Mitigating threats in the cloud using Intel® TXT and Trusted Compute Pools

How important is uptime to you when it comes to cloud? In order to archive higher 9’s you should have a structured plan to deal with root causes of unavailability: operational errors, components failures, power outages, security threats, etc. In this post, I’ll discuss about one aspect of security concerns: Integrity.

Actually, how do you manage to guarantee that Virtual Machines (VMs) running on top of hypervisor and hypervisor itself is in a trusted and well-known condition? The short answer is simple: You don’t, at least if you don’t have a root of trust tamper resistant that can attest integrity of chain of trust, and Intel® Trusted Execution Technology (TXT) has this ability.

Threat Analysis

To understand the role of Intel® TXT and why a root of trust is so important, I’ll guide you in a brief description of x86 architecture and how popular operating systems are designed.

Since Intel 286, every instruction executed on x86 architecture can be executed in 4 different privilege levels that are defined by 2 bits. So, when an instruction is executed with the 00b (0d), it means the highest privilege level called ring 0 or kernel mode. Otherwise, when these bits are equaled to 11b (3d), it means the lowest privilege level called ring 3 or user mode.

On the first 90s, at USENET, Prof. Andrew S. Tanembaum (Computer Network’s writer) and Linus Torvalds (Linux’s creator) discussed about the models that the Operating System should be built on Intel x86 architecture. Andrew defended the microkernel model, an elegant proposal by the implementation point of view since the system would be disposed between the 4 privilege levels, as we can see on the diagram bellow


Maybe, because of his programmer background, Linus Torvalds defended the monolithic kernel, a more pragmatic model where the kernel and device drivers are on the same privilege context. Therefore, on the Operating System construction point of view, it becomes simplified because avoid context changes due inter-processes calls.

Time showed that Linus Torvalds was right. Linux became popular and MINIX, developed by Andrew, didn’t. David Cutler (Microsoft architect and Windows Internals’ author) also believed on monolithic kernel that predominated. However, it doesn’t means that Tanembaum’s concerns weren’t relevant, is completely the opposite, from security standpoint, creation of security boarders isolating kernel, drivers, services and applications, and is an advance over Linus’ model. However, kernel monolithic showed fastest development cycle due its simplicity and claimed by better performance. I know that it’s a controversial point, since there are many examples of operating systems developed under microkernel model with excellent performance such as Cisco IOS that arrives embedded into Cisco routers.

From security view, in the monolithic kernel any vulnerability or malware loaded by devices drivers or any kind of code running in ring 0 context may compromise the entire system, while in microkernel model, where you have a minimum kernel footprint, non-extensible and isolated in its own TCB (Trusted Computing Base) is more resistant against attacks.

What TXT essentially do, is bring the security advantages of microkernel model to actual platform with enhancements. For a cloud environment, Intel® TXT is able to Measure Launch (ML) the BIOS, hypervisor and attest the integrity of each VM individually as described in the following picture:

TXT How does it works.PNG

Trusted Compute Pools

Extrapolating this capability to cloud infrastructure allow us to develop the concept of Trusted Compute Pools, where you group machine with TXT capable and enabled in a cluster of trust.

Trusted Compute Pools.PNG

This capability is present on various hardware models and you can use it with VMWare ESX 4.1 U1,  Linux/Xen using the tboot code as described in this post and also using HyTrust or Parallels with more coming.