Technical Field
This disclosure relates generally to securing information in a cloud computing or other shared deployment environment wherein disparate parties share Information Technology (IT) resources.
Background of the Related Art
An emerging information technology (IT) delivery model is cloud computing, by which shared resources, software and information are provided over the Internet to computers and other devices on-demand. When multiple parties share resources within a cloud computing and other such shared deployment model, a compelling transformation and reduction in their IT costs (from fixed to variable) can be achieved. Using this approach, companies can extend computing and storage capacity elastically to match demand, shift operational and capital costs to an external data center, free IT staff to focus on new projects, and more. Cloud compute resources are typically housed in large server farms that run networked applications, typically using a virtualized architecture wherein applications run inside virtual servers, or so-called “virtual machines” (VMs), that are mapped onto physical servers in a data center facility.
Emerging cloud environments are being created out of existing IT infrastructures that are being adapted to support cloud-based services. One key characteristic of cloud computing that is different from existing environments is the requirement for so-called “multi-tenant” support, sometimes referred to as multi-customer single deployment. To satisfy this requirement, service providers have to be able to isolate different customer usage of the cloud services. Indeed, typically one of the most significant barriers keeping an enterprise customer from utilizing such resources is the ability to gauge a provider's security posture in relation to its own security compliance requirements.
In particular, shared environments have the potential to expose unprotected data to malicious attacks, hacking, and introspection by third parties, both intentional and otherwise. The service provider thus needs to maintain isolation between and among their specific customers that are sharing cloud resources. Thus, such systems need to ensure end-to-end trust and security of customer data regardless of their underlying networks, platforms, virtualization mechanism or middleware. Some of these problems can be addressed by the isolation of data and resources, and the use of VPNs and other such access mechanisms, but many cloud datacenters use non-traditional physical network configurations that negate traditional network isolation and that complicate VPN keying techniques.
Most companies that desire to use cloud computing and other shared deployment models assign high value to their data and applications. One approach to preserving confidentiality in the multi-tenant operating environment involves encryption of data on a per-tenant basis within such shared/cloud infrastructure. In one proposal, the tenants in the multi-tenant shared deployment are provided their own distinct key spaces over which they control a key management system. In this manner, virtual key management domains are created on a per-tenant (per-customer) basis so that, whenever a particular customer's data is co-tenanted, stored, transmitted or virtualized in the IT infrastructure of the provider's datacenter(s), it is secured using key management materials specific to that customer. This assures that the entirety of a tenant's data (including, without limitation, all generic data, and software applications) remains secure by cryptographically isolating it from other tenants' applications.
While the above-described approach is quite useful, there remains a need for additional techniques that provide for secure data separation in a cloud based application.