James J Greene III

Sr Marketing Engineer, Security Technologies

August 2013

Enabling Trust and Security in Cloud

with Intel Trusted Executed

Technology (Intel TXT)

Martin Guttmann

Principal Architect, WW Data Center Group

Legal Disclaimer Intel may make changes to specifications and product descriptions at any time, without notice.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information on performance tests and on the performance of Intel products, visit http://www.intel.com/performance

Intel does not control or audit the design or implementation of third party benchmarks or Web sites referenced in this document. Intel encourages all of its customers to visit the referenced Web sites or others where similar performance benchmarks are reported and confirm whether the referenced benchmarks are accurate and reflect performance of systems available for purchase.

Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request.

Intel® Virtualization Technology (Intel® VT) requires a computer system with a processor, chipset, BIOS, virtual machine monitor (VMM) and applications enabled for virtualization technology. Functionality, performance or other virtualization technology benefits will vary depending on hardware and software configurations. Virtualization technology-enabled BIOS and VMM applications are currently in development.

Intel, Intel Xeon, Intel Core microarchitecture, and the Intel logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries.

No computer system can provide absolute security under all conditions. Intel® Trusted Execution Technology (Intel® TXT) requires a computer system with Intel® Virtualization Technology, an Intel TXT-enabled processor, chipset, BIOS, Authenticated Code Modules and an Intel TXT-compatible measured launched environment (MLE). The MLE could consist of a virtual machine monitor, an OS or an application. In addition, Intel TXT requires the system to contain a TPM v1.2, as defined by the Trusted Computing Group and specific software for some uses. For more information, see here

The original equipment manufacturer must provide TPM functionality, which requires a TPM-supported BIOS. TPM functionality must be initialized and may not be available in all countries.

Intel® AES-NI requires a computer system with an AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. AES-NI is available on select Intel® processors. For availability, consult your reseller or system manufacturer. For more information, see http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/

© 2011 Standard Performance Evaluation Corporation (SPEC) logo is reprinted with permission

Agenda

• Security trends and concerns

• Intel provides foundation for best secure processing

• Meeting the security challenge:

• Use Models and Solutions to mitigate pain points

• Examples

• Summary

Security Concerns Limit Adoption of Cloud Better Security is Essential for Cloud Growth

1 McCann 2012 State of Cloud Security Global Survey, Feb 2012

Say lack of visibility

inhibiting private cloud

adoption1

Lack of control over

public cloud1

Avoid putting workloads with

compliance mandates in

cloud1

57% 61% 55%

IT Pro survey of key concerns:

Gain visibility

Maintain control

Prove compliance

Platform Attacks Moving “Down the Stack” to Gain Greater Stealth and System Control

Traditional attacks: Focused primarily on the application layer

OS infected with APTs: Threats are hidden from security products

Attacks disable security

products

New stealth attacks: Embed themselves below the OS and Virtual Machine, so they can evade current solutions

Ultimate APT*s: Compromise platform and devices below the OS, using rootkits as

cloaks

Compromise virtual machine

APT: Advanced Persistent Threat

A New Approach Is Required: “Hardware-enhanced Security”

Move critical security processes down into the hardware

• Encryption, Authentication, Manageability, and Platform Cleansing

• Hardware is inherently less vulnerable to modification or corruption

Hardware Root of Trust performs security-critical functions, e.g.,

• Measure and/or verify software (BIOS, Drivers, Hypervisor, etc.

• Protect cryptographic keys

• Perform device authentication

Added Protection against:

• Viruses and worms

• Malware

• Disabled software

• Rootkits

US Dept of Homeland Security

Cyber Security Research &

Development Broad Agency

Announcement (BAA): BAA 11-

023

NIST Guidelines Seek to Minimize Risk of BIOS attacks2

• Pre-runtime

environment target of

new attacks

• Protections abstracted

away by virtualization

and cloud

• Low-level attacks are

hard to detect and can

be difficult to recover

from

Mebromi: The First BIOS

Rootkit in the Wild1

*Other names and brands may be claimed as the property of others

Pain Point: Enforcement New Controls Needed to Enforce Protection of Infrastructure

Source 1: http://www.outlookseries.com/A0995/Security/3817_Homeland_Security_Hearing_Cloud_Computing_Implications.htm

Source 2: http://www.itbusinessedge.com/cm/blogs/lawson/multi-tenant-solutions-the-pros-the-questions-and-integration-concerns/?cs=45181&page=2

Source 3: https://cloudsecurityalliance.org/csaguide.pdf

Server Security Technologies

Intel® TXT and Hardware Root of Trust

• Intel® Trusted Execution Technology (Intel TXT) enforces control of the platform, measures launch components

• A hardware based security foundation (Root of Trust) to build and maintain a chain of trust, to protect the platform from software based attacks

Trusted and verifiable systems

− Implement policies/controls on top of a foundation of trust beginning in HW and up the stack

− VMware, SUSE, Redhat and others have products that support HW roots of trust and attestation

*Other names and brands may be claimed as the property of others.

Server Security Technologies

Intel® Trusted Execution Technology (Intel® TXT) Hardens and Helps Control the Platform

•Enables isolation and tamper detection in boot process

•Complements runtime protections

•Hardware based trust provides verification useful in compliance

•Trust status usable by security and policy applications to control workloads

Internet

Compliance Hardware support for compliance reporting enhances auditability of cloud environment

Trusted Launch Verified platform integrity reduces malware threat

Trusted Pools Control VMs based on platform trust to better protect data

Server Security Technologies

Trusted Compute Cloud Solution with TXT Sample Solutions Architecture

BIOS

TPM Intel Servers with TXT

API’s

Virtual Management Console

VMM

Portal and Cloud Management

ConfigMgr + SIEM Policy Engines GRC

Trust Agent

Verifier/ Attestation

*Other names and brands may be claimed as the property of others.

R E S T

Attestation Server

Privacy CA

Attestation Handler/Cac

he

MLE + Whitelist

Management

Provisioning +

Automation

Credential Mgt

HyTrust enables platform attestation,

enforce policies, provides the

visibility for security, trust

and compliance

Server Security Technologies

Example of Deployments w/CISCO UCS & TXT enabled Solutions

Virtual Appliance

McAfee’s management console;

Unified management of system

security, policy enforcement, event

report

Customer policy, Audit reports

PS

1P

S2

FAN

STAT FAN

1FA

N2

FAN

STAT

STA

T

OK

FAIL

N10-PAC1-550W

OK

FAIL

N10-PAC1-550W

PS

1P

S2

FAN

STAT FAN

1FA

N2

FAN

STAT

STA

T

OK

FAIL

N10-PAC1-550W

OK

FAIL

N10-PAC1-550W

SLOT

1

SLOT

5

SLOT

3

SLOT

7

SLOT

2

SLOT

6

SLOT

4

SLOT

8

!

UCS 5108

OK FAIL OK FAIL OK FAIL OK FAIL

VMware vCenter vSphere 5.1

Cisco UCS 5108 M3 System

with Intel TXT and UCS 6120XP Switch

McAfee

ePolicy Orchestrator

*Other names and brands may be claimed as the property of others.

IT manager

Enforce Policies

Security management tools can assure workloads are managed and placed within policy, enable reporting and audit of controls

VM

Establish Boundaries

Hardware based mechanism to verify platform integrity (trust) status and store/report other asset descriptor such as location

IT manager

Identify Workloads

Evaluate workloads and data they contain. Use tool to label workloads’ security needs, create policy requirements

VM

IT manager

Policy: sensitive FISMA VM

requires trusted host, requires US

host

1 2 3

NIST IR 7904 – Solution Reference Architecture for Trusted Compute Pools

http://csrc.nist.gov/publications/drafts/ir7904/draft_nistir_7904.pdf

*Other names and brands may be claimed as the property of others.

What have we learned?

13 *Other names and brands may be claimed as the property of others.

1. Security threats and requirements continue to grow

2. Security concerns limit ability to adopt cloud

3. Security can be integrated to make it more pervasive, effective and efficient

4. Leaders are building out trust-enabled solutions to deal with new threats and provide new controls for visibility and compliance in the cloud

What can we do?

14 *Other names and brands may be claimed as the property of others.

1. Take a cue from the examples we discussed: Find leverage and solutions

2. Assess your risks and capabilities: Determine what new controls are needed, are you using all the tools you have (such as UCS?), can they do more?

3. Get Help: What do your suppliers do for you to enable your business?

4. Be Helpful: If you’re an integrator (or an IT manager), how are you helping your customers get ahead of the threats? The business needs?