Keylime: Using TPM to Secure Your Slice of the Cloud

As people move workloads to shared and public cloud environments, what methods are available to attest their environment has not been tampered with? Is there a good way to use a standardized cryptographic module to do remote attestation, trusted system boot, and so on?

In this post we’ll introduce the Keylime project in some detail, and save a technology demo for a following hands-on article.

Keylime is an open source community-based project endeavoring to be the go-to technology for establishing and maintaining trusted infrastructure in distributed system deployments via two technologies:  the use of embedded Trusted Platform Module (TPM) hardware (version 2 and later); and the Linux kernel subsystem – Integrity Measurement Architecture (IMA).

Continue reading “Keylime: Using TPM to Secure Your Slice of the Cloud”