Accelerate OpenStack* Together. * OpenStack is a registered trademark of the OpenStack Foundation

Accelerate OpenStack* Together * OpenStack is a registered trademark of the OpenStack Foundation

Where are your workloads running Ensuring Boundary Control in OpenStack Cloud. Raghu Yeluri Principal Engineer, Datacenter and Cloud Products Group Intel Corporation

Contents Trust and Boundary Requirements in the Cloud Solution: Geo-Tagging and Boundary Control with OpenStack* Looking ahead: Additional use-cases/solutions targeted for Kilo+ release Geo-tagging for storage volumes Tenant-controlled VM encryption/decryption Summary Q & A

Security Challenges in the Cloud Private Cloud DC Public Cloud DC Company B Company A Pool 1 Pool n Company B Company C Visibility Control Enhance Audits Compliance

Challenge: Complying with location-based workload security and compliance requirements Policy Challenges To add to these challenges. Sensitive Data & Applications MUST remain Internal to Organizations Data Privacy & National/Regional Regulations constraint workload movement Virtualization, Public and Private Cloud Agility adds to the Challenges. Virtual Servers are files that can be moved or copied and executed anywhere. Very Sensitive Data MUST remain on Specific Data Center Hardware or Security Zones. Hybrid Clouds blur boundary between what is internal and external.

Requirement: Ensure that Virtual Workloads are placed, or migrated, based on location and assurance of hardware platform Policy Requirements Run in the correct geography or datacenter Run only on Internal Enterprise Network not in the public cloud Run on hardware in particular Security Zone, or, Assurance Level Technical Need: How do you provide Trusted Geo-location/Assetlocation in Virtualization and Cloud Environment to meet these Policy Requirements?

Intel Trusted Execution Technology (TXT)-based H/W Provides a Strong Foundation for Platform Security & Trusted Geo/Asset-location Intel TXT Hardware Solution Components Intel 5500/5520 Chipset BIOS Flash TPM A trusted execution platform for sensitive apps and data Intel TXT provides integrity assurance for x86 server hardware, and the software stack above Root of Trust is Intel Xeon processors & motherboard chipsets Measured Boot + Attestation extends the chain of Trust to OS/VMM. Chain of Trust: H/W->FW->BIOS->OS/VMM Leverages TPM for secure storage and TXT Measured Boot + Attestation for Trusted Geo/Asset-location - Geo/Asset-tagging

Geo/Asset-tagging - Enabling Boundary Control Geo/Asset descriptor (asset-tag) stored in the TPM of the Server. Used to control placement & migration of workloads Broad support across bare metal OS and hypervisors (ESX, XenServer, Xen, KVM). What is Asset Tag? TAG SHA-1 SHA-2 UUID of Host Asset Certificate Digital Signature Asset Tag Asset Certificate TPM NVRAM Index NV Index Index used: index 0x40000010 Size of Index: TPM 1.2: 20 Bytes; TPM 2.0 (future): 32 Bytes (for 256) and 64 (for 512) Data Format: 20 Bytes of Binary data ; Asset Tag used with Geo-Location attributes is a Geo-Tag

VM Boundary Control With OpenStack * - How it works 1 Upload Workload A to Glance with Launch Policy. 2 Launch VM A 3 Workload A Glance Workload A Launch Policy Trust Verified. Geo=France API Server Nova 5 Challenge Request Location Attestation Attestation Authority 5 Attestation Report TrustedFilter, LocationFilter 4 Challenge 6 Workload A launched with appropriate policy 0 OOB: Provision Geo-Tag on to Server TPMs

Geo-Tag extensions in OpenStack Geo-tag Selection UI Horizon (dashboard) End Users (accessing guest vm) Blueprints: https://blueprints.launchpad.net/nova/+ spec/nova-trusted-geo-asset-tag https://blueprints.launchpad.net/horizo n/+spec/trust-n-geo-display https://wiki.openstack.org/wiki/trusted- Location-Control Tag Provisioning Service VM Policies as Image Properties Glance (Image Store + Registry) New: LocationFilter Attestation Service Guest VMs VMs (workloads) (workloads) Disk Image (for Guest VMs) OS/VMM TXT+TPM OpenStack Extensions Intel/ISV provided components Targeting Kilo release; Downloadable scripts in Q4 for Icehouse & Juno

Geo-Tagging Flow in OpenStack - 1 1 Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation 2 3 4 Orchestration & VM Launch 5 Dashboard Step 1: Defining and Selecting of Geo/Asset Tags - Tags can be logical or physical geo information, and/or, business functions (Finance, Benefits, Inv Banking, etc) - Uses Tag Mgt APIs. Tags that will be Provisioned to a Server.

