Developing The Secure Cloud

Oct. 17, 2013
Securing the cloud may take more than hardware but the right hardware can help.

Edward Snowden’s revelations exposed National Security Agency activities that have given many people and corporations second thoughts about taking advantage of the cloud, which is the latest term for the Internet. It was bad enough when developers had to worry about spammers, virus writers, and criminals bent on gaining access to private information. Companies also worried about losing information to corporate espionage.

Related Articles

Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) platforms like Amazon Web Services (AWS) have allowed users to flock to the cloud to host everything from Web servers to corporate data storage. Most have been built on standard PC enterprise hardware that has hardware security support via TPM, virtual memory, and virtual machine support. But much of the communication between systems, including storage, moves over the network where software is used to control access.

Verizon’s Terremark service recently announced that it will be using AMD’s SeaMicro platforms, which employ a hardware hypercube communication fabric that can manage partitions that feature computing, communications, and storage (see the figure). Also, its nearest neighbors won’t affect performance, and their communication load will be isolated. It will allow cloud services compliant with the Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA), and the National Institutes of Standards and Technology (NIST) 800-53 Security and Privacy Controls.

Figure 1. AMD’s SeaMicro SM15000 is the basis for Verizon’s move into supply cloud compute and storage services.

Still, security is only as strong as its weakest link. Any system that utilizes the cloud for some aspect of its communication is susceptible to attack that can be silent and costly or noticeable and costly. Designers need to ask who holds the keys and what locks they fit into.

Lavabit, a secure e-mail service company that Snowden and many others had used, recently shut itself down after the NSA first obtained a court order to put in a backdoor—and then for the key to the door. The problem with backdoors is that they are designed to be hidden, as is their use. Unfortunately, the security of the system comes down to who has the keys to these doors. Snowden had one of these keys.

The latest design buzzword is Internet of Things (IoT). IoT usually means connecting anything that sends data to the cloud, where the cloud servers are often running on one of the PaaS or IaaS platforms. IoT gateway tools and reference designs of various types have been rolling by my desk for months, and most have some level of hardware security included.

Most companies with these products are providing the tools to secure a system but are leaving the actual implementation up to you, the developers. Hopefully you will educate yourself about the different aspects and tools for creating a secure system because it is more than just using tools like secure boot and AES encryption. So how secure are the cloud services and IoT devices you are designing or using?

Download this article in .PDF format
This file type includes high resolution graphics and schematics when applicable.

Sponsored Recommendations

Article: Meeting the challenges of power conversion in e-bikes

March 18, 2024
Managing electrical noise in a compact and lightweight vehicle is a perpetual obstacle

Power modules provide high-efficiency conversion between 400V and 800V systems for electric vehicles

March 18, 2024
Porsche, Hyundai and GMC all are converting 400 – 800V today in very different ways. Learn more about how power modules stack up to these discrete designs.

Bidirectional power for EVs: The practical and creative opportunities using power modules

March 18, 2024
Bidirectional power modules enable vehicle-to-grid energy flow and other imaginative power opportunities. Learn more about Vicor power modules for EVs

Article: Tesla commits to 48V automotive electrics

March 18, 2024
48V is soon to be the new 12V according to Tesla. Size and weight reduction and enhanced power efficiency are a few of the benefits.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!