Presentation on theme: "1 Trusted Server Environments IEEE CQR – Ft. Myers, FL May 2007 Frank Tycksen – VP of Engineering at SignaCert, Inc."— Presentation transcript:
1 Trusted Server Environments IEEE CQR – Ft. Myers, FL May 2007 Frank Tycksen – VP of Engineering at SignaCert, Inc.
2SignaCert: Illuminate Your EnterpriseSignaCert Confidential 2 Trusted Platform Focus Today Trust focused inside the enterprise Measure Extend Verify Execute Simplified static trust environment Includes portions of the OS/Kernel in the TCB Relies on post-execution verification Provides verifier with re-constructible evidence of boot chain TNC Verifiable Boot Laptops & Desktops
3SignaCert: Illuminate Your EnterpriseSignaCert Confidential 3 Trusting Partners and eCommerce Trust Me! Key Questions Proof of Trust Verification Expression Normalized SSL SLA / Contractual Audit Controls Regulatory Compliance As transactional value increases, so do demands for visibility and trustworthiness. Reliance on Third Parties
4SignaCert: Illuminate Your EnterpriseSignaCert Confidential 4 What Are We Asking? Partners Web Servers Firewall Routers Switches Load Balancer Firewall Mainframe & Legacy Servers Dbase Clusters Financial Servers Routers Switches WIDGECO.COM Taking A Systems Perspective Highly heterogeneous Loads of legacy Variety of vendors External dependencies Storage Networks SOA & SAAS How do we get a common reference?
5SignaCert: Illuminate Your EnterpriseSignaCert Confidential 5 Measure & Verify Relative to World A Starting Point WIDGECO.COM Measure & Verify Relative to Self Partners Statement of Health
6SignaCert: Illuminate Your EnterpriseSignaCert Confidential 6 Virtualization Impact Virtual Appliance Business Agility VM Lifecycle CreateStart Stop Suspend MigrateDestroy Measure and Verify Key drivers: Low Utilization Power Costs Rack space & Cooling
7SignaCert: Illuminate Your EnterpriseSignaCert Confidential 7 Complete trusted enterprise mechanisms are nascent Few vendors providing complete capabilities, today Hard to find in commercial non-PC platforms (routers, switches, etc.) External measurement & verification mechanisms required for asserting trust Measurement is the common starting point Normalized to a standard Common usage With vendor support can make integrity and source authenticity guarantees Standardized measurement leads to … Visibility and understanding of systems Greater reliability, security and compliance Improved business agility Virtualization… more of a reality Creates new system management challenges Defining new platforms and service delivery models Summary for the Trusted Enterprise
8SignaCert: Illuminate Your EnterpriseSignaCert Confidential 8 Backup