Geo-Tagging Flow in OpenStack - 2 1 Tag Definition & Selection Tag Provisioning to Servers 2 3 VM Policy 4 Creation Orchestration & VM Launch 5 Dashboard Step 2: Provision Selected Tag(s) from Step 1, onto the server. Mt. Wilson Provisioning Tool & Provisioning APIs to Provision TPMs on the hosts. 1. Select the Host to Provision 2. Select the Tags and Provision the Server TPMs

Geo-Tagging Flow in OpenStack - 3 1 Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation 2 3 4 Orchestration & VM Launch 5 Dashboard Step 3: Create VM Policies. 1) Policies are associated with VM Images as Properties in Glance. 2) Horizon Extended to select Geo-location Policies. Two Policies for this Image 1. Trust 2. Geo-Location

Geo-Tagging Flow in OpenStack - 4 1 Tag Definition & Selection Tag Provisioning to Servers 2 3 VM Policy 4 Creation Orchestration & VM Launch 5 Dashboard Step 4: Determine best Server to meet VM Trust and Geo-Location Policy. Launch VM instance of specific Flavor. OpenStack Scheduler Extended with Asset/Geo-Tag Filter. New Filter invokes Mt. Wilson Geo-Tag Attestation APIs to determine best Server to meet VM Polices. VM Instance created by OpenStack Scheduler by finding the best Server matching the VM Policy to Geo-Tag on the Server

Geo-Tagging Flow in OpenStack - 5 1 Tag Definition & Selection Tag Provisioning to Servers VM Policy Creation 2 3 4 Orchestration & VM Launch 5 Dashboard

Looking Ahead 1. Use-case 1: Extending Geo-Tagging/Location Control for Storage Volumes 2. Use-case 2: Tenant-controlled encryption and decryption, based on Location and Trust Policies. 16

Use-case #1: Extending Geo-Tagging/Location Control for Volumes Current Implementation: Geo-tagging/location policies defined and enforced at the VM level. Scenario 1: Two VMs. VM1 no attached storage; VM2 local attached storage; Scenario 2: Two VMs. VM 1 = No attached Storage; VM 2 = External/Shared Storage Volume attached to VM2. VM2 VM2 Trust Verified. Geo = France Trust Verified. Geo=France Cloud Controller Cloud Controller Cinder aunched Attestation Authority launched Attestation Authority Create/attach Storage volumes VM1 and VM2 (with local storage) launched.. VM policies enforced on Storage VM1 and VM2 launched per Policy.. VM Policy not enforced on Storage. Location Policy violation!!!

OpenStack Extensions: Location Policy Enforcement on storage volumes Extend VM Location Policy Control to Cinder volumes Leverage Intel TXT Measured Boot, Remote Attestation and Geo-Tag Provisioning, for Location Compliance of Cinder Volumes. - Applies to x86-based External/Shared Storage. Not yet for SAN/NAS storage. New Location filter in Cinder scheduler Location Policy Compliance during Volume Create Location Policy compatibility verified during Volume Attach in the Check Attach code of Nova API. VM Location Policy == Volume Location Policy SQL DB Cinder Scheduler Location Filter AMQP AMQP Cinder Client REST Cinder API AMQP Cinder Volume driver Storage (DAS, Scale Out, NAS, SAN) AMQP Cinder backup Exploring ways to enforcing Location Policy for Volume Migration and Backups (for Swift: Storage Policies)

Creating a new Volume with Geo-tag Policy 1) Policy is selected for Volume creation. You can select up to 5 policies from the Horizon extensions. 2) Create Volume invokes CinderLocationFilter. Verifies Policy against Server (cinder node) Geo-tag. Volumes with Trust and Geo-Tag

Attach Volume to a VM instance 1)VM Policy == Volume Policy 2)Attach Volume: Verifies Volume Geo-Tag against the VM Geo-Tag Policy for Compatibility.

