TCG Extends Trust-Based Security to Cloud Computing

Trusted Computing Group (TCG) Extends Trust-Based Security to Cloud Computing

Announces Updates To IF-MAP (Metadata Access Protocol) for Security Information-Sharing

Portland, Oregon, USA. September 13, 2010

Trusted Computing Group, which develops industry standards for hardware-based security rooted in trust, today announced a significant effort to extend the concept of trust to cloud-based computing. The effort will be led by the organization's new Trusted Multi-Tenant Infrastructure work group.

"TCG already has a number of specifications and efforts to protect clients, networks and systems, and many of those are applicable to multi-tenant infrastructure," noted Scott Rotondo, TCG president. "The formation and widespread member support of the new Trusted Multi-Tenant Infrastructure work group reinforces our focus on extending hardware-based trust to all aspects of computing and to enabling secure computing whether it's local or cloud-based."

TCG also has updated its IF-MAP (Metadata Access Protocol) used to enable standardized data sharing among a wide variety of devices and applications, including cloud security.

Time to Add Trust to Cloud Security

Multi-tenant infrastructure refers to unrelated users of shared computing infrastructure and is a fundamental characteristic of cloud computing. The new work group will develop a framework for enabling trust in the cloud. Targeting vendors, providers, consumers and integrators of multi-tenant infrastructure services, the framework will:

Help assess the trustworthiness of provider systems

Enable real-time assessment of compliance as part of the provisioning process

Provide implementation guidance

Identify and address gaps in standards to enable trust

"The key to security in a multi-tenant infrastructure is to establish trust — trust with providers, trust with users and trust as data is exchanged," said Michael Donovan, chief technologist, U.S. Public Sector, HP Enterprise Services. "Our plan is to give vendors and users a coordinated way to evaluate and manage the many issues associated with cloud-based computing security."

The actual framework will consist of policies, best practices, standards and conformance criteria that will be used by product vendors and by integrators and IT users to create and evaluate multi-tenant infrastructure. TCG expects to deliver the first parts of the framework in early 2011, and it will be available free of charge on the TCG website.

Trusted Multi-Tenant Infrastructure work group participants include AMD, CESG (UK National Technical Authority for Information Assurance), HP, IBM, Infoblox, Juniper Networks, Microsoft, Wave Systems, and others. Hundreds of millions of enterprise PCs and servers use the ISO-standard Trusted Platform Module, which provides a hardware root of trust and is used for authentication and to protect keys, certificates and passwords. TCG specifications also define a "chain of trust" architecture for attestation of trusted platform properties. Both will be comprehended in the new work group's efforts.

IF-MAP Enables Real-Time Information Sharing for Security, in the Cloud and Elsewhere

TCG's IF-MAP, or Metadata Access Protocol, is based on a powerful publish/subscribe model. IF-MAP is being used today to support network security applications using equipment from different vendors, and is expected to be used in cloud computing to enable real-time communication among devices including network infrastructure devices and servers. It also has been used to integrate physical security devices, supervisory control and data acquisition (SCADA) networks and unified communications platforms.

The updated IF-MAP specification, version 2.0, adds new capabilities to the powerful publish/subscribe client/server protocol, designed to make IF-MAP more directly compatible with existing, vendor-specific approaches. The new specification also makes it easier and faster for different industry groups to use the IF-MAP protocol by separating the base protocol from the metadata definitions that standardize how different types of information are represented.

The first such metadata specification, released along with version 2.0 of the IF-MAP base protocol, addresses network security, and covers a wide range of elements such as user identities, devices, network addresses, threats, events, and others. Other industry groups can use the flexible IF-MAP framework to define and ultimately standardize metadata for other cases, including factory automation, building automation, cloud computing, smart grid, and others.

About Trusted Computing Group

The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies. Benefits of Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity. Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org

References

Prepared by Robin Cover for The XML Cover Pages archive.

