5. Security concerns for Cloud computing
Concerns
Many companies can reduce cost using Cloud Computing services
But, customers still concerned about security of data
BE305: Special Topics in Computer Systems
6. Security Cornerstones (CIA)
Confidentiality
To prevent unauthorized reading of information
Integrity
To prevent unauthorized writing of information
Availability
To provide access to information whenever consumers want
BE305: Special Topics in Computer Systems
7. Cloud Security Concerns
Cloud internal
administrator
Attacker
Client
BE305: Special Topics in Computer Systems
8. Vulnerability of IaaS
Vulnerability of IaaS
Anyone with privileged access to the host can read or manipulate
a customer’s data
Consequently, customers cannot protect their VMs on their own
admin with root
privileges
BE305: Special Topics in Computer Systems
9. TCCP(Trusted Cloud Computing Platform)
TCCP
Guarantees the confidentiality and the integrity of a user’s VM
Allows users to attest to the IaaS provider
Determine whether the service is secure before they launch their VM
BE305: Special Topics in Computer Systems
11. Eucalyptus
What is Eucalyptus?
an open source IaaS platform that similar to Amazon’s EC2
manages one or more clusters whose nodes run a virtual machine monitor
For simplicity, a single cloud manager(CM) that handles a single cluster
BE305: Special Topics in Computer Systems
12. Eucalyptus(cont.)
From the perspective of users
Eucalyptus provides a web service interface to launch, manage,
and terminate VMs
A VM is launched from a virtual machine image(VMI) loaded from the CM
Once a VM is launched, users can log in to it using normal tools
such as ssh
BE305: Special Topics in Computer Systems
13. Cloud Provider
BE305: Special Topics in Computer Systems
14. Attack model
By enforcing a security perimeter
the provider can prevent attacks that require physical access to the machine
Sysadmins can login remotely to any machine with root privileges
at any point in time
BE305: Special Topics in Computer Systems
16. Trusted Computing
Trusted Computing Group(TCG)
proposed a standard for the design of the trusted platform module(TPM)
Trusted Platform Module(TPM)
Secure boot
Remote attestation
BE305: Special Topics in Computer Systems
17. Remote Attestation
Objective
Verifier determines whether a remote system satisfies some property
Example
Is the remote system running the standard Ubuntu Linux v.2.6.18 kernel?
Problem
Can’t just ask the system, since it could lie!
BE305: Special Topics in Computer Systems
18. Remote Attestation Process
Three Phases
Measurement
machine to be attested must measure its properties locally
Attestation
transfer measurements from machine being attested to remote machine
Verification
Remote machine examines measurements transferred during attestation
decide whether they are valid and acceptable
BE305: Special Topics in Computer Systems
19. Hardware TTP for Remote attestation
Pure software TTPs impose severe restrictions on remote attestation
assurances
So, hardware solutions are an alternative
Most popular: Trusted Platform Module(TPM)
BE305: Special Topics in Computer Systems
21. Trusted Platform Module
TPM
contains an endorsement private key that uniquely identifies the TPM
and some cryptographic functions that cannot be modified
Manufacturers sign the corresponding public key
to guarantee the correctness of the chip and validity of the key
BE305: Special Topics in Computer Systems
22. How does it get measured?
Program code: BIOS Bootloader Kernel Module Module App App
SH
Hash function:
A1
Hashes: BIOS Bootloader Kernel Module Module App App
SH
A1
SH
A1 … SH
A1
H1 H2 PCR
BE305: Special Topics in Computer Systems
23. Attestation
BE305: Special Topics in Computer Systems
24. Trusted Platform
A trusted platform like Terra implements a VMM that enforces a closed
box execution environment
Means that a guest VM cannot be inspected or modified by a user with
full privileges over the host
However, this is insufficient
a sysadmin can divert a customer’s VM to a node not running the platform
either when the VM is launched (by manipulating the CM)
or during the VM execution (using migration)
BE305: Special Topics in Computer Systems
26. Trusted Cloud Computing Platform
Trusted Cloud Computing Platform(TCCP)
provides a closed box execution environment
by extending the concept of trusted platform to an entire IaaS backend
TCCP guarantees the confidentiality and the integrity of a user’s VM
BE305: Special Topics in Computer Systems
27. TCCP
Two components
a trusted virtual machine monitor(TVMM)
a trusted coordinator(TC)
BE305: Special Topics in Computer Systems
28. TCCP
External trusted entity (ETE)
hosts the TC
securely updates the information provided to the TC
set of nodes deployed within the IaaS, configurations...
