Rambus and the OCP: Tackling Cloud Data Security with a Hardware Root of Trust
Founded in 2009, the Open Compute Project (OCP) is a collaborative community focused on redesigning hardware technology to efficiently support the growing demands on compute infrastructure. More recently, the OCP formed a security working group to tackle the formidable challenges of data security in the cloud, including the increasing sophistication of malicious actors. In conjunction with their tech week, today the OCP announced the version 1.0 Root of Trust (RoT) specification.
The OCP specification starts with the requirement that both the platform (the server being protected) and device must have a hardware RoT. Amongst its many responsibilities, the RoT verifying the device firmware at boot, maintains authenticity during updates, and recovers in the event of corruption. The OCP specification further specifies how a system should boot: each device/peripheral must first boot securely, using the RoT to ensure authenticity of its firmware. It must verify the firmware’s cryptographic signatures using a policy that is defined by the system owner for authorizing only valid firmware signers. Then, the platform RoT is responsible for requiring all devices in the system to attest – to prove in an irrefutable way that the firmware it is running is indeed what is expected. Once the platform RoT has booted the platform successfully, and has attested all devices, the platform is finally considered to be secured. Of note, the first release includes specifications for secure boot, peripheral attestation, and threat scope.
Related Semiconductor IP
- Root of Trust
- tRoot Fx Hardware Secure Modules: Programmable Root of Trust
- Via-PUF Security Chip for Root of Trust
- Root of Trust Solutions
- RT-650 DPA-Resistant Hardware Root of Trust Security Processor for Govt/Aero/Defense FIPS-140
Related Blogs
- Hardware Root of Trust: Everything you need to know
- Rambus CryptoManager Root of Trust Cores Certified ASIL-B/D Ready for Enhanced Security in Automotive Applications
- Combining Root of Trust and PUF Technology For Robust Chip Security
- Extending Security IP leadership with FIPS 140-2 CMVP Certification for Root of Trust IP
Latest Blogs
- Why Choose Hard IP for Embedded FPGA in Aerospace and Defense Applications
- Migrating the CPU IP Development from MIPS to RISC-V Instruction Set Architecture
- Quintauris: Accelerating RISC-V Innovation for next-gen Hardware
- Say Goodbye to Limits and Hello to Freedom of Scalability in the MIPS P8700
- Why is Hard IP a Better Solution for Embedded FPGA (eFPGA) Technology?