Rationalization and Defense in Depth - Two Steps Closer to the Clouds


Published on

As presented by Dave Chappelle at Oracle Technology Network Architect Day in Toronto, April 21, 2011.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Rationalization and Defense in Depth - Two Steps Closer to the Clouds

  1. 1. <Insert Picture Here>OTN Architect Day Security Breakout SessionDave Chappelle21 April 2011
  2. 2. Rationalization and Defense in Depth - Two Steps Closer to the CloudsOTN Architect Day 2011
  3. 3. Perimeter Security All network traffic All network traffic blocked blocked except for except from the proxy. specific ports. Web Server Application Message Mainframe (app Proxy) Server Queue Application Client Firewall Firewall DB DB DMZ Unprotected Zone Perimeter Protected Zone(s) • Can establish multiple perimeters • Alone, often involves a lot of implied trust • Each perimeter can be more restrictive • Modern environments don’t have such a clearly • Perimeters can be at varying degrees of granularity defined perimeterOTN Architect Day 2011
  4. 4. Defense in Depth • Military defensive strategy to secure a position using multiple defense "Krak des Chavaliers“, Syria mechanisms. • Usually multiple perimeters, each with their own fortifications • Objective is to win the battle by attrition. The attacker may overcome some barriers but can’t sustain the attack for such a long period of time. • Less emphasis is placed on a single perimeter wallOTN Architect Day 2011
  5. 5. Several Layers of Defense Data Each layer introduces Each layer can contain Application additional security multiple levels of measures Host control Internal Network Perimeter Physical Policies, Procedures, & AwarenessOTN Architect Day 2011
  6. 6. Defense in Depth: Greater Control Many enforcement points Data Application / Service Host Internal Network Perimeter Physical Policies & Procedures Consistent set of policies & proceduresOTN Architect Day 2011
  7. 7. Security Silos Support • Application silos with their own standalone security architecture • Integration is hard enough without security ! ! • End users have many logins & passwords End User Security Administrator • Administration is time- consuming and error-prone • Auditing is inaccurate ? and/or impossible Finance Sales Security AuditorOTN Architect Day 2011
  8. 8. Security Framework Support • Security is part of the foundation, not an inconvenient afterthought • Users have one identity and a set of roles & attributes that govern access End User Security Security Administrator • Administration operator-centric, not Framework system-centric • Auditing is possible and realistic Finance Sales Security AuditorOTN Architect Day 2011
  9. 9. Security Framework High Level Architecture Solution Platforms: Database Platforms: • Provide a secure run-time environment • Provide confidentiality, integrity, and • Offer security services to business logic availability for information management • Allow solution-level security admin • Allow db-level security administration Business Solution Platforms (Applications, Business Processes, Services, Databases, etc.) Security Framework: Development & Administration Administration Business Information • Provide shared security services Design & Logic • Manage security data for the enterprise Solution Platform Data Management • Allow enterprise-level security admin Security Services Security Services Security Interfaces Security Interfaces: • Provide consistent access to security Shared Security Services services • Embrace open, common industry Enterprise Security Information standards Security Management & Administration Enterprise Security FrameworkOTN Architect Day 2011
  10. 10. Container-Based Computing Platform • Container enforces security on behalf of the protected resources Inbound Requests • Access to security services via Web BusinessClient Pages Logic standard APIs & libraries Protected Resources • Plug-in framework allows one to Container configure multiple providers for each Standard Security APIs & Libraries security service Platform Security Plug-in Framework • Providers may be selected and Security Providers configured based on the needs of the solution Security Services Authentication Authorization Credential Mapping • Providers can be included with the Role Mapping Auditing Encryption … platform or custom written for a specific purposeOTN Architect Day 2011
  11. 11. Database Platform Security • Transactional • Historical Administration • Unstructured Information Design & Administrative • Audit • Access Control • Security • SoD Rules & Controls • Realms Data Management • Auditing Security Services Access Control Encryption Auditing • Multi-Factor AuthN • Network • Central collection & control • Label Security • Persistence • Local online archive • Table Policies • Backup Firewall • Connection Id • Dev & Test Masking • SQL inspection & rejectionOTN Architect Day 2011
  12. 12. Security Framework Security Framework Authentication Federation Self Service Key Mgmt Services: Authorization WSS Policy SSO Audit Attribute Security Users & Federated Groups Access WSS Audit Certs Information: Identity Identities & Roles Policies Policies Logs & Keys Administration & Management: Role Management Key Management Access Policy Identity Management Directory Management Governance Management • UIs & APIs • Synchronization • Attestation • Approval Workflows • Virtualization • Risk Analysis Authentication • Provisioning Workflows • Change Detection & Alerts • Reporting Policy • System Integration • Reconciliation • Auditing ManagementOTN Architect Day 2011
  13. 13. SOA Scenario Policy ManagerApp Server App Server Service WSS WSS Service Consumer Agent Agent ProviderPlatform Security Id CM Mediation AAA Id Platform Security WSS Agent Legacy DB Platform ServiceFirewalls Security Provider DMZ Security External WSS AuthN AuthZ Audit TokenConsumer Gateway Service Service Service Service
  14. 14. Jumping to Cloud Before You Leap…OTN Architect Day 2011
  15. 15. (Some of) The Good… • Cloud providers have a deep vested interest in security • Must prove themselves to the market • Often much greater investment and attention to detail than traditional IT • Cloud homogeneity makes security auditing/testing simpler • Shifting public data to an external cloud reduces the exposure of the internal sensitive data • Data held by an unbiased partyhttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011
  16. 16. …The Bad… • Multi-tenancy; need for isolation management • High value target for hackers • Fragmentation; creation of more silos • Data dispersal and international privacy laws • EU Data Protection Directive and U.S. Safe Harbor program • Exposure of data to foreign government and data subpoenas • Data retention issueshttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011
  17. 17. …& The Ugly • Trusting another vendor’s security model • Proprietary implementations • Audit & compliance • Availability: Relying on a vendor to stay in businesshttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011
  18. 18. Recommendations 1. Assess your risks 2. Classify your information 3. Define policies and procedures 4. Maintain most sensitive data in house 5. Don’t outsource your security management 6. Follow a security architecture / roadmap 7. Include patterns for cloud computing 8. Choose a secure platformOTN Architect Day 2011
  19. 19. Takeaways (Cloud or not)  Deploy Defense in Depth • Good general strategy to protect highly distributed systems (SOA, BPM, Cloud, etc.) • Limit your risks  Consolidate your resources • Standardized frameworks, services, & technologies • Implement processes & policies  Plan Ahead • Classification strategy: know your systems & data • Cloud strategy: know your options & vendors • Risk management: choose wisely & CYAVisit the ITSO Reference Library at www.oracle.com/goto/itstrategies