0

Intel Trusted Execution Technology for Server Platforms

A Guide to More Secure Data Centers

Erschienen am 22.11.2013, 1. Auflage 2013
40,65 €
(inkl. MwSt.)

Lieferbar innerhalb 1 - 2 Wochen

In den Warenkorb
Bibliografische Daten
ISBN/EAN: 9781430261483
Sprache: Englisch
Umfang: xvii, 156 S., 56 s/w Illustr., 156 p. 56 illus.
Einband: kartoniertes Buch

Beschreibung

"This book is a must have resource guide for anyone who wants to .  implement TXT within their environments.  I wish we had this guide when our engineering teams were implementing TXT on our solution platforms!   John McAuley,EMC Corporation "This book details innovative technology that provides significant benefit to both the cloud consumer and the cloud provider when working to meet the ever increasing requirements of trust and control in the cloud.   Alex Rodriguez,  Expedient Data Centers "This book is an invaluable reference for understanding enhanced server security, and how to deploy and leverage computing environment trust to reduce supply chain risk.   Pete Nicoletti. Virtustream Inc. Intel® Trusted Execution Technology (Intel TXT) is a new security technology that started appearing on Intel server platforms in 2010. This book explains Intel Trusted Execution Technology for Servers, its purpose, application, advantages, and limitations. This book guides the server administrator / datacenter manager in enabling the technology as well as establishing a launch control policy that he can use to customize the servers boot process to fit the datacenters requirements. This book explains how the OS (typically a Virtual Machine Monitor or Hypervisor) and supporting software can build on the secure facilities afforded by Intel TXT to provide additional security features and functions. It provides examples how the datacenter can create and use trusted pools. With a foreword from Albert Caballero, the CTO at Trapezoid.

Autorenportrait

InhaltsangabeChapter 1.    Introduction Explain at a high level what TXT is and why it is important Brief summary of the changing threats to IT architectures—and how new protections are needed Revelation: Processors and chipsets provide a number of security features that an OS uses to protect itself from unintentional or malicious modification while it is running. Intel TXT extends that protection for when it is not running and also provides the OS the means to operate in a more secure environment. Identify the roles of the OEM, Platform Owner, OSV, and ISV Brief history of platform security and TCG as well as the timing of TXT Examples of where TXT is used – Trusted pools, geo-tagging, and other opportunities Chapter 2.    Principals of TXT Why it works and what it does differently than existing security safeguards  - include discussion of whitelisting versus blacklisting approaches and runtime versus launch-time protections Comparison of Server TXT to Client TXT Explain core root of trust (Static and Dynamic) and why Intel uses both in the server platform design Chapter 3.    TXT Provisioning Identify what a platform owner must do and should do to enable and benefit from TXT Why Launch Control Policy is important, goals, and considerations Chapter 4.    Launch Control Policy How to create launch control policy and tradeoffs in determining the right policy for your enterprise based on your security needs and goals   Chapter 5.    Opportunities for the OSV and ISVs Understanding Sealing and attestation – how platform trust is protected and communicated Enabling Trusted pools and geo-tagging – critical foundations for TXT use models Chapter 6.    Creating a More Secure Data Center Give an example of available enhanced security for both public and private clouds:  (VMware + Hytrust) – explain advantages and discuss various ways that the data center and user can take advantage Give vision on what is to come (i.e., what Intel TXT can enable) -- explain why building the infrastructure now makes it easier/quicker to adopt Chapter 7.    Trusted Pools and Cloud Compliance Support Actual examples, how it works, and what you can do with it to gain assurance and control in the cloud Appendix: