Secure multi-tenancy is not just about ensuring security and segregation between tenants. It is also about limiting, auditing, and tracking the activities of a cloud service provider within a tenancy or that touches upon more than one tenant, which of course includes any activity that occurs within the hypervisor, storage, or other layers of the cloud. In the past, I referred to this as the delegate user problem. We were joined by Skyfence (now Imperva) on the April 24 Virtualization Security Podcast to discuss its transparent gateway solution for cloud access, and I had another thought on usage. Perhaps now we can solve the delegate user problem.
Articles Tagged with Secure Multi-Tenancy
Recently I have had the pleasure of discussing security with a number of cloud providers. Specifically, we talked about what security they implement and how they inform their tenants of security-related issues. In other words, do they provide transparency? I have come to an early conclusion that there are two types of clouds out there: those that provide additional security measures and work with their tenants to improve security, and those who do not. On the Virtualization Security podcast we have discussed this many times, with the conclusion being drawn that many clouds do a better job at security than the average organization does, but that there is no way to know what is implemented, as there is no transparency.
There seems to be a myriad of definitions of who is a tenant when it comes to secure multi-tenancy. This debate has occurred not only within The Virtualization Practice as well as at recent Interop and Symantec Vision conferences I attended. So who really is the tenant within a multi-tenant environment? It appears multiple definitions exist and if we cannot define Tenant, then how do you build secure applications that claim to be multi-tenant?
While at InfoSec World 2012’s summit on Cloud and Virtualization Security, the first talk was on Securing your data. The second was on penetration testing to ensure that data was secure. In essence it has always been about the data but there is a huge difference between what a tenant can do and what the cloud or virtual environment provider can do with respect to data protection and security. This gap is apparently becoming wider instead of smaller as we try to understand tenant vs cloud provider security scopes. There is a lack of transparency with respect to security, but at the same time there are movements to gain that transparency. But secret sauces, scopes, legislation, and lack of knowledge seem to be getting in the way.
On 9/22 was held the Virtualization Security Podcast featuring Anil Karmel, Solutions Architect at Los Alamos National Library (LANL), to discuss their implementation of secure multi-tenant Cloud. LANL makes extensive use of the entire VMware product suite from vCloud Director down to the vShield components to implement their SMT cloud. They have also added into their cloud their own intellectual property to improve overall cloud security. It was a very interesting conversation about the state of SMT today.
On the 4/7/2011 Virtualization Security Podcast, we were joined by Wyatt Starnes of Harris Corporation. Wyatt is the Vice President of Advanced Concepts of Cyber Integrated Solutions at Harris. What this means, is that Wyatt is one of the key folks of the Harris Trusted Cloud initiative. Trust is a funny word, and we have written about that in the past.
Harris’ approach is unique in that they are attempting to ensure integrity of all components of the cloud down to the code level, not just the network with their target being the hosted private cloud and NOT the secure multi-tenant public cloud.
Granted their approach could be used for a Secure Multi-Tenant Public Cloud, and I feel will be required for such a cloud to exist. So what is their approach? It all starts with a company Harris bought a while back: SignaCert which is a different approach to what Tripwire does today (as Wyatt Starnes was an original founder of Tripwire). SignaCert has an ever growing database of software signatures. The software signature gathering component and process becomes part of the supply chain for all components into the Harris Trusted Cloud. These components include signatures for routers, switches, operating systems, and applications which are generated as close to the software release process as possible.