IBM Cognitive Systems Continues to Enhance Overall Security
IBMers Dimitrios Penderakis and Petra Bührer discuss Power Systems security.
Image by Tatiana Plakhova
By Angela Fresne08/01/2019
Security continues to be top of mind in the boardroom—and for good cause. But where to focus? While applications are still a major source of issues, the importance of vulnerabilities at the system layer has become more apparent in recent years.
The prominent Spectre and Meltdown side channel attacks demonstrated vulnerabilities amplified by resource sharing as well as the importance of secure software design, including hardware, firmware, OSes and application libraries. New variants of side channel attacks exploiting vulnerabilities in speculative execution or port sharing are on the rise.
Cloud computing brings a whole other set of security concerns, like multitenancy exposures, misconfiguration errors and the proliferation of VM or container images, which may contain vulnerabilities.
With systems growing in complexity and being assembled from hardware and software components by multiple vendors, concerns about the risks of supply chain tampering are also emerging. Researchers at Flashpoint recently reported that at least 1,000 admin panels were delivering malware designed to scrape credit cards and mine for cryptocurrency (bit.ly/2YwWDn0). Indeed, crypto-jacking and crypto-mining grew in 2018.
Artificial intelligence (AI) and machine learning are also introducing new concerns. Malicious tampering of AI and machine learning models could lead to outcomes very different from those intended. Machine learning models today generally can’t tell the difference between malicious input and benign anomalous data, so attackers can introduce specially crafted data to training models to negatively impact the outcome.
Finally, looking into the future, commercially available quantum computing will create the capability to more easily break cryptographic algorithms that form the basis of today’s cryptographic protocols.
Because potential future threats are numerous, an ongoing focus on security is required to be a competitive IT player in the market and a secure choice for the buyer.
Securing Power Systems
IBM Power Systems* servers have security built into the platform at all layers–processors, firmware, hypervisor, OS and system management. Figure 1, outlines the Power Systems Security Architecture and the integrity controls that were improved and enhanced in the POWER9* stack.
Integrity controls ensure that key firmware/software components are untampered and have known provenance. The Trusted Platform Module (TPM) serves as a “root of trust” that, in conjunction with the associated trusted computing stack and OS features, protects the integrity of firmware and OS files, through hashes and digital signatures to enable Secure Boot. In addition, Trusted Boot enables remote inspection and verification of the various components on a server, even when they are a shared resource in a cloud environment.
As standard as encryption has become, according to breachlevelindex.com, only 2.2% of security breaches in the first half of 2018 occurred in situations where data was protected by encryption. For Power Systems clients, encryption starts at the processor, with cryptographic coprocessors and accelerators built in to the chip. The POWER9 chip brought improvements here as well—doubling the number of cryptographic engines to 24 to speed up the encryption process.
PowerVM* virtualization provides industry-leading security, as evidenced by its outstanding track record of very low vulnerabilities, helping ensure the integrity and isolation of critical applications and I/O. Additionally, introduced with VIOS 3.1 and the POWER9 firmware release FW920, critical functionality is provided to protect data in motion, when workloads are being migrated between different systems. This is a frequent occurrence today with use cases such as workload balancing, utilization optimization, or maintenance. A new compression engine introduced on the POWER9 chip allows for much faster compression and encryption than is possible with software-only implementations. Now, entire LPARs can be protected and secured during transfer.
Anti-malware capabilities are another important aspect of security. Contrary to the principles of traditional anti-virus software, which excludes (or blacklists) known malicious software signatures, AIX* Trusted Execution (AIX TE) integrity controls take an inclusive or whitelisting approach. This allows only known good components to be loaded during boot and run-time. IBM is also very active in seeking to provide similar capabilities in the Linux* space by contributing to Linux Integrity Measurement Architecture and the development of the Linux Kernel Integrity subsystem and associated tooling.
