“Protecting Systems from Rogue Root Users”
Root users hold high-level privileges on a network, which allows them to install and manage software or hardware. System administrators within a cloud infrastructure also have root credentials to enable them to maintain operations and performance of the cloud. However, these privileges could potentially be exploited by the users that they have been granted to, such as an indignant employee or administrator. A rogue root user poses significant threats to the security of an organization in that they can conceal their path and perform a number of malicious activities such as steal sensitive personal data, plant bugs, and more. The implementation of hardware-based security is a recommended solution to this problem. This article further discusses the capabilities of root users, the hierarchical trust model, how root privileges could be compromised by malicious insiders, and hardware-based security as a solution.