Taking a Layered Approach to Security
One of the challenges in securing the cloud infrastructure is that the attack surface is so large. Vulnerabilities could be exploited at the level of the application, operating system, hypervisor, BIOS, or firmware. That represents a diverse and complex stack to protect, all while preserving the openness required to effectively host workloads.
If malware manages to infiltrate one layer of the infrastructure, the whole stack is compromised. Malware at the level of the firmware or the BIOS can be especially hard to detect and remove using software. These layers are non-volatile, so any malware will survive a hard reset, and anything at this level could have highly privileged access to the higher layers, all the way up to the data.
Adding Multi-layered Protection
There is no single solution that can protect the whole stack: multiple solutions need to be used together to ensure that each layer of the infrastructure is protected.
• Protecting the firmware: Start by establishing a root of trust in hardware. Intel®
Boot Guard can be used to perform a cryptographic Root of Trust for Measurement (RTM) of the Early Firmware, so that you can take action if it's been tampered with. Intel® Platform Firmware Resilience (Intel® PFR) technology can check the firmware signature is correct at start-up and verify that the boot behavior is normal. More than that, though, it can ensure only whitelisted commands can access the flash and recovery memory, and recover the firmware to a healthy state if it's compromised.
• Protecting the BIOS, OS, and Hypervisor: Intel® Trusted Execution Technology (Intel® TXT) is designed to harden platforms from the threats of hypervisor attacks, BIOS, or other firmware attacks, malicious root kit installations, and software-based attacks. It increases protection by allowing greater control of the launch stack through a Measured Launch Environment (MLE) and enabling isolation in the boot process. Using Intel® TXT, you can verify the secure installation and launch of a hypervisor or operating system.
• Protecting the application: Stealing sensitive data and proprietary code is often the goal of malware. Intel® Software Guard Extensions (Intel® SGX) was introduced on the Intel® Xeon® processor Scalable family, and enables secure enclaves to be created, protected in hardware. The code and data within these secure enclaves can only be accessed by trusted application code. While encryption can protect data at rest, Intel® SGX also protects it in use, and shelters it from privileged malware at the level of the operating system, hypervisor or BIOS.
Turning Security to Profit
Cloud service providers need to enhance their security as a defensive measure, but improved security is also an opportunity for growing the business. It may be easier to attract customers from highly regulated industries if you can demonstrate you satisfy the NIST SP800-193 Platform Firmware Resiliency Guidelines, for example, which Intel® PFR can help you to meet.
You may also be able to establish services based on enhanced security technologies. Cloud service provider PhoenixNAP offers the Data Security Cloud. a virtualization service that provides customers with security tools, supported with a team to monitor and manage security. Equinix is using Intel® SGX to create a key management and encryption Software as a Service (SaaS) offering.
For more information on enhancing the security of your infrastructure, see Intel's new eGuide: Three Security Layers for a More Secure Cloud.