The firmware zero-trust architecture is ready for prime-time, cloud-based deployment.
December 1, 2021

Researchers at the Massachusetts Institute of Technology Lincoln Laboratory that developed the Linux-based open-source zero-trust architecture called Keylime are now seeing it deployed more significantly. Built on top of the so-called Linux TPM2 software stack, one of the main features of the cloud-enabled Keylime architecture is its runtime integrity monitoring, which is designed to protect the use of hardware, Internet of Things and legacy devices from the moment the devices start turning on or booting. The platform enables the use of these types of systems in conjunction with the cloud, protect the root-of-trust level using cryptography, a verifying function, monitoring and other cybersecurity measures.

Already instituted as a core part of the Commonwealth of Massachusetts’ cloud security, the zero-trust software platform was also recently adopted by IBM, say Charles Munson and Nabil Schear, who created Keylime while at Massachusetts Institute of Technology (MIT) Lincoln Laboratory’s Secure Resilient Systems and Technology Group.