Encryption, Authentication, and Yeah, Alligators: Here’s How Google Secures Its Cloud
Brought to you by Data Center Knowledge
If you want to infiltrate a Google data center, you’ll have to think of ways to go around laser intrusion systems, biometric identification, good old security cameras, and, in at least one case, alligators. If physical data center intrusion is not your thing, hacking your way into the massive cloud may be a lot harder.
From custom Google-designed security chips on every server to a never-off-the-clock investigation and incident response team, data center security measures are built into every single layer of the system.
The company recently published a whitepaper describing its approach to security, more likely than not to strengthen the cloud-services marketing message to enterprises. The paper includes a section on securing the Google Cloud Platform.
Nevertheless, it’s an interesting look at the way Google thinks about data center security.
One service running on the infrastructure, for example, never assumes another service is legitimate. Services go through cryptographic authentication and authorization before they communicate.
“The infrastructure does not assume any trust between services running on the infrastructure. In other words, the infrastructure is fundamentally designed to be multi-tenant,” the paper reads.
Each individual service is configured to allow access only to specific Google engineers.
Every machine, every service, and every engineer is given an individual identity, and all these identities are kept in a global name space maintained by the infrastructure, which has a sophisticated identity management workflow system. “This system allows secure access management processes to scale to the thousands of services running on the infrastructure.”
Application-layer protocols are encapsulated inside the same security mechanisms as infrastructure-layer communication, which ensures that even if someone manages to hack into a data center network, there is an additional layer of encryption. Essentially, security of data flowing through the network is decoupled from security of the network itself.
As Google has said in the past, all data traveling on the company’s private WAN that connects its data centers is automatically encrypted by default.
Today, engineers can select whether or not to encrypt infrastructure-layer traffic inside its data centers (they may choose not to protect some low-risk traffic in return for better performance), but Google has started deploying hardware cryptographic accelerators that will eventually allow it to encrypt all traffic inside its data centers by default.
More details on Google data center security in the paper itself.