Guest post by Michael Peters (Red Hat) & Gheorghe Almasi (IBM)

If your organization is managing hundreds or thousands (or hundreds of thousands) of servers, how do you make sure they haven’t been breached? You could use a traditional software Intrusion Detection System (IDS), but those are still vulnerable to sophisticated software attacks. What you really need is to create a hardware root-of-trust that can be used to verify the very first steps of the boot process and extend that trust upward into every layer on your system. A hardware TPM provides such an anchor for a true remote attestation solution. 

Keylime, a Cloud Native Computing Foundation sandbox project, provides a highly scalable measured boot attestation and runtime integrity measurement solution. Keylime uses a TPM and the Linux Integrity Measurement Architecture (IMA) to provide a remote attestation platform, secure payload delivery and a revocation framework to give you full control over attestation policy and security attack remediation.

Keylime based attestation is now deployed in the IBM cloud as part of IBM’s compliance  regulatory requirements imposed by and on our clients (FedRAMP, HITRUST), said George Almasi (IBM Research). “Keylime is deployed in the IBM cloud to run measured boot attestation i.e. providing authenticity guarantees for the UEFI and operating system components running on IBM cloud hardware. Keylime achieves this by leveraging the cryptographic identity provided by TPM devices and the secure and measured boot features of modern UEFI BIOS.”

Keylime’s attestation is operated on a continuous basis. Any hardware has to pass attestation before any customer workloads are allowed to run. Furthermore, normal operation involves attestation challenges; nodes that fail attestation are withdrawn from the pool available for IBM customers.

“IBM has planned a rapid rollout of Keylime based attestation to the entirety of its cloud fleet in order to meet requirements for a strong security posture from its financial services and other enterprise customers. This will leverage work done on expanding the scalability and resilience of Keylime to manage large numbers of nodes, allowing Keylime based attestation to be operationalized at cloud data center scale”, said George.

“Further future plans for Keylime include further tightening security by enabling Integrity Measurement Attestation (IMA), and improving incident handling capabilities by deploying a complete auditing solution providing time-based proof of attestation for hypervisors.”