Quick Question: Any Public Cloud Providers Using Intel TXT?
Does anyone know of any Public Cloud Provider (or Private for that matter) that utilizes Intel’s TXT?
Specifically, does anyone know if Amazon makes use of Intel’s TXT via their Xen-derivative VMM?
Anyone care to share whether they know of any Cloud provider that PLANS to?
Thanks in advance.
Email responses welcome also [hoff @ packetfilter .com]
/Hoff
It's not clear that it would do much good. If the provider tells you they just booted your VM on hypervisor beb6758457c14b008e5a8aafe12c7bda, what are you going to do with that information? You'd need to know that that signature corresponds to a trusted, audited hypervisor; AFAIK no such thing exists on x86.
@Wes Felter
Wes, your comment actually touches on my SECOND question (that I haven't asked yet.)
The notion of TXT within the context I'm asking it isn't focused on the VM, it's focused on the VMM — where the MLE is the VMM and I'm interested in ensuring (amongst other things) the integrity of it (which I suppose goes to your second sentence.)
Speaking of which, the notion of a 'trusted and audited hypervisor' certainly exists, but it's unclear if it matters within the context you mentioned it in above.
My next question relates to technologies/extensions such as VT-d and then the gaps associated with trustworthy execution…
And there are folks who have replied to me privately about launching Cloud services using TXT/TCG as part of their offerings within the context I suggested.
/Hoff
Ah, I assumed you meant using TXT to prove to the customer what the cloud is doing, but maybe you're thinking of other uses of TXT.