Download - Lecture 7 Security in Cloud Computing Asst.Prof. Supakorn Kungpisdan, Ph.D. [email protected]
Lecture 7Security in Cloud ComputingAsst.Prof. Supakorn Kungpisdan, Ph.D.
Subwaves within the information age
NETE4630 Advanced Network Security and Implementation
2
Evolution of Cloud Computing
NETE4630 Advanced Network Security and Implementation
3
Why Cloud?
Cloud computing is a low-cost solution.
Cloud computing offers responsiveness and flexibility.
The IT expense matches the transaction volumes.
Business users are in direct control of technology decisions.
The line between home computing applications and enterprise applications will blur.
NETE4630 Advanced Network Security and Implementation
4
Sources of incremental IT spending growth
NETE4630 Advanced Network Security and Implementation
5
Worldwide IT cloud services spending
NETE4630 Advanced Network Security and Implementation
6
Evolution of Cloud Computing (cont.)
ISP 1.0 ISPs quickly proliferated to provide access to the Internet
for organizations and individuals. These early ISPs merely provided Internet connectivity for
users and small businesses, often over dial-up telephone service.
ISP2.0 As access to the Internet became a commodity, ISPs consolidated
and searched for other value-added services, such as providing access to email and to servers at their facilities.
NETE4630 Advanced Network Security and Implementation
7
Evolution of Cloud Computing (cont.)
ISP3.0 Colocation facilities: specialized facilities for hosting
organizations’ (customers’) servers, along with the infrastructure to support them and the applications running on them.
Those facilities are “a type of data center where multiple customers locate network, server, and storage gear and interconnect to a variety of telecommunications and other network service provider(s) with a minimum of cost and complexity.”
NETE4630 Advanced Network Security and Implementation
8
Evolution of Cloud Computing (cont.)
ISP4.0 As collocation facilities proliferated and became
commoditized, the next step in the evolution was the formation of application service providers (ASPs), which focused on a higher value-added service of providing specialized applications for organizations, and not just the computing infrastructure.
ASPs typically owned and operated the software application(s) they provided, as well as the necessary infrastructure.
NETE4630 Advanced Network Security and Implementation
9
Cloud Computing (ISP5.0)
Although ASPs might appear similar to a service delivery model of cloud computing that is referred to as software-as-a-service (SaaS), there is an important difference in how these services are provided, and in the business model.
Although ASPs usually provided services to multiple customers (just as SaaS providers do today), they did so through dedicated infrastructures.
That is, each customer had its own dedicated instance of an application, and that instance usually ran on a dedicated host or server.
The important difference between SaaS providers and ASPs is that SaaS providers offer access to applications on a shared, not dedicated, infrastructure.
NETE4630 Advanced Network Security and Implementation
10
Cloud Computing Defined
Properties Descriptions
Multi-tenancy (shared resources)
cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level, and application level.
Massive scalability
cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space
Elasticity Users can rapidly increase and decrease their computing resources as needed, as well as release resources for other uses when they are no longer required.
Pay as you go Users pay for only the resources they actually use and for only the time they require them.
Self-provisioning of resources
Users self-provision resources, such as additional systems (processing capability, software, storage) and network resources
NETE4630 Advanced Network Security and Implementation
11
Attributes of Elasticity
NETE4630 Advanced Network Security and Implementation
12
Notable Cloud Launches
NETE4630 Advanced Network Security and Implementation
13
SPI Service Model
NETE4630 Advanced Network Security and Implementation
14
Architecture for Relevant Technologies
NETE4630 Advanced Network Security and Implementation
15
Cloud Services Delivery Model
NETE4630 Advanced Network Security and Implementation
16
Cloud Deployment Model
Private Clouds
Public Clouds
Hybrid Clouds
NETE4630 Advanced Network Security and Implementation
17
Cloud Service Deployment Model
NETE4630 Advanced Network Security and Implementation
18
Public Clouds
NETE4630 Advanced Network Security and Implementation
19
Hybrid Clouds
NETE4630 Advanced Network Security and Implementation
20
Key Drivers to Adopting Clouds
Small Initial Investment and Low Ongoing Costs
Economies of Scale
Open Standards
Sustainability
NETE4630 Advanced Network Security and Implementation
21
Governance in the Cloud
NETE4630 Advanced Network Security and Implementation
22
Barriers to Cloud Computing Adoption in the Enterprise
Security
Privacy
Connectivity and Open Access
Reliability
Interoperability
Independence from CSPs
Economic Value
Changes in the IT Organization
IT Governance
Political Issues Due to Global Boundaries
NETE4630 Advanced Network Security and Implementation
23
Complexity of security in cloud environment
NETE4630 Advanced Network Security and Implementation
24
Security Issues in Service Models
Security in SaaS Most enterprises are still
uncomfortable with the SaaS model due to lack of visibility about the way their data is stored and secured.
Security in IaaS IaaS only provides basic
security (perimeter firewall, load balancing, etc.) and applications moving into the cloud will need higher levels of security provided at the host.
Security in PaaS PaaS offers an integrated
set of developer environment that a developer can tap to build their applications without having any clue about what is going on underneath the service.
This can be helpful for a hacker to leverage the PaaS cloud infrastructure for malware command and control and go behind IaaS applications.
NETE4630 Advanced Network Security and Implementation
25
Security for the SaaS Stack
NETE4630 Advanced Network Security and Implementation
26
Security for the SaaS StackData Security
In a traditional on-premise application deployment model, sensitive data of each enterprise continues to reside within the enterprise boundary and is subject to its physical, logical and personnel security and access control policies.
In SaaS model, the enterprise data is stored outside the enterprise boundary, at the SaaS vendor end.
EC2 Administrators with a business need are required to use their individual cryptographi- cally strong Secure Shell (SSH) keys to gain access to a host. All such accesses are logged and routinely audited.
Data at rest in Simple Storage Service (S3) is not encrypted by default, users can encrypt their data before it is uploaded to Amazon S3, so that it is not accessed or tampered with by any unauthorized party.
NETE4630 Advanced Network Security and Implementation
27
Possible Vulnerabilities in SaaS
Cross-site scripting [XSS]
Access control weaknesses
OS and SQL injection flaws
Cross-site request forgery [CSRF]
Cookie manipulation
Hidden field manipulation
Insecure storage
Insecure configuration
NETE4630 Advanced Network Security and Implementation
28
Security for the SaaS StackNetwork Security
Sensitive data is obtained from the enterprises, processed by the SaaS application and stored at the SaaS vendor end.
All data flow over the network needs to be secured in order to prevent leakage of sensitive information.
This involves the use of strong network traffic encryption techniques such as Secure Socket Layer (SSL) and the Transport Layer Security (TLS) for security.
NETE4630 Advanced Network Security and Implementation
29
Data Locality
Customer does not know where the data is getting stored.
Due to compliance and data privacy laws in various countries, locality of data is of utmost importance in many enterprise architecture.
In many EU and South America countries, certain types of data cannot leave the country because of potentially sensitive information.
A secure SaaS model must be capable of providing reliability to the customer on the location of the data of the consumer.
NETE4630 Advanced Network Security and Implementation
30
Data Integrity
Each SaaS application may have different levels of availability and SLA (service-level agreement), which further complicates management of transactions and data integrity across multiple SaaS applications.
The lack of integrity controls at the data level (or, in the case of existing integrity controls, bypassing the application logic to access the database directly) could result in problems.
NETE4630 Advanced Network Security and Implementation
31
Data Segregation
data of various users will reside at the same location. Intrusion of data of one user by another becomes possible in this environment.
A SaaS model should therefore ensure a clear boundary for each user’s data.
The boundary must be ensured not only at the physical level but also at the application level.
Possible Attacks include SQL injection flaws, Data validation, and Insecure storage.
NETE4630 Advanced Network Security and Implementation
32
Data Access
The SaaS model must be flexible enough to incorporate the specific policies put forward by the organization.
The model must also be able to provide organizational boundary within the cloud because multiple organization will be deploying their business processes within a single cloud environment.
NETE4630 Advanced Network Security and Implementation
33
Authentication and Authorization
With SaaS, the software is hosted outside of the corporate firewall.
Many a times user credentials are stored in the SaaS providers’ databases and not as part of the corporate IT infrastructure.
This means SaaS customers must remember to remove/disable accounts as employees leave the company and create/enable accounts as come onboard.
