PrivateCore, a startup launched by two VMware veterans, aims to boost the physical security of your virtualized cloud computing workloads and will use $2.25 million in seed funding from Foundation Capital to staff up for that effort.
The need for security in virtualized compute environments will only grow as more workloads flow into public and private clouds. And, for customers wary of putting bare compute technology off premises at third-party cloud or service providers still have nagging concerns about the physical security of their data.
PrivateCore is building a secure hypervisor that should mitigate concerns over the physical attack vector, CEO Oded Horovitz told me in an interview. This hypervisor, now under development, will run VMs without changes on X86 machines.
“Right now, with any other hypervisor running, if someone is physically standing next to the machine, they can look at it, see the memory card and make a copy of all that data,” Oded said.
PrivateCore management has solid security DNA. Oded spent 5 years at VMware, where he developed vShield and VMSafe security products. His co-founder Dr. Stephen Weis has a Ph.D. in cryptography from MIT and designed Google’s two-step verification system. Right now they are the extent of the company, with former VMware principal engineer Dr. Carl Waldspurger on as an advisor.
The issue they’re attacking is that computing resources — including those that run off-site in a third-party data center — use components that are now trusted, and that trust may be misplaced, Weis said.
One risk is that someone in the server room can pop out the memory card or boot the machine to a malicious OS that scrapes the memory. But perhaps scarier, is the notion that the very components in these servers and other data center devices are a threat in and of themselves.
PrivateCore’s software provides a secure hypervisor that enables the private execution of virtual machines. This approach only allows the real owner of the virtual machine to access the data inside – and only with the right credentials (keys). PrivateCore’s technology prevents service provider staff that have physical ownership of the server from bypassing this protection and from gaining access to the owner’s data without having the owner’s keys.