Information technology — Security techniques — Criteria for establishing virtualized roots of trust [Draft]
In trusted computing, a Hardware Security Module provides various cryptographic functions in a physically secure enclosure, however, this architecture is not well suited for cloud computing. System virtualization, mobility, and scalability in the cloud mean that systems cannot readily access and rely on fixed hardware like HSMs.
Scope and objectives
As part of the standard, information security controls will be specified that will enable and protect such a ‘virtualized root of trust.’
There are two main sections in the draft standard: a functional view and an activity view.
The standard’s status
Currently, in Draft International Standard status, this standard is likely to be released by the end of this year.
Typically, the term ‘trusted computing’ refers to secure systems intended for use by governments or militaries for processing highly confidential data.
Trusted computing environments are created in the cloud by leveraging dynamically created virtual machines, a concept called “virtualized roots of trust.” The implications for trust, risk and security are so vast that I am unable to imagine them.