPM to verify the boot volume of physical hardware.
- Use TXT to perform a trusted launch of a hypervisor.
- Use TXT to perform a trusted launch of the VM object.
With all these technologies building upon the previous technology. In essence, building up from a Hardware Root of Trust, using that same Root of Trust for each additional layer up through the launch of the VM Object. However, the current technology fails to perform a trusted launch of the Guest OS. So the chain is broken.
To solve this problem Harris Trusted Cloud uses SignaCert technology to apply Operating System and Application integrity checking to ensure that the Guest OS you want to launch is exactly what you wish to launch, and the application running within that Guest OS is also exactly what you wish to launch. If the Integrity monitoring of the Guest OS is not valid, then the Guest will not work. It does this in two ways currently:
- By inspecting the Guest OS from outside by using the vSphere vStorage API
- By inspecting the Guest OS and applications from inside by using an agent
This two-fold approach, which is also a fail-safe approach, allows for monitoring of the Guest OS and Applications while the Guest is running, something the current TPM/TXT modules cannot do, but could also be performed by VMware vShield End Point Security. Harris Trusted Cloud also applies their SignaCert technology to verify the Hypervisor as well, providing two mechanisms to ensure that the proper hypervisor is booted (via TXT and SignaCert).
They have even discovered a solution for the pesky problem of multiple UCS blades sharing the same identity within their VBlock based solution. They use an aspect of TPM to detect such issues once more using the Hardware Root of Trust. While they close the gap, there is still one that exists. The Hardware Root of Trust does not extend to SignaCert, that uses an entirely different Root of Trust. Perhaps Intel and SignaCert should team up, so that the Hardware Root of Trust can not only be used for trusted boot and launch, but continual monitoring of what was booted and launched. As such the Hardware Root of Trust would go all the way up the stack from the hardware.
Harris applies SignaCert to all components of their cloud, not just the ones upon which the hypervisors run. But switches, storage, and all other forms of interconnects. Tie this technology to continual monitoring they can detect changes and react to them quite quickly. However, prevention is still a concern. They need to not only detect changes, but prevent them as well. Or as Hemma Prafullchandra stated: a cloud administrator working on tenant A’s VMs should not be able to move said VMs to any of the switching, data stores, etc. in use by tenant B. In other words, prevention.
Harris Trusted Cloud is still under development, and they are working with the VCE coalition to improve the overall integrity of their private/hybrid cloud solution. Now I imagine they will also look for ways to ensure prevention as well as detection of configuration changes.