Industrial Internet Security Framework v 1.0 | Page 77
Security Framework
8: Protecting Endpoints
Examples of process isolation include security agents, software libraries that perform security
operations, a software key store and any directory and file access control lists that depend on OS
enforcement of the security.
Figure 8-4: Endpoint and Container Isolation Techniques
8.12.2 CONTAINER ISOLATION
The container isolation model implements either hardware-or software-enforced boundaries
(see Figure 8-4). Software containers rely on the OS to enforce the resource isolation boundaries;
hardware containers use a physically different compute element on the same platform. Hybrid
containers combine both approaches.
Examples of software containers include:
•
•
•
Operating system-managed containers such as Android (Trusty TEE) or Linux Containers
such as LXC and Docker. 1
Secure memory mapping that provides appropriate entry/exit locations for security to be
implemented down to very small sensor-type devices.
Network interface controllers that embed policy and enforcement directly on the
hardware of the network interface so that only a predefined set of source/destination,
port and protocol combinations from the security policy can communicate to/from the
endpoint. All other communication attempts result in failure.
Hardware containers separate the security implementation by enabling a separate compute
engine, either on the same chip or on the same board, or on a daughter board in the same
physical entity. This creates a security coprocessor that implements some level of security
functionality that is separate from the main processor’s compute engine. Common examples of
hardware containers include:
•
1
TPM: The TPM (see section 8.2.2) is a trusted execution environment (hardware root of
trust) that provides secure storage of credentials, and protected execution of
cryptographic operations. It is isolated from the main CPU, and implemented either as a
discrete chip, a security coprocessor (see below), or in firmware.
See [Andr-Trusty], [LinuxC-LXC] and [Docker]
IIC:PUB:G4:V1.0:PB:20160926
- 77 -