Rationalization and Defense in Depth - Two Steps Closer to the Cloud

<Insert Picture Here>OTN Architect Day Security Breakout SessionDave Chappelle24 October 2011

Rationalization and Defense in Depth - Two Steps Closer to the CloudsOTN Architect Day 2011

Perimeter Security DB All network traffic All network traffic blocked blocked except for except from the proxy. specific ports. Web Server Application Message Mainframe (app Proxy) Server Queue Application Client Firewall Firewall DB DB DMZ Unprotected Zone Perimeter Protected Zone(s) • Can establish multiple perimeters • Alone, often involves a lot of implied trust • Each perimeter can be more restrictive • Modern environments don’t have such a clearly • Perimeters can be at varying degrees of granularity defined perimeterOTN Architect Day 2011

Defense in Depth • Military defensive strategy to secure a position using multiple defense "Krak des Chavaliers“, Syria mechanisms. • Less emphasis is placed on a single perimeter wall • Several barriers and different types of fortifications • Objective is to win the battle by attrition. The attacker may overcome some barriers but can’t sustain the attack for such a long period of time.OTN Architect Day 2011

Several Layers of Defense Data Each layer introduces Each layer can contain Application additional security multiple levels of measures Host control Internal Network Perimeter Physical Policies, Procedures, & AwarenessOTN Architect Day 2011

Defense in Depth: Greater Control Many enforcement points Data Application / Service Host Internal Network Perimeter Physical Policies & Procedures Consistent set of policies & proceduresOTN Architect Day 2011

Security Silos Support • Application silos with their own standalone security architecture • Integration is hard enough without security ! ! • End users have many logins & passwords End User Security Administrator • Administration is time- consuming and error-prone • Auditing is inaccurate ? and/or impossible Finance Sales Security AuditorOTN Architect Day 2011

Security Framework Support • Security is part of the foundation, not an inconvenient afterthought • Users have one identity and a set of roles & attributes that govern access End User Security Security Administrator • Administration operator-centric, not Framework system-centric • Auditing is possible and realistic Finance Sales Security AuditorOTN Architect Day 2011

Security Framework High Level Architecture Information Processing: Information Management: • Provides a secure run-time environment • Provides confidentiality, integrity, and • Offer security services to business logic availability for information management • Allow solution-level security admin • Allow db-level security administration Security Framework: Development & Administration Business • Provides shared security services Information Design & Logic • Manage security data for the enterprise • Allow enterprise-level security admin Information Security Interfaces Management Processing Security Interfaces: Security Services • Provide consistent access to security Shared Security Services services • Embrace open, common industry Enterprise Security Information standards Security Management & Administration Enterprise Security FrameworkOTN Architect Day 2011

Container-Based Computing Platform • Container enforces security on behalf of the protected resources Inbound Requests • Access to security services via Web BusinessClient Pages Logic standard APIs & libraries Protected Resources • Plug-in framework allows one to Container configure multiple providers for each Standard Security APIs & Libraries security service Platform Security Plug-in Framework • Providers may be selected and Security Providers configured based on the needs of the solution Security Services Authentication Authorization Credential Mapping • Providers can be included with the Role Mapping Auditing Encryption … platform or custom written for a specific purposeOTN Architect Day 2011

Database Platform Security • Transactional • Historical Administration • Unstructured Information Design & Administrative • Audit • Access Control • Security Information • SoD Rules & Controls • Realms Management • Auditing Security Services Access Control Encryption & Masking Auditing & Availability • Multi-Factor AuthN • Network • Central collection & control • Label Security • Persistence • Local online archive • Table Policies • Backup Firewall • Connection Id • Dev & Test Masking • SQL inspection & rejectionOTN Architect Day 2011

Security Framework Security Framework Authentication Federation Self Service Key Mgmt Services: Authorization WSS Policy SSO Audit Attribute Security Users & Federated Groups Access WSS Audit Certs Information: Identity Identities & Roles Policies Policies Logs & Keys Administration & Management: Role Management Key Management Access Policy Identity Management Directory Management Governance Management • UIs & APIs • Synchronization • Attestation • Approval Workflows • Virtualization • Risk Analysis Authentication • Provisioning Workflows • Change Detection & Alerts • Reporting Policy • System Integration • Reconciliation • Auditing ManagementOTN Architect Day 2011

SOA Scenario Policy Manager App Server App Server Service WSS WSS Service Consumer Agent Agent Provider Platform Security Id CM Mediation AAA Id Platform Security WSS Agent Legacy DB Platform Service Firewalls Security Provider DMZ Security External WSS AuthN AuthZ Audit Token Consumer Gateway Service Service Service ServiceOTN Architect Day 2011

Jumping to Cloud Before You Leap…OTN Architect Day 2011

(Some of) The Good… • Cloud providers have a deep vested interest in security • Must prove themselves to the market • Often much greater investment and attention to detail than traditional IT • Cloud homogeneity makes security auditing/testing simpler • Shifting public data to an external cloud reduces the exposure of the internal sensitive data • Data held by an unbiased partyhttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011

…The Bad… • Multi-tenancy; need for isolation management • High value target for hackers • Fragmentation; creation of more silos • Data dispersal and international privacy laws • EU Data Protection Directive and U.S. Safe Harbor program • Exposure of data to foreign government and data subpoenas • Data retention issueshttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011

…& The Ugly • Trusting another vendor’s security model • Proprietary implementations • Audit & compliance • Availability: Relying on a vendor to stay in businesshttp://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.pptOTN Architect Day 2011

SaaS Patterns Authorization Authorization Access Policy Access Policy Management Management Provider B Identity Provider Management A Provider SAML C User id & attributes User Id SPML SAML Authentication Authorization Authentication Authorization STS Identity Provider D Management Identity Access Policy Management Management SAML, WS-Trust, Access Policy WS-Federation ManagementOTN Architect Day 2011

Recommendations 1. Assess your risks 2. Classify your information 3. Define policies and procedures 4. Maintain most sensitive data in house 5. Don’t outsource your security management 6. Follow a security architecture / roadmap 7. Design patterns for cloud computing 8. Choose a secure platformOTN Architect Day 2011

Takeaways (Cloud or not)  Deploy Defense in Depth • Good general strategy to protect highly distributed systems (SOA, BPM, Cloud, etc.) • Limit your risks  Rationalize & Consolidate • Standardized frameworks, services, & technologies • Implement processes & policies  Plan Ahead • Classification strategy: know your systems & data • Cloud strategy: know your options & vendors • Risk management: choose wisely & CYAVisit the ITSO Reference Library at www.oracle.com/goto/itstrategies

Rationalization and Defense in Depth - Two Steps Closer to the Cloud

by Bob Rhubart

Accessibility

Categories

Upload Details

Usage Rights

1 Embed 1

Statistics

Rationalization and Defense in Depth - Two Steps Closer to the Cloud Presentation Transcript