Developing The Secure Cloud

Oct. 17, 2013
Securing the cloud may take more than hardware but the right hardware can help.

Edward Snowden’s revelations exposed National Security Agency activities that have given many people and corporations second thoughts about taking advantage of the cloud, which is the latest term for the Internet. It was bad enough when developers had to worry about spammers, virus writers, and criminals bent on gaining access to private information. Companies also worried about losing information to corporate espionage.

Related Articles

Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) platforms like Amazon Web Services (AWS) have allowed users to flock to the cloud to host everything from Web servers to corporate data storage. Most have been built on standard PC enterprise hardware that has hardware security support via TPM, virtual memory, and virtual machine support. But much of the communication between systems, including storage, moves over the network where software is used to control access.

Verizon’s Terremark service recently announced that it will be using AMD’s SeaMicro platforms, which employ a hardware hypercube communication fabric that can manage partitions that feature computing, communications, and storage (see the figure). Also, its nearest neighbors won’t affect performance, and their communication load will be isolated. It will allow cloud services compliant with the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA), and the National Institutes of Standards and Technology (NIST) 800-53 Security and Privacy Controls.

Figure 1. AMD’s SeaMicro SM15000 is the basis for Verizon’s move into supply cloud compute and storage services.

Still, security is only as strong as its weakest link. Any system that utilizes the cloud for some aspect of its communication is susceptible to attack that can be silent and costly or noticeable and costly. Designers need to ask who holds the keys and what locks they fit into.

Lavabit, a secure e-mail service company that Snowden and many others had used, recently shut itself down after the NSA first obtained a court order to put in a backdoor—and then for the key to the door. The problem with backdoors is that they are designed to be hidden, as is their use. Unfortunately, the security of the system comes down to who has the keys to these doors. Snowden had one of these keys.

The latest design buzzword is Internet of Things (IoT). IoT usually means connecting anything that sends data to the cloud, where the cloud servers are often running on one of the PaaS or IaaS platforms. IoT gateway tools and reference designs of various types have been rolling by my desk for months, and most have some level of hardware security included.

Most companies with these products are providing the tools to secure a system but are leaving the actual implementation up to you, the developers. Hopefully you will educate yourself about the different aspects and tools for creating a secure system because it is more than just using tools like secure boot and AES encryption. So how secure are the cloud services and IoT devices you are designing or using?

Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.

Sponsored Recommendations

Board-Mount DC/DC Converters in Medical Applications

March 27, 2024
AC/DC or board-mount DC/DC converters provide power for medical devices. This article explains why isolation might be needed and which safety standards apply.

Use Rugged Multiband Antennas to Solve the Mobile Connectivity Challenge

March 27, 2024
Selecting and using antennas for mobile applications requires attention to electrical, mechanical, and environmental characteristics: TE modules can help.

Out-of-the-box Cellular and Wi-Fi connectivity with AWS IoT ExpressLink

March 27, 2024
This demo shows how to enroll LTE-M and Wi-Fi evaluation boards with AWS IoT Core, set up a Connected Health Solution as well as AWS AT commands and AWS IoT ExpressLink security...

How to Quickly Leverage Bluetooth AoA and AoD for Indoor Logistics Tracking

March 27, 2024
Real-time asset tracking is an important aspect of Industry 4.0. Various technologies are available for deploying Real-Time Location.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!