BE305: Special Topics in Computer Systems
29. Protocols of TCCP
Our proposal
the TCCP protocols to secure the VM launch and migration
Message exchange during VM migrate
Message exchange during node registration
Message exchange during VM launch
BE305: Special Topics in Computer Systems
30. Basic Communication Scenario
Encryption Key Decryption Key
plaintext ciphertext plaintext
Encrypt Decrypt
Enemy or
Eavesdropper
BE305: Special Topics in Computer Systems
31. Symmetric-key Vs. Public-key
Symmetric key
Same key for encryption as for decryption
Public key (asymmetric)
require two separate keys, one to lock, one to unlock
BE305: Special Topics in Computer Systems
32. Notation
<Kp, KP>
private-public keys of an asymmetric cryptography keypair
{y}Kx
the data y is encrypted with key Kx
EKx
endorsement keys
TKx
trusted keys
Kx
session keys
nx
Nonce, unique numbers generated by x
BE305: Special Topics in Computer Systems
33. Node management
Trusted Coordinator(TC)
dynamically manages the set of trusted nodes by maintaining a directory
Directory
Each node id
P
the public endorsement key EK N
expected measurement list MLN
TC available to the public
P P
TKTC MLTC EKTC
BE305: Special Topics in Computer Systems
34. Node registration
To be trusted, a node must register with the TC
1. nN to avoid an impersonation of the TC by an attacker
1.
N TC
BE305: Special Topics in Computer Systems
35. Node registration
To be trusted, a node must register with the TC
to guarantee the authenticity of the TC
1. nN
2. {MLTC , n N } EK p , nTC
TC
TC also attests to N
if this matches the expected configuration, it
means the TC is trusted
1.
2.
N TC
BE305: Special Topics in Computer Systems
36. Node registration
To be trusted, a node must register with the TC
1. nN make private-public key and send
its public key to the TC
2. {MLTC , n N } EK p , nTC
TC
3. {{ MLN , nTC } EK p ,TK N } TK P
P
N TC
1.
2.
N 3.
TC
BE305: Special Topics in Computer Systems
37. Node registration
To be trusted, a node must register with the TC
If both peers mutually attest successfully,
1. nN P
the TC adds TK N to its node database
2. {MLTC , n N } EK p , nTC
TC
3. {{ MLN , nTC } EK p ,TK N } TK P
P
N TC
4. {accepted } TK P
N
1.
2.
N 3.
TC
4.
BE305: Special Topics in Computer Systems
38. Our protocol
VM launch protocol
VM migration protocol
the initial VM state α
contains the VM image(VMI)
the user’s public key(used for ssh login)
BE305: Special Topics in Computer Systems
39. VM launch
1. {α, # α} K VM , { nU , KVM } TK P
TC
user generates a session key KVM
1.
α
CM
U
N TC
BE305: Special Topics in Computer Systems
40. VM launch
1. {α, # α} K , { nU , KVM } TK
VM
P
TC
2. {{{ nU , KVM } TK , n N } TK }, N } TK
P
TC
p
N
P
TC
the TC can verify whether N is trusted
1.
α
CM
U
2.
N TC
BE305: Special Topics in Computer Systems
41. VM launch
1. {α, # α} K , { nU , KVM } TK
VM
P
TC
N is now available decrypt α,
2. {{{ nU , KVM } TK , n N } TK }, N } TK
P
TC
p
N
P
TC
and boot the VM
3. {{ n N , nU , KVM } TK } TK
p
N
p
TC
1.
α
CM
U
2.
N TC
3.
BE305: Special Topics in Computer Systems
42. VM launch
1. {α, # α} K , { nU , KVM } TK
VM
P
TC
2. {{{ nU , KVM } TK , n N } TK }, N } TK
P
TC
p
N
P
TC
3. {{ n N , nU , KVM } TK } TK
p
N
p
TC
4. {nU , N} K VM
1.
α
CM 4.
U
2.
N TC
3.
BE305: Special Topics in Computer Systems
43. VM migration
1. {{ Nd , n s } TK , N s } TK
p
N
P
TC
2. {{ ns 1,TKN } TK } TK
P
P p
d Ns TC CM
Nd
1 & 2, Ns asks TC to check
whether Nd is trusted
VM
1.
Ns TC
2.
BE305: Special Topics in Computer Systems
44. VM migration
1. {{ Nd , n s } TK , N s } TK
p
N
P
TC
2. {{ ns 1,TKN } TK } TK
P
P p
d Ns TC CM
3. Nd
3. {{ K S , ns 2} TK , Ns } TK
p P
Ns Nd
Session key Ks that will be used
to secure the transfer of the VM
state VM
1.
Ns TC
2.
BE305: Special Topics in Computer Systems
45. VM migration
1. {{ Nd , n s } TK , N s } TK
p
N
P
TC
2. {{ ns 1,TKN } TK } TK
P
P p
d Ns TC CM
3. Nd
3. {{ K S , ns 2} TK , Ns } TK
p P
Ns Nd
4. {{ Ns , nd } TK , Nd } TK
p P
Nd TC
5. {{ nd ,TKN } }
P 4. 5.
P p
TKsTK Nd TC
VM
1.
Ns TC
2.
before accepting the key,
Nd first verifies that Ns is trusted(4,5)
BE305: Special Topics in Computer Systems
46. VM migration
1. {{ Nd , n s } TK , N s } TK
p
N
P
TC
2. {{ ns 1,TKN } TK } TK
P
P p
d Ns TC CM
3. Nd
3. {{ K S , ns 2} TK , Ns } TK
p P
Ns Nd
4. {{ Ns , nd } TK , Nd } TK
p P
Nd TC
6.
5. {{ nd ,TKN } }
P 4. 5.
P p
TKsTK Nd TC 7.
VM
6. {n }
d KS Ns 1.
TC
2.
7. {VMid , # VMid } KS
BE305: Special Topics in Computer Systems