• Like


Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht

Uploaded on

Will in-house clouds storm past your network defences?

Will in-house clouds storm past your network defences?

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Will in-house clouds storm past your network defenses? Andrew Yeomans Jericho Forum Board 1
  • 2. A brief introduction to the Jericho Forum The Jericho Forum aims to drive and influence development of security standards that will meet future business needs These standards will: – Facilitate the secure interoperation, collaboration and commerce over open networks – Be based on Collaboration Oriented Architectures (COA) and design approach entitled “de-perimeterization”. Globally, around fifty blue-chip user organisations, from all sectors, are working together to solve the problems posed by de-perimeterization The Open Group hosts the Jericho Forum Everything published is free and open-source. 2
  • 3. Some of our members Foreign & Commonwealth Office Cabinet Office 3
  • 4. From Connectivity to Collaboration Full de-perimeterized working Connectivity Full de-perimeterized working Full Internet-based Full Internet-based Collaboration Collaboration Today Consumerisation Consumerisation [Cheap IP based devices] [Cheap IP based devices] Limited Internet-based Limited Internet-based Collaboration Collaboration External Working External Working VPN based VPN based External collaboration Effective Perimeter Breakdown External collaboration [Private connections] [Private connections] Internet Connectivity e Internet Connectivity lu Web, e-Mail, Telnet, FTP Web, e-Mail, Telnet, FTP Va k s is Connectivity for Connectivity for n es R Internet e-Mail Internet e-Mail si Connected LANs Connected LANs Bu interoperating protocols interoperating protocols Local Area Networks Local Area Networks Islands by technology Islands by technology Stand-alone Computing Stand-alone Computing [Mainframe, Mini, PC’s] [Mainframe, Mini, PC’s] Time 4 http://opengroup.org/jericho/Business_Case_for_DP_v1.0.pdf
  • 5. Core business targets Desktop Web host Backup Product Security Customer R&D Infra- structure Email 5
  • 6. Clouds – inside your data centre? Technology Cost in Cost in Very Ratio Medium- Large DC sized DC Network $95 per Mbit/ $13 per Mbit/ 7.1 sec/ month sec/ month Storage $2.20 per $0.40 per 5.7 GByte / month GByte / month Administra- 140 Servers / >1000 Servers 7.1 tion Admin / Admin Source: HAMILTON, J. Internet-Scale Service Efficiency. In Large-Scale Distributed Systems and Middleware (LADIS) Workshop (September 2008) 6
  • 7. Cloud Shape Architecture Model External Is data Where collaboratively is your data shared ? ? De- Internal perimeterised Perimeterised Proprietary Open Are the interfaces public ? 7 Adrian Secombe
  • 8. Where is my data? Security Questions Who is responsible if something What due diligence did my employees goes wrong? do prior to using the service? What about business continuity? What leaks are there from the cloud service back into my infrastructure? How does my data securely enter and exit the cloud? External How is my data protected in transit? Distinction Fades as Virtualisation Who has access to my data? Increases What about export and Privacy laws? Internal How is the EXT/INT interface managed? Perimeterised De- De-perimeterised Will I be able to deliver? Do I have the skills? Can the Outsourcer integrate into Do I have the resources? Distinction my infrastructure? Can do I recover costs? Fades as Collaboration Increases 8
  • 9. Interoperability Questions What if I need to switch vendors? What if my collaboration partner uses a different vendor? Do I have to implement Is this where I want to be? proprietary interfaces to do Do I still need internal cloud business with the provider? services? External Will this allow me to leverage Distinction Fades as multiple cloud service providers to jointly perform a task? Virtualisation Increases Will it further enable collaboration among multiple Internal partners? Proprietary Open When I run out of resources can I engage an external What standards should be cloud service provider? Distinction developed? Hinders Who should control them? Collaboration 9
  • 10. Thunder clouds – the problems Inertia – why change? Availability – outages? Lock-in – how to get my data out again? Confidentiality – who else can see it? Auditability – and can you prove that? Jurisdiction – who can get to the data? 10
  • 11. Internal clouds Where to deploy? – Development / Test – Disaster Recovery – Production compute grid – Cyclical processing – e.g. end-of-day – Scalable web hosting 11
  • 12. Cloud future – design your network Add instance Remove instance Migrate Performance Properties 12
  • 13. Risk Control Acceptance Curve Confidentiality in clouds <1% Risk Control Levels 14% 85% Ratios closer to data volumes
  • 14. Current network designs 14
  • 15. Internal cloud? 15
  • 16. …full of virtual servers 16
  • 17. Network security? Where is the Firewall? Where is the Intrusion Detection System? Where is the Intrusion Protection System? Where are network routing controls? … and VLANs, DLP, WAF, sniffers… How much value do they really add? 17
  • 18. Effectiveness of security controls Network controls Relative effectiveness End-point and application controls Data controls 2010? Acknowledgements to Steve Whitlock and Dan Hitchcock Time 18
  • 19. Data separation Interconnected mini-clouds? (Physical) VLAN separation (network) Hypervisor? (Ring0 software) Data-centric? (data) 19
  • 20. Data protection choice is easy! • In IT systems we have two main protection methods: – Encryption (or not) – Access controlled (or not) Encrypted Encrypted Uncontrolled Controlled access Unencrypted Unencrypted Uncontrolled Controlled access
  • 21. Three Laws of Data Encryption Based on Rich Mogull: 1. External loss - Encryption for media protection – if the data moves, physically or virtually. Simple key management. 2. Internal access - Encryption to restrict privileged access. Complex key management if really works. 3. Mandated encryption (e.g. PCI)
  • 22. Two other forms of protection Protect by monitoring – Can't always have technical controls – Monitor for policy violations – Advertise to reduce temptations – Results from “DLP” can steer Data Classification and create dialogue with business Protect by destroying! – The best form of confidentiality – Data Retention policies – Need to track all assets, including data
  • 23. But it must be manageable Missing – an open format for data protection Key management standards Missing - Open authentication Data zones 23
  • 24. A look to the future - OpenEIPC Mimetype Pictures/1001.png Missing – an open format for Pictures/1002.png data protection (c.f. DRM) content.xml Strawman – ZIP + XACML hCTqkH557Q6yeIh uz+kbOfADzas2o Also works for ODF and mqWD3USq4HOjh /syMeHVH OOXML/OPC styles.xml Scope and level appropriate to meta.xml asset at risk eipc.xml 24
  • 25. ACLs versus Protected Data Fine-grained cryptographic protection difficult So use traditional ACLs for fine-grained control Use crypto protection for provable broad protection Will really take off when embedded in operating system or hypervisor 25
  • 26. Security by Design, not Afterthought Risks Benefits Get it wrong and Increased levels of expose the business security Keep adding more Simpler, less complex layers of security security Cost and/or inability Cheaper to run, easier to manage to manage Saddled with Tomorrows technology yesterday’s with ability to gain technology business advantage Inflexible to respond Flexible and adaptable to market demands solutions 26
  • 27. Jericho Forum Self Assessment Scheme 27
  • 28. Jericho Forum Activity Like many others, we see huge potential and benefits for moving into "the cloud" But we advise not leaping in their before understanding the: – Risks – Security issues – Interoperability issues – Business rationale The Jericho Forum is taking a lead on: – Analyzing the issues – Raising awareness – Establishing clear requirements Goal: Make the cloud a safe place to collaborate 28
  • 29. 29
  • 30. Thank You! Andrew Yeomans Jericho Forum Board http://jerichoforum.org 30