NETE4630 Advanced Network Security and Implementation
34
Vulnerabilities in Virtualization
Some vulnerability has been found in all virtualization software which can be exploited by malicious, local users to bypass certain security restrictions or gain privileges.
For example, the vulnerability of Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating system.
Vulnerability in Virtual PC and Virtual Server could allow elevation of privilege.
NETE4630 Advanced Network Security and Implementation
35
Availability
A multi-tier architecture needs to be adopted, supported by a load-balanced farm of application instances, running on a variable number of servers.
Resiliency to hardware/software failures, as well as to denial of service attacks, needs to be built from the ground up within the application.
NETE4630 Advanced Network Security and Implementation
36
Backups
The SaaS vendor needs to ensure that all sensitive enterprise data is regularly backed up to facilitate quick recovery in case of disasters.
The use of strong encryption schemes to protect the backup data is recommended
In the case of cloud vendors such as Amazon, the data at rest in S3 is not encrypted by default. The users need to separately encrypt their data and backups so that it cannot be accessed or tampered with by unauthorized parties.
NETE4630 Advanced Network Security and Implementation
37
Identity Management
NETE4630 Advanced Network Security and Implementation
38
Security in PaaS
Provider might give some control to the people to build applications on top of the platform.
But any security below the application level such as host and network intrusion prevention will still be in the scope of the provider and the provider has to offer strong assurances that the data remains inaccessible between applications.
PaaS is intended to enable developers to build their own applications on top of the platform.
NETE4630 Advanced Network Security and Implementation
39
Security in PaaS (cont.)
Hackers are likely to attack visible code, including but not limited to code running in user context.
They are likely to attack the infrastructure and perform extensive black box testing.
The vulnerabilities of cloud are not only associated with the web applications but also vulnerabilities associated with the machine-to-machine Service-Oriented Architecture (SOA) applications, which are increasingly being deployed in the cloud.
NETE4630 Advanced Network Security and Implementation
40
Security Issues in IaaS
With IaaS the developer has better control over the security as long as there is no security hole in the virtualization manager.
The security responsibilities of both the provider and the consumer greatly differ between cloud service models.
Amazon’s EC2 infrastructure as a service offering includes vendor responsibility for security up to the hypervisor, meaning they can only address security controls such as physical security, environmental security, and virtualization security.
The consumer, in turn, is responsible for the security controls that relate to the IT system including the OS, applications and data
NETE4630 Advanced Network Security and Implementation
41
Security Management and Monitoring Scope
NETE4630 Advanced Network Security and Implementation
42
ITIL Life Cycle in Enterprise
NETE4630 Advanced Network Security and Implementation
43
Security Management in Clouds
Availability management (ITIL)
Access control (ISO/IEC 27002, ITIL)
Vulnerability management (ISO/IEC 27002)
Patch management (ITIL)
Configuration management (ITIL)
Incident response (ISO/IEC 27002)
System use and access monitoring (ISO/IEC 27002)
NETE4630 Advanced Network Security and Implementation
44
Security-as-a-Service
Email filtering (including backup, archival, and e-discovery)
Web content filtering; vulnerability management
Identity-as-a-service (spelled as IDaaS).
NETE4630 Advanced Network Security and Implementation
45
Email Filtering
SaaS for email primarily involves cleansing spam, phishing emails, and malware included in email from an organization’s incoming email stream, and then delivering that clean email securely to the organization so that it is effectively not repolluted.
Not only more comprehensive security for clients due to the use of multiple engines, but also better performance of those client devices (because the anti-malware runs in the cloud and not on the endpoint directly), as well as far better anti-malware management.
Provide email encryption, SSL tunnel between email servers, backups and recovery
NETE4630 Advanced Network Security and Implementation
46
Web Content Filtering
NETE4630 Advanced Network Security and Implementation
47
Vulnerability Management
Discover, prioritize, and assess systems for vulnerabilities, and then report and remediate those vulnerabilities and verify the systems’ secure operation.
Monitor for and report on compliance with some regulatory requirements (e.g., the Payment Card Industry’s Data Security Standard).
NETE4630 Advanced Network Security and Implementation
48
Identity Management-As-a-Service
NETE4630 Advanced Network Security and Implementation
49
Questions?
NETE4630 Advanced Network Security and Implementation