Trusted Geolocation in the Cloud

Summary

While cloud computing offers businesses and other organizations cost savings and flexibility, these shared resources can introduce security and privacy challenges. 

Enterprises that use cloud services want to be assured that:

  • the cloud compute platform hosting their workload has not been modified or tampered

  • sensitive workloads on a multi-tenancy cloud platform are isolated within a logically defined environment from the workloads of competing companies 

  • workload migration occurs only between trusted clusters and within trusted data centers 

  • cloud servers are located in their preferred regions or home countries so that the cloud provider is subject to the same data security and privacy laws 

Unfortunately, traditional geolocation, the process for asserting the integrity of the cloud compute hardware and enforcing the physical location of an object, is based on operational security control: The method is not secure and does not lend itself to automation and scaling of the cloud computing platform. 

To meet these business needs and help accelerate the adoption of cost-saving cloud technologies, the NCCoE is collaborating with Intel, RSA, and HyTrust on the Trusted Geolocation in the Cloud building block. This automated “hardware root of trust” determines the integrity of the compute hardware and restricts the workloads to cloud servers within a location. The hardware root of trust is a tamper-proof combination of hardware and firmware—deployed by a cloud service provider, business or organization using cloud services—with a unique identifier for the cloud server host and metadata about the server platform. Using secure protocols, a business can access this information to find out if the platform is still as it was when first deployed, determine the location of the cloud server, and enforce geolocation-based restrictions.

This building block relies on trusted compute pools: segregated portions of the cloud with security requirements that match the value and sensitivity of the workloads they contain. We have demonstrated the use of RSA Archer commercial enterprise and risk management solutions and dashboard reporting to assess these pools, or compute nodes, by measuring them at launch time, monitoring them continuously, and determining their physical location and levels of compliance. 

The Trusted Geolocation in the Cloud implementation has been published, in a final report, as NIST Interagency Report 7904.

Collaborating Vendors

HyTrust logo
Intel logo
RSA logo

The NCCoE implemented this project with technology vendor collaborators and/or its National Cybersecurity Excellence Partnership (NCEP) partners. They contributed hardware, software, and expertise on this project.

 

Disclaimer: Certain commercial entities, equipment, products, or materials may be identified in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST or NCCoE, nor is it intended to imply that the entities, equipment, products, or materials are necessarily the best available for the purpose.