Sunday, July 3, 2022
HomeCloud ComputingZero belief attestation for the software program layer with HPE GreenLake

Zero belief attestation for the software program layer with HPE GreenLake


It's Cybersecurity Awareness Month, and here’s some exciting news: Now you can be sure that every piece of your digital delivery chain is known secure, all the way up to the software and workloads.

HPE-GreenLake-Lighthouse-cyber-security-zero-trust.pngOctober is Cybersecurity Awareness Month! Promoted by the National Cyber Security Alliance, it’s now in its eighteenth year, and every bit as relevant as when it was launched by the NCSA and the U.S. Department of Homeland Security back in 2004.

Cybersecurity is always top-of-mind for HPE – it’s baked into everything we do. I’m proud to highlight some recent security innovations in HPE GreenLake edge-to-cloud platform this month.

In an earlier blog, I explored HPE GreenLake Lighthouse, our new cloud-native platform that enables you to quickly and easily configure and optimize multiple cloud services across locations. (See: Get a fluid, seamless, secure cloud experience – everywhere – with HPE GreenLake Lighthouse.) We continue to innovate on this platform, and our latest breakthroughs will integrate Project Aurora, the comprehensive edge-to-cloud zero-trust security architecture that we announced in June (see Introducing Project Aurora) near the end of the year.

The latest innovations extend HPE Silicon Root of Trust, which we’ve offered for several years now, up the stack to the software level. Root of Trust protects hardware at the silicon level and ensures that the lowest level firmware is known good right out of our factory. This secure hardware foundation can vouch for the trusted state of other pieces and establish a digital chain of trust. What that enables us to do, and what we’ve done in HPE GreenLake Lighthouse, is extend that attestation and verification up to the software layer and even to workloads.

HPE GreenLake Lighthouse now delivers:

  • A single, secure control plane with zero-trust attestation from the hardware and firmware all the way up to the container and VM levels, and from the edge to the cloud. It gives you the confidence that every piece in that entire digital delivery chain is secure.
  • Active validation. Zero-trust is not a once-and-done kind of thing. Our new zero-trust architecture gives you ongoing protection against sophisticated malware by continuously validating the infrastructure, platforms, and workloads to identify threats.

In addition, we are working to leverage SPIFFE, a set of open-source standards for securely authenticating software services, in the security architecture. Together with SPIRE, an open-source system for implementing SPIFFE, this will provide a way to establish trust without necessarily using secrets or network-based security controls. Keys are rotated and securely managed behind the scenes within the solution.

That last point is particularly exciting for me. We need more advanced and automated mechanisms for validating services and complex entities beyond just a person’s identity. HPE GreenLake Lighthouse opens the prospect of automated identity management that will be leaps and bounds ahead of what we have today, much like modern two-factor authentication is leaps and bounds ahead of a static password system.

Imagine a world where no human ever needs to constantly type in passwords again! HPE GreenLake Lighthouse is a big step in that direction. And that’s an encouraging thought to keep in mind this Cybersecurity Awareness Month.

Read more about our zero-trust architecture and how HPE helps you transform security from a barrier to an innovation accelerator.

Learn more about HPE GreenLake edge-to-cloud platform – the cloud that comes to you, wherever your apps and data live – and how HPE GreenLake cloud services enable you to deliver business outcomes faster.

John Gromala
Hewlett Packard Enterprise

twitter.com/HPE_GreenLake
linkedin.com/showcase/hpe-greenlake/
hpe.com/us/en/greenlake



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments