Security in the Cloud
- 6. As
a
Service
?
Pay
per
use
Resource
Sharing
Self
service
provisioning
Unlimited
Resource
- 7. • In
public
– IaaS,
PaaS,
SaaS
available
on
the
Internet
– Use
one
of
the
cloud
service
providers
– Information
is
stored
and
managed
by
provider
under
SLA
• In
Private
– Have
a
cloud,
in-‐house
– IaaS
provides
by
hardware
on
your
data
centers
– PaaS
running
on
your
IaaS
– SaaS
executing
on
your
PaaS
• Or
use
both
– Hybrid
Cloud
- 11. • Public
Cloud
– Fast
time
to
market
– Makes
it
easier
to
write
scalable
code
• Private
Cloud
– Give
each
team
their
own
instant
infrastructure
– Govern
centrally
but
code
and
deploy
by
team
– Automated
governance,
registry,
identity
– Instant
BAM
- 13. • Distributed
/
Dynamically
Wired
(works
properly
in
the
cloud)
– Finds
services
across
applications
– Reuse
services
from
other
departments
e.g.
People
information
required
by
all
of
Finance,
Engineering
and
Sales
• Elastic
(uses
the
cloud
efficiently)
– Scales
up
and
down
as
needed
– Some
departments
might
want
varying
resources
with
varying
bandwidth
with
varying
priority
• Multi-‐tenant
(only
costs
when
you
use
it)
– Virtual
isolated
instances
to
facilitate
isolation
between
departments
etc.
– e.g.
Sales
vs.
Finance
tenants.
Finance
want
complete
isolation
for
some
sensitive
services
• Self-‐service
(in
the
hands
of
users)
– De-‐centralized
creation
and
management
of
tenants
– No
need
to
come
to
IT
department
to
gain
access
–
served
via
portal
–
no
need
to
be
on
the
queue
or
waiting
list
• Granularly
Billed
and
Metered
(pay
for
just
what
you
use)
– Allocate
costs
to
exactly
who
uses
them
– Bill
and
cost
various
departments
per
use
– Get
rid
of
the
situations
where
unused
computing
assets
lying
in
one
department
while
the
other
departments
are
starving
for
the
same
• Incrementally
Deployed
and
Tested
(supports
seamless
live
upgrade)
– Not
disrupt
other
operations
- 16. Provider
IAAS
N
F
Application
N
F
Middleware
N
F
Guest
OS
F
N
Hypervisor
F
N
Storage
F
N
Hardware
Organization
F
N
Network
- 17. Provider
PAAS
M
L
Application
M
L
Middleware
F
N
Guest
OS
F
N
Hypervisor
F
N
Storage
F
N
Hardware
Organization
F
N
Network
- 18. Provider
SAAS
M
L
Application
F
N
Middleware
F
N
Guest
OS
F
N
Hypervisor
F
N
Storage
F
N
Hardware
Organization
F
N
Network
- 19. IaaS
PaaS
SaaS
Data
Organization
Organization
Organization
Applications
Organization
Shared
Service
Provider
Systems
Service
Provider
Service
Provider
Service
Provider
Storage
Service
Provider
Service
Provider
Service
Provider
Network
Service
Provider
Service
Provider
Service
Provider
- 21. Private
Public
Compliance
Organization
Service
Provider
Governance
Organization
Service
Provider
Security
Organization
Service
Provider
Operations
Organization
Service
Provider
Risk
Organization
Shared
Cloud
Owner
Organization
Service
Provider
or
leased
Use
limited
to
Organization
Public
- 27. • Can
be
used
to
give
departments
their
own
PaaS
world
to
operate
in
• Yet
all
share
same
hardware
resources
– Not
all
departments
need
resources
at
the
same
time
– Really
pay
per
use
– Opportunity
to
unify
departmental
level
small
server
pools
• Drastically
reduce
admin/management
costs
– One
software
installation
to
maintain
• Use
differentiated
QoS
- 28. Multi-‐tenancy
¡ Three
possible
ways
§ Machine
per
tenant
§ VM
per
tenant
§ Share
machine/VM
across
tenants
¡ Challenges
§ Data
isolation
§ Logic
isolation
§ Security
- 35. Data
Access
-‐
Security
Patterns
Secure
Database
Tables
GRANT SELECT, UPDATE, INSERT, DELETE ON
[TableName] FOR [UserName]
- 36. Data
Access
-‐
Security
Patterns
Tenant
View
Filter
CREATE
VIEW
TenantEmployees
AS
SELECT
*
FROM
Employees
WHERE
TenantID
=
SUSER_SID()
- 37. • Data
Confidentiality/Integrity/Availability
• Data
Lineage
• Data
Provenance
• Data
Remanence
- 38.