Use-case 2: Tenant-Controlled VM encryption and decryption based on Location and Trust. Enterprise Private Cloud Public Cloud Goals: VMs and data are encrypted at all times at-rest, in-transit, and up until execution. Only allow virtual servers & data to be decrypted on trusted hardware in a particular location Virtual server data only decrypted on approved servers in specified locations Sensitive virtual server storage volumes are prevented from being decrypted on server not in approved location Demonstration at the Intel booth.

Proxy Tenant Controlled VM Protection in OpenStack - Architecture Enterprise Data Center Cloud Service Provider 4 Launch VM Horizon 5 Launch VM Cloud Controller 1 Symmetric Key Generation 6 Attestation 7 Launch VM Gold VM Images Trust Director Encrypted VM/Image 3 PUT-VM Blob 2 Key Store KMS [Barbican & Policy Engine] Glance 9 Attestation 8 Attestation Authority 10 GetDecryptionKey (KID, AIK) Decrypt & Launch Policy Plugin Nova compute Blueprint later this year. Targeting L release

Summary Location-based policies to meet the most stringent security and compliance requirements. Tied to Intel TXT and TPM for reliable attestation of platform integrity and location attributes. OpenStack Extensions for Geo-Tagging are available for Icehouse & above. Targeting Kilo release for upstream. Blueprints: https://blueprints.launchpad.net/nova/+spec/nova-trusted-geo-asset-tag. Looking ahead: Boundary Control for Cinder volumes on x86-based Storage. Looking ahead: Tenant-controlled VM encryption and decryption-based on Location and Trust; Demonstration at Intel Booth. Targeting L release.

Intel Confidential Do Not Forward

Geo-Tagging Provisioning and Management Architecture TAG SELECTIONS Orchestration, Policy Tools whitelists Tag Mgmt. Server TAG DB TAG API TAG MGMT TOOL* Place names Coordinates External Tag Source Country/State/DB Geo-Location System Request Attestation TAG PROV TOOL* Attestation Authority Asset-Tag Invalidation Asset Tag whitelists, Revoke Provisioning API Tag Provisioning Server TAG DB Provisioning API TXT Node/Host Provisioning Agent Geo- Tag TP M Monitoring Service [Nagios] Geo Tag Invalidation Plugin* Asset-Tag Provisioning & Management Service Quot e Geo-Tag Invalidation Quote MTW Trust Agent

Trusted Pools - Summary Establish and propagate a new security control attribute Platform Trust - Aggregate Trusted systems and Segregate them from untrusted resources Run sensitive workloads only on Trusted Servers (Policy Control) Tenant Visibility to remote platform status Platform Trust Enable automated monitoring of Trust based policies Platform Trust input to audit logs and compliance reporting Additional Controls: Geotag/Asset-Tags, VM payload en/decryption & Trusted VMs Cloud Tenant Report Intel Trusted Execution Technology + Remote Attestation are the basis for achieving Platform Trust APP Cloud Provider

Virtual Workload and Location Policies VM with no attached storage VM using local attached storage (disks presented from the same physical host the VM runs on) 1 2 3 VM running an application that queries an external source (remote database connection, HTTP, etc) Host Host Host Remote Host + Storage 4 VM using attached external/shared storage (SAN, vsan, NFS, Scale Out Storage, DAS.. Etc. Host Attached Volumes SAN/NFS/NAS/Software Defined Storage

VM Boundary Control with OpenStack* - Solution Components TAG Host UUI Sign. D Asset Certificate Hash Asset Tag Store Store Attestatio n attest TPM TXT Server VM Geo policy In Openstack Glance attributes Extract Openstack NOVA scheduler Verify Trust, Geo (Filter) Launch VM on Trusted, Geoverified server 1 Enable Provisioning of geo-tags to Hosts 4 Specify Geo Policies for VMs via Glance Registry 2 Add Asset/Location Filter to FilterScheduler 5 Enhance Horizon to show Location/Trust attributes 3 Enhance Attestation Server to attest Geo- Tags