Privacy, security & risk

Thoughts on the Spectre of Zero Trust

Josh Zelonis
Senior Analyst
January 5, 2018

 

The threat model has changed. Data breaches have traditionally required execution of some manner of code on a system to access data and a network connection to exfiltrate the data off the system. This is no longer the case, as Spectre reduces the requirement for code execution to anywhere on a device as opposed to requiring specific system access. This means that any system of a given classification/sensitivity that is hosted on the same hardware as a system of higher sensitivity breaks the Bell-LaPadula requirement of no read up.

Zero Trust must now be implemented as device segmentation.

For private cloud environments, you need to ensure your systems are being allocated with other systems of similar sensitivity. The consequences for the public cloud are that sensitive data can’t be stored in these environments, as there’s no guarantee who you’re sharing bare metal with.

It will be interesting to see how this impacts FedRAMP over the coming year.

Categories

Related Posts in Privacy, security & risk See All