Data
Confidentiality/Integrity/Availability
Storage
Processing
Transmission
Confidentiality
Symmetric
Homomorphic
SSL
Encryption
Encryption
Integrity
MAC
Homomorphic
SSL
Encryption
Availability
Redundancy
Redundancy
Redundancy
- 39. cloud
security
forxg
vhfxulwb
Homomorphic
Encryption
cloud
forxg
security
vhfxulwb
cloud
security
forxg
vhfxulwb
- 41. Vendor
CVE
KVM
32
QEMU
23
VMWare
126
XEN
86
• VM
Escape
(Host
code
execution)
• Guest
code
execution
with
privilege
- 42. • Identity
Management
• Access
Management
• Key
Management
• System
&
Network
Auditing
• Security
Monitoring
• Security
Testing
&
Vulnerability
Remediation
• System
&
Network
Controls
- 43. • Controls
over
identity
information
Identity
Management
• Strong
Identity
Management
system
for
cloud
personnel
• Large
scale
needs
for
authenticating
cloud
tenants
and
users
• Federated
Identity
• Audits
for
legal
activities
• Identity
Recycle?
• Means
to
verify
assertions
of
identity
by
cloud
provider
personnel
- 44. • Cloud
personnel
shall
have
restricted
access
to
Access
Management
the
customer
data
• Multifactor
authentication
for
highly
privileged
operations
• Large
scale
needs
for
authenticating
cloud
tenants
and
users
• Least
privileged
principal
and
RBAC
• White-‐listed
IPs
for
remote
access
by
cloud
personnel
- 45. • Encryption
the
key
to
protect
data
in
transit
and
at
rest
Key
Management
• All
keys
secured
properly
• Effective
procedures
to
recover
from
compromised
keys
• Effective
procedures
for
key
revocation
- 46. System
&
Network
Auditing
• All
security
related
events
must
be
recorded
with
all
relevant
information
• Generated
audit
events
must
be
logged
in
near
real-‐time
manner
• Integrity
&
confidentiality
of
audit
logs
should
be
protected
• Audit
logs
needs
to
be
securely
archived
- 47. • Generation
of
alerts
in
recognition
of
a
critical
Security
Monitoring
security
breach
• Delivery
of
security
alerts
in
deferent
means
securely
• Cloud
wide
intrusion
and
anomaly
detection
• Periodic
checks
to
make
sure
monitoring
system
runs
healthy
- 48. • Well
defined
set
of
security
test
cases
• Separate
environments
for
development,
Security
Testing
testing,
staging
and
production
• Patch
management
- 49. System
&
Network
Controls
• Should
be
implemented
for
infrastructure
systems
• Network
isolation
in
between
different
functional
areas
in
the
cloud
• Assure
the
integrity
of
OSes,
VM
images
and
infrastructure
applications
• Isolation
between
different
VMs
- 50. • Abuse
&
nefarious
use
of
cloud
computing
• Password/key
cracking,
DDOS,
CAPTCH
solving
farms,
building
rainbow
tables
• Insecure
interfaces
and
APIs
• Malicious
insiders
• Shared
technology
issues
• Data
loss
and
leakage
• Account
or
service
hijacking
• Unknown
risk
profile