EMC-Intel to embed cloud security, compliance

EMC, RSA, VMWare and Intel have announced a new collaboration to introduce a framework encompassing security and compliance for cloud computing in the enterprise space, revealed key executives.
At a media briefing here Monday, before the start of this year's RSA Conference, executives from the various companies detailed plans to utilize Intel's new Westmere processing chip, which will feature a new platform called "Trusted Execution Technology (TXT)". This technology will provide authentication for every step of the boot sequence, from verifying the hardware configurations and initializing the BIOS, to launching the hypervisor, according to the partners.
This "trusted computing infrastructure" concept will be based on a hardware root of trust that will come with Intel's latest chip and encryption technology, secure virtualization environment, security information and event management, and GRC (governance, risk and compliance) management software, the companies said in a joint statement. This comes after EMC's January acquisition of Archer Technologies, which provides GRC software.
EMC acquired RSA in June 2006 and VMWare in December 2003.
"Today, most organizations have little to no visibility of what's occurring within the infrastructure layers of clouds, making it impossible to verify their security," Pat Gelsinger, president and COO for EMC's information infrastructure products, said in the statement. "Together, our companies are demonstrating that internal and external clouds can be visible, measurable and reportable for the secure management of a company's most important business processes."
Speaking to ZDNet Asia after the briefing, RSA CTO Bret Hartman noted that the TXT technology is an "expansion" of an earlier Intel iteration known as the "Trusted Platform Module". The TXT was developed specifically for the Westmere processor, he added.
"We're putting together all the current physical technologies and infrastructure of EMC, RSA and VMWare and together with Intel's contribution, create a commoditized product that will provide companies a granular, in-depth look into their IT systems in the future," Hartman said.
By securing the entire stack down to the hardware, companies can bypass the problems of running their applications over legacy systems and other unsecured hardware infrastructure, he explained.
He noted that this system will also enable IT administrators to specify applications that can run over the cloud, and prevent unrecognized software from running on companies' cloud networks, whether public or private.
However, no specific product launches have been lined up yet, Hartman said. "Hopefully, we will see products in the market within a year or so," he said.