security in windows azure
Post on 21-Jun-2015
165 Views
Preview:
TRANSCRIPT
Security in Windows Azure
Mihai TataranGeneral Manager, Avaelgo & Avaelgo Training
Microsoft MVP on Windows AzureMihai.Tataran@Avaelgo.ro
Agenda
•General considerations on Security•Typical threats and attacks•Applying to Windows Azure•Security Development Lifecycle•How to protect
General considerations
•What to secure: network, host, data, application• Stuff which falls between the cracks• Think about security holistically
•Technology•People
Security frame•We need to organize security knowledge in a set of actionable items• Auditing• Authentication and Authorization• Communication• Configuration Management• Cryptography• Exception Management• Sensitive Data• Session Management• Validation
Threats and attacks• Auditing: • Disclosure of confidential information from log files• Denial of service
• Authentication:• Network eavesdropping• Brute force / dictionary attacks• Cookie replay• Credential theft
• Authorization:• Elevation of privilege• Token stealing
Threats and attacks• Communication:• Failure to encrypt messages• Theft of encryption keys• Man in the middle• Session replay• Data tampering
• Configuration Management:• Unauthorized access to config stores
• Cryptography:• Encryption cracking• Loss of decryption keys
Threats and attacks• Exception Management:
• Information disclosure• Denial of service• Elevation of privilege
• Input validation:• Cross site scripting, Cross site request forgery• SQL Injection• XML bomb
• Sensitive data:• Memory dumping• Sniffing
Applying to Windows Azure – short intro• What is the Cloud• What is Windows Azure • Its advantages and disadvantages
Applying to Windows Azure – what to protect • Virtual Machines• Virtual Network• SQL Database• Azure Storage• Application• Caching • Etc.
Applying to Windows Azure - infrastructure• Port scanning: the only open ports are those defined by us!• Denial of service:
• External: depends on our settings, but the Fabric Controller tries to identify the attacks• Internal: all DOS attacks initiated from internal VMs will result in
removing those VMs from the network
• Spoofing: compromised machines cannot impersonate VMs from the Fabric Controller (broadcast and multicast are blocked, https between VMs and FC)• Sniffing: the Hyper-V switch prevents sniffing from a VM to
another VM on the same host; racks switches block it to other VMs• VMs are untrusted by the Root OS Hypervisor
Applying to Windows Azure - application• Use custom domains instead of myapp.cloudapp.net
and scope cookies to your custom domain; scripting!• Access to Azure Storage using Shared Access
Signatures; attention to REST query injection• SQL Database: pay attention to SQL Injection; no TDE• Auditing -> Azure Tables• Authentication using Azure’s ACS, Azure AD, Windows
Identity Foundation -> rely on existing patterns and user stores!
DEMO• Attacker gets sensitive information from a Windows
Azure Storage account• ARP Poisoning• Sniffing• Just a bit of luck
Conclusion• Azure’s infrastructure is very secured• But our artefacts: app, data, etc. – not necessarily
References • Azure Security Notes: http://
blogs.msdn.com/b/jmeier/archive/2010/08/03/now-available-azure-security-notes-pdf.aspx
top related