During the course of my blogging activities, this is the third time I’ve talked about something the security industry should do that I believe is so obvious that I called it a “no-brainer”.
The second was in reference to the use of whitelisting in the hypervisor/VMM (especially the “parent” or Dom0 partition) layer to prevent the execution of unauthorized code in this security-sensitive layer.
I’ll add a third to the list: hardware-based root of trust measurements for ensuring hypervisor/VMM integrity at boot. TPM chips that form the foundation for this measurement are nearly ubiquitous in desktops and heading this way for servers. Microsoft has already shown this technology is feasible for mainstream commercial adoption with a TPM-based root of trust option for BitLocker (available in the Ultimate and Enterprise SKUs of Windows Vista).
Since this virtualization layer is so sensitive, why don’t we make sure it hasn’t been tampered with during the boot process?
Very few vendors do this today – for example a vendor and technology I identified as a 2009 Gartner “Cool Vendor” Integrity Global Security’s INTEGRITY (spun out from Green Hill’s military-grade solution) offers this. Looking forward, Citrix has promised this with its new desktop hypervisor. It’s also on VMware’s roadmap for vSphere (the next release of ESX). Let’s hope this feature makes it into the shipping release of vSphere.
By no means are we anywhere close to what is needed for sufficient trust in our hardware virtualization software, but measurement of the hypervisor/VMM is a mandatory starting point. The foundation of a trustable computing platform must start at the bottom.
I’ve been asking the industry to deliver this and a whole slew of security features for the hypervisor/VMM layer (and advising clients to pressure their vendors for these) for years. 2009 looks like the year that TPM-based root of trust hypervisor/VMM measurements will become mainstream. Seems like a no-brainer to me.