SEARCH Advanced Search ABOUT Site Map CP RSS Channel Contact Us Sponsoring CP About Our Sponsors NEWS Cover Stories Articles & Papers Press Releases CORE STANDARDS XML SGML Schemas XSL/XSLT/XPath XLink XML Query CSS SVG TECHNOLOGY REPORTS XML Applications General Apps Government Apps Academic Apps EVENTS LIBRARY Introductions FAQs Bibliography Technology and Society Semantics Tech Topics Software Related Standards Historic	TCG Extends Trust-Based Security to Cloud Computing Trusted Computing Group (TCG) Extends Trust-Based Security to Cloud Computing Announces Updates To IF-MAP (Metadata Access Protocol) for Security Information-Sharing Portland, Oregon, USA. September 13, 2010 Trusted Computing Group, which develops industry standards for hardware-based security rooted in trust, today announced a significant effort to extend the concept of trust to cloud-based computing. The effort will be led by the organization's new Trusted Multi-Tenant Infrastructure work group. "TCG already has a number of specifications and efforts to protect clients, networks and systems, and many of those are applicable to multi-tenant infrastructure," noted Scott Rotondo, TCG president. "The formation and widespread member support of the new Trusted Multi-Tenant Infrastructure work group reinforces our focus on extending hardware-based trust to all aspects of computing and to enabling secure computing whether it's local or cloud-based." TCG also has updated its IF-MAP (Metadata Access Protocol) used to enable standardized data sharing among a wide variety of devices and applications, including cloud security. Time to Add Trust to Cloud Security Multi-tenant infrastructure refers to unrelated users of shared computing infrastructure and is a fundamental characteristic of cloud computing. The new work group will develop a framework for enabling trust in the cloud. Targeting vendors, providers, consumers and integrators of multi-tenant infrastructure services, the framework will: Help assess the trustworthiness of provider systems Enable real-time assessment of compliance as part of the provisioning process Provide implementation guidance Identify and address gaps in standards to enable trust "The key to security in a multi-tenant infrastructure is to establish trust — trust with providers, trust with users and trust as data is exchanged," said Michael Donovan, chief technologist, U.S. Public Sector, HP Enterprise Services. "Our plan is to give vendors and users a coordinated way to evaluate and manage the many issues associated with cloud-based computing security." The actual framework will consist of policies, best practices, standards and conformance criteria that will be used by product vendors and by integrators and IT users to create and evaluate multi-tenant infrastructure. TCG expects to deliver the first parts of the framework in early 2011, and it will be available free of charge on the TCG website. Trusted Multi-Tenant Infrastructure work group participants include AMD, CESG (UK National Technical Authority for Information Assurance), HP, IBM, Infoblox, Juniper Networks, Microsoft, Wave Systems, and others. Hundreds of millions of enterprise PCs and servers use the ISO-standard Trusted Platform Module, which provides a hardware root of trust and is used for authentication and to protect keys, certificates and passwords. TCG specifications also define a "chain of trust" architecture for attestation of trusted platform properties. Both will be comprehended in the new work group's efforts. IF-MAP Enables Real-Time Information Sharing for Security, in the Cloud and Elsewhere TCG's IF-MAP, or Metadata Access Protocol, is based on a powerful publish/subscribe model. IF-MAP is being used today to support network security applications using equipment from different vendors, and is expected to be used in cloud computing to enable real-time communication among devices including network infrastructure devices and servers. It also has been used to integrate physical security devices, supervisory control and data acquisition (SCADA) networks and unified communications platforms. The updated IF-MAP specification, version 2.0, adds new capabilities to the powerful publish/subscribe client/server protocol, designed to make IF-MAP more directly compatible with existing, vendor-specific approaches. The new specification also makes it easier and faster for different industry groups to use the IF-MAP protocol by separating the base protocol from the metadata definitions that standardize how different types of information are represented. The first such metadata specification, released along with version 2.0 of the IF-MAP base protocol, addresses network security, and covers a wide range of elements such as user identities, devices, network addresses, threats, events, and others. Other industry groups can use the flexible IF-MAP framework to define and ultimately standardize metadata for other cases, including factory automation, building automation, cloud computing, smart grid, and others. About Trusted Computing Group The Trusted Computing Group (TCG) provides open standards that enable a safer computing environment across platforms and geographies. Benefits of Trusted Computing include protection of business-critical data and systems, secure authentication and strong protection of user identities, and the establishment of strong machine identity and network integrity. Organizations using built-in, widely available trusted hardware and applications reduce their total cost of ownership. TCG technologies also provide regulatory compliance that is based upon trustworthy hardware. More information and the organization's specifications and work groups are available at the Trusted Computing Group's website, www.trustedcomputinggroup.org References Trusted Computing Group TCG Cloud Security FAQs TCG Trusted Multi-Tenant Infrastructure Work Group Trusted Network Connect Working Group (TNC-WG) IF-MAP Binding for SOAP Specification Trusted Platform Module Announcement source Prepared by Robin Cover for The XML Cover Pages archive.