Integrated Security Solution
From a systems management perspective, IBM PowerSC* security and compliance software offers an integrated solution that leverages security features across the IBM Power Systems software stack and simplifies management of security and compliance significantly by making some of the security features of the underlying stack easier to use and manage. In addition, the software adds virtualization and cloud-aware security extensions to be better prepared for potential breaches. Key features include:
- File Integrity Monitoring for malware intrusion detection and prevention with real-time compliance
- Compliance automation that not only simplifies the implementation of compliance policies, but also provides automation and alerting capabilities in case system configuration changes put the organization out of compliance with industry and government standards
- Trusted Network Connect and patch management, which monitors VMs to ensure they’re at a prescribed patch level and alerts admins in case a VM boots, resumes or enters the environment via LPM without being at that prescribed level. TNC also sends notifications when IBM releases a new patch that might affect the system and enables the deployment through its web-UI.
Mandates for multifactor authentication (MFA) are on the rise, with PCI DSS, the U.S. federal government and the European General Data Protection Regulation standard leading the pack. MFA requires at least two independent factors (e.g., password, token, biometric data or ID Badge) to authenticate a user, raising the overall level of security and satisfying various compliance profiles.
Often, security conflicts with ease of use and performance. While the primary goal of PowerSC is to raise the overall level of security, its secondary goal is to simplify management of security and compliance, making it as transparent as possible.
New Capabilities on IBM Power Systems
IBM is preparing to introduce a new capability called Protected Execution Facility (PEF) that provides enhanced protection for sensitive VMs and containers, in particular on KVM-based systems. PEF introduces a new processor mode, called the Ultravisor mode, as well as the concept of Secure Memory, which is isolated from normal memory. Secure VMs are created by running tooling that packages them in a way that cryptographically protects their integrity and confidentiality end-to-end. Existing applications can be supported on secure VMs with no application programming changes or limitations on the amount of memory being protected.
“What we’re introducing is unique in the sense that the key components that are required to support these new capabilities—including both PEF firmware and tools to create secure VMs—are open source. Open source enables clients and users to inspect and verify all software implementing these new features—and even go and change it,” says Dimitrios Pendarakis, Distinguished Engineer and chief security officer for IBM Cognitive Systems.
IBM delivered the POWER9 portfolio with fixes across the stack to address side channel attacks and specifically the Spectre and Meltdown vulnerabilities and their different variants. IBM continues to address these vulnerabilities with improved mitigations and remediations across the stack, including additional protection capabilities at the hardware layer in next-generation processors.
Preparing for Future Threats
The IBM Power Systems development team works with IBM’s larger security team to leverage resources like IBM X-Force* and IBM Research, which are focused on cutting edge security breakthroughs. So, as clients look ahead, it’s clear that IBM is staying on top of emerging threats and is prepared for the future.
As high-performance computing and AI applications become more heterogeneous, leveraging GPUs, field-programmable gate arrays and custom application-specific integrated circuits, there are increasing concerns around the security of such processing devices. IBM is working together with industry partners, standards groups and open-source communities, such as TCG, OCP, PCI-Sig and OpenBMC on extending the CPU security model to various peripherals including service processors (BMC) and accelerators. This will provide even stronger security for AI and machine learning workloads in the future with a unified security model.
Cryptography relies on the hardness of factorization problem, but quantum computing is believed to significantly reduce the difficulty of this problem. Essentially, most asymmetric (Public-Private Key) cryptographic algorithms will be potentially vulnerable to being cracked by quantum computers, including RSA, DH and ECDSA. NIST, in collaboration with outside technologists, is developing a new set of cryptographic standards that’s intended to be robust against attacks from quantum computers. IBM and, in particular, Zurich Research is deeply involved in this process and two of their proposed schemes have been advanced into the second round of the Post Quantum Crypto standardization. “This work will directly impact our next generation POWER* processors; we are collaborating with our colleagues in IBM Watson* and Zurich Research on this front,” Pendarakis says.
Securing the Future
The security landscape is complex, and it’s not going to get any simpler as technology evolves and new security mandates appear from industry organizations and governments. In parallel, clients require trust that their data is secure. IBM Power Systems servers integrate security at every layer and normalize systems management of security and compliance in a complete solution.
Angela worked for 24 years on IBM Software and Systems strategic marketing initiatives before leaving IBM to focus on writing.