Cloud Assurance with Blockchains
If you ask CIOs what they need to move their mission critical processes to the cloud then you will hear terms like “accountability", "security", "verifiability", "acceptance of liability” etc. In other words they want to know that their processes are implemented correctly and that when things go wrong there is someone who can be held liable.
Over the last 10 years two of the most important technologies that have seen widespread adoption have been virtualization and Bitcoin. Virtualization paved the way for cloud computing and the Bitcoin protocol has the potential to reinvent finance using cryptographic building blocks called blockchains.
Strangely, no one has put the two (Cloud and blockchains) together. If they did they would realize that together they would the solve the thorniest problem for Enterprise CIOs, namely “how do I comply with the law and trust my mission critical processes to an outsourced vendor who has little if any accountability?”
The blockchain is a public ledger of every transaction that has ever taken place that is distributed to the edge of the network. The key idea is that there is no centralized authority that is responsible for saying what is true or what is false, rather multiple distributed parties come to consensus, that consensus is entered into the ledger which thereafter can be accessed by anyone in the future. It is computationally infeasible for a single actor (or anything less that majority consensus) to go back and modify history.
The Cloud as a Data Logistics Platform
If we think of the cloud as a giant logistics platform for data, then we can think of a transaction as the transport or processing of data. Data enters in to the cloud (network), it is processed (compute) and then is either returned to a consumer or kept for re-use at a later date (storage).
In principle implementing such a system with blockchains can be easily envisioned. The blockchain will consist of data transactions, an example of which would be an application being uploaded at a specific time by a specific entity. Afterwards this cannot be denied by the entity that uploaded the application and users of that application can verify the integrity, time and provenance of that particular application using the blockchain. Everything, that happens to data, whether transport, processing or storage of data are also transactions and are entered into the blockchain.
Afterwards what happened to data, who accessed the data, where it went and how that data was governed can be verified by anyone who has access to the blockchain. In essence the blockchain freezes the compute platform in time and with appropriate monitoring users of the platform can verify that the platform is in the correct state in real-time.
Such a system would give complete traceability, accountability and transparency for the cloud, entities who are either using or administrating the cloud can be held responsible for their actions, regulators get to audit all processes and everyone involved can verify what happened when.
KSI Benefits for Cloud
Attribution means that every action in a cloud environment can be traced back to an original source such that the source of the action is legally responsible for their actions (non-repudiation). An attributed cloud environment can be achieved using the TTL (Tag, Track, Locate) functionality of KSI by signing all digital assets, all network components (routers, switches, applications, virtual machines, configuration information, authentication and event log systems, and associated network services) such that they can be audited with forensically strong proof independently from service providers and network administrators.
KSI signatures are based on mathematical proofs and keyless cryptographic functions approved by the EU and the US National Institute of Standards (NIST). These proofs and functions withstand exploitation even with advances in quantum computing meaning that assets signed by KSI will have proof information retained over the lifetime of the asset. The forensic evidence of the signatures makes legal indemnification issues easy to resolve; highlighting who, what, where, and when a digital asset was touched, modified, created, or transmitted.
Attribution and auditability means that the cloud service provider can be held accountable for their management of the digital supply chain. There is no longer any dispute over what happened when, simplifying SLAs and pinpointing liability in the event of accidental or malicious compromise. With complete certainty over what happened when cloud service providers can be indemnified from legal claims.
Integrity is often defined as the absence of corruption, in systems, networks, processes and data. The base assumption for modern security is that it is impossible to prove the absence of corruption and therefore it is necessary to search for vulnerabilities. The introduction of KSI however brings the scientific method back to the integrity of digital systems by giving a mathematical proof that systems and processes that make up a cloud environment are free of compromise i.e the configuration of every switch and router, the state of every event log and data item in data stores can be verified independently from trusted administrators or in the procedures that define security. The implication is that if you can guarantee the state of your network then any unauthorized change in the state of that network represents an attack, whether internal or external, which can be detected with 100% certainty. It is the difference between searching for needles in a haystack and having real-time situational awareness of every stalk of hay.
Prior to KSI there was no way to instrument the network at the scale required to track the state and status of the hundreds of thousands, millions, or even billions of organizational assets contained across a large enterprise environment and constrain their activities. Guardtime KSI signatures can work at exabyte scale and have minimal impact to network overhead for both signing, escrow, and verifying operations.
Cryptographic key based systems provide a false sense of security, if they are compromised the security evidence being reported by the system cannot be trusted as the applications or logs may be subverted. If you can’t trust the reporting mechanisms, then you cannot trust the state of the assets the security layer is protecting. Therefore, if these systems become compromised a network may be exploited for days, weeks, months, or years before the attack is understood or the data loss caught. In fact, an organization may never discover the compromise. Guardtime KSI does not rely on cryptographic secrets or credentials that can be compromised, nor does KSI rely on trusting administrators. The signature information afforded by Guardtime KSI can be used in fact to preserve and verify administration/user activities, behaviors, and interactions across the network.
Real-Time Situational Awareness
With Guardtime KSI the properties of important digital assets (trade secret, proprietary information, etc) and network components (routers, switches, applications, virtual machines, configuration information, audit and event log systems, and associated network services) can be tagged, tracked and located. An organization’s Network Operations Center (NOC) or Security Operations Center (SOC) can simply adjudicate and trace any changes to signatures to determine the integrity state of their network via automated (or manual) reporting, analysis, and visualization (dashboards).
With this real-time awareness regarding the integrity state of important digital asset components, organizations seeking to protect the integrity of their network can make real-time decisions in the event that the network and/or asset is compromised and quickly identify the cause and specific component(s) responsible for the loss of integrity.
Subsequently, with this real-time awareness, real-time incident response, real-time data-loss prevention, investigation, and/or network resilience is now possible to detect and react to any misconfiguration, network and/or component/application failure. Moreover, KSI directly supports enhanced continuity of operations, data loss prevention (due to theft or maliciousness), and is a new form of Advanced Persistent Threat (APT) detection when malware infects a crucial network or system component. The changed state of the asset provides a real-time alert, which can then be investigated, audited, and/or behavior stopped. If an asset is affected by malware, the signature information changes, the asset can be ‘sandboxed’ or firewalled before further infection or transfer.
How to Get KSI for Cloud Assurance
Guardtime's products and solutions can be purchased for your environ-ment following our Design, Build, Operate, and Transfer (DBOT) model.
We're always happy to discuss your concrete requirements, please register your interest.