Security in the Cloud

Prabath Siriwardena – Software Architect, WSO2

Cloud Computing

As a Service ?

As a Service ? Pay per use Resource Sharing Self service provisioning Unlimited Resource

•  In public –  IaaS, PaaS, SaaS available on the Internet –  Use one of the cloud service providers –  Information is stored and managed by provider under SLA •  In Private –  Have a cloud, in-‐house –  IaaS provides by hardware on your data centers –  PaaS running on your IaaS –  SaaS executing on your PaaS •  Or use both –  Hybrid Cloud

Enterprise IT in 2010

Enterprise IT in 2015+

What do you expect from a platform ?

•  Public Cloud –  Fast time to market –  Makes it easier to write scalable code •  Private Cloud –  Give each team their own instant infrastructure –  Govern centrally but code and deploy by team –  Automated governance, registry, identity –  Instant BAM

•  Distributed / Dynamically Wired (works properly in the cloud) –  Finds services across applications –  Reuse services from other departments e.g. People information required by all of Finance, Engineering and Sales •  Elastic (uses the cloud eﬃciently) –  Scales up and down as needed –  Some departments might want varying resources with varying bandwidth with varying priority •  Multi-‐tenant (only costs when you use it) –  Virtual isolated instances to facilitate isolation between departments etc. –  e.g. Sales vs. Finance tenants. Finance want complete isolation for some sensitive services •  Self-‐service (in the hands of users) –  De-‐centralized creation and management of tenants –  No need to come to IT department to gain access – served via portal – no need to be on the queue or waiting list •  Granularly Billed and Metered (pay for just what you use) –  Allocate costs to exactly who uses them –  Bill and cost various departments per use –  Get rid of the situations where unused computing assets lying in one department while the other departments are starving for the same •  Incrementally Deployed and Tested (supports seamless live upgrade) –  Not disrupt other operations

ProviderIAAS N F Application N F Middleware N F Guest OS F N Hypervisor F N Storage F N Hardware Organization F N Network

ProviderPAAS M L Application M L Middleware F N Guest OS F N Hypervisor F N Storage F N Hardware Organization F N Network

ProviderSAAS M L Application F N Middleware F N Guest OS F N Hypervisor F N Storage F N Hardware Organization F N Network

IaaS PaaS SaaS Data Organization Organization Organization Applications Organization Shared Service Provider Systems Service Provider Service Provider Service Provider Storage Service Provider Service Provider Service Provider Network Service Provider Service Provider Service Provider

SAAS More Control PAAS IAAS

Private Public Compliance Organization Service Provider Governance Organization Service Provider Security Organization Service Provider Operations Organization Service Provider Risk Organization Shared Cloud Owner Organization Service Provider or leased Use limited to Organization Public

Public Ownership Hybrid Private

Multi-‐tenancy

•  Can be used to give departments their own PaaS world to operate in •  Yet all share same hardware resources –  Not all departments need resources at the same time –  Really pay per use –  Opportunity to unify departmental level small server pools •  Drastically reduce admin/management costs –  One software installation to maintain •  Use diﬀerentiated QoS

Multi-‐tenancy ¡  Three possible ways §  Machine per tenant §  VM per tenant §  Share machine/VM across tenants ¡  Challenges §  Data isolation §  Logic isolation §  Security

Data Isolation – Separated DB Multi-‐tenancy

Data Isolation – Shared DB / Separate Schema Multi-‐tenancy

Data Isolation – Shared DB / Shared Schema Multi-‐tenancy

Data Access -‐ Security Patterns Trusted Database Connections

Data Access -‐ Security Patterns Secure Database Tables GRANT SELECT, UPDATE, INSERT, DELETE ON [TableName] FOR [UserName]

Data Access -‐ Security Patterns Tenant View Filter CREATE VIEW TenantEmployees AS SELECT * FROM Employees WHERE TenantID = SUSER_SID()

•  Data Conﬁdentiality/Integrity/Availability •  Data Lineage •  Data Provenance •  Data Remanence

Data Conﬁdentiality/Integrity/Availability Storage Processing Transmission Conﬁdentiality Symmetric Homomorphic SSL Encryption Encryption Integrity MAC Homomorphic SSL Encryption Availability Redundancy Redundancy Redundancy

cloud security forxg vhfxulwb Homomorphic Encryption cloud forxg security vhfxulwb cloud security forxg vhfxulwb

Vendor CVE KVM 32 QEMU 23 VMWare 126 XEN 86 •  VM Escape (Host code execution) •  Guest code execution with privilege

•  Identity Management •  Access Management •  Key Management •  System & Network Auditing •  Security Monitoring •  Security Testing & Vulnerability Remediation •  System & Network Controls

•  Controls over identity information Identity Management •  Strong Identity Management system for cloud personnel •  Large scale needs for authenticating cloud tenants and users •  Federated Identity •  Audits for legal activities •  Identity Recycle? •  Means to verify assertions of identity by cloud provider personnel

•  Cloud personnel shall have restricted access to Access Management the customer data •  Multifactor authentication for highly privileged operations •  Large scale needs for authenticating cloud tenants and users •  Least privileged principal and RBAC •  White-‐listed IPs for remote access by cloud personnel

•  Encryption the key to protect data in transit and at rest Key Management •  All keys secured properly •  Eﬀective procedures to recover from compromised keys •  Eﬀective procedures for key revocation

System & Network Auditing •  All security related events must be recorded with all relevant information •  Generated audit events must be logged in near real-‐time manner •  Integrity & conﬁdentiality of audit logs should be protected •  Audit logs needs to be securely archived

•  Generation of alerts in recognition of a critical Security Monitoring security breach •  Delivery of security alerts in deferent means securely •  Cloud wide intrusion and anomaly detection •  Periodic checks to make sure monitoring system runs healthy

•  Well deﬁned set of security test cases •  Separate environments for development, Security Testing testing, staging and production •  Patch management

System & Network Controls •  Should be implemented for infrastructure systems •  Network isolation in between diﬀerent functional areas in the cloud •  Assure the integrity of OSes, VM images and infrastructure applications •  Isolation between diﬀerent VMs

•  Abuse & nefarious use of cloud computing •  Password/key cracking, DDOS, CAPTCH solving farms, building rainbow tables •  Insecure interfaces and APIs •  Malicious insiders •  Shared technology issues •  Data loss and leakage •  Account or service hijacking •  Unknown risk proﬁle

http://blog.facilelogin.com	219
http://a0.twimg.com	6
http://tweetedtimes.com	3
http://127.0.0.1:8775	1

Security in the Cloud

by Prabath Siriwardena on Oct 27, 2011

Accessibility

Categories

Tags

Upload Details

Usage Rights

4 Embeds 229

Statistics

Security in the Cloud — Presentation Transcript