The new architecture instead adopts a hosted virtualization platform (a type-2 VMM) that runs on top of the native RTOS installed on the phone. This one is considered the “personal environment” while the VM running on top of it contains the “business environment”

However, Open Kernel Labs seem less than impressed by VMware’s approach for a number of reasons, not least this:

the hybrid hypervisor inherits all the other drawbacks of the Type-2 hypervisor, especially the huge size of the trusted computing base. Everything in the host OS (all of a million or so lines of code!) needs to be trusted, a huge attack surface

There’s a lot happening behind the scenes these days with mobiles; it will be interesting to see over the next few years who wins out in the mobile trust field.

The TCG has also published a white paper on Cloud Computing and Security – A Natural Match, that discusses why you want a TPM in the cloud, and there has also been an extension to the IF-MAP protocol for Trusted Network Connect to support the Trusted Multi-Tenant Infrastructure Work Group.

1. Support for multiple environments
2. Easier product development cycle
3. Extend Legacy software window
4. Improved Security
5. Cost Savings

The improved security issue is the interesting one for this blog, with not surprisingly Open Kernel Labs’ OKL4 picked out as a hypervisor which can provide mobile virtualisation. Interestingly, OKL4 was also highlighted as offering cost savings by allowing different display hardware to be implemented without requiring any changes to the host operating system.

It’s an interesting article that’s well worth the read.

The [hardware root of trust for the Cloud] is rapidly evolving from the specifications of the Trusted Computing Group. This involves the use of special secure chips, such as Intel’s Trusted Execution Technology, being embedded within the servers. These hold a trusted profile for the server, and they examine, measure and compare all of the processing components of the server with that trusted profile whenever the server is turned on or reset. Put simply, if your cloud provider is using such a system, there is nowhere on the server for malware to hide; and Jay Heiser’s concern about the platform being ‘owned’ by hackers is solved.

While it’s nice to read such a positive review of the TPM in the cloud, I do think it is a bit too optimistic to claim that the problem is solved by this technology. In particular, as the quote above says, a TPM in the cloud is a rapidly evolving solution – it’s not there yet, and even when it gets there it will not be marketed as a 100% solution, I hope. As a simple rebuttal, there also needs to be run-time integrity checks; the Mobile Trusted Module does this, and indeed I have had a conversation with someone who reckons the dynamically-verifying Mobile Trusted Module model is more suitable to the cloud than the static TPM.

Enjoy!

Bunker-V is focused on reducing the TCB [Trusted Computing Base] attack surface by minimizing the interface between the TCB and guest VMs by eliminating unnecessary virtual devices. Microsoft says that this approach can reduce the TCB by 79% while retaining high performance for legacy OSes.

Seems to be a topic that is worth following.

I expect both 3rd party vendors and VMware will develop the missing pieces in a future release (note the ESX & ESXi 4.1/4.5 version #’s in the videos) and look forward to being able to fully utilize this new security feature.

There’s also a picture of the optional TPM chip and how it fits onto an HP server motherboard, in case if you have ever been curious to see what it looks like.

The end customer uses Enomaly’s ECP HAE client, which uses our patented technology to verify the integrity of the cloud provider’s software stack. When the client is connected to an "approved" HAE-verified platform, Enomaly’s HAE client displays a prominent positive verification screen indicating that the platform is safe to use.

The ECP HAE itself is based around Intel’s TXT (Trusted Execution Technology) and a Trusted Platform Module, with a Xen hypervisor running on top. Their lead security architect, Dr David Lie, has patented practical remote attestation for Infrastructure as a Service (IaaS) providers on this ECP HAE. I have also looked at practical remote attestation, so I’ll have to chase down some references to see what they are doing!

Their work does seem interesting, and I’ll be keeping an eye on what they are doing in the future.

A security strategist with a well-known online payment service said that HSMs did not solve the problem entirely and might be difficult to scale. He suggested AWS create key servers in memory rather than on disk. A passphrase would then be required to access the HSM and pull out the required key.

That quote makes little sense to me, and I’m surprised that there was no mention of virtualisation of the HSM – a quick search of the web reveals a good number of people working on virtualisation schemes for the Trusted Platform Module.