서울과학기술대학교Jeilyn Molina

121336101

Cloud Computing

Cloud Computing is a general term used to describe a new class of network based comput-ing that takes place over the Internet, • basically a step on from Utility Computing• a collection/group of integrated and net-

worked hardware, software and Internet infra-structure.

• Using the Internet for communication and transport provides hardware, software and networking services to clients

Defines cloud computing by:

• 5 essential characteristics• 3 cloud service models• 4 cloud deployment models

Essential characteris-tics

On-demand service• Get computing capabilities as

needed automaticallyBroad Network Access• Services available over the net us-

ing desktop, laptop, PDA, mobile phone

Essential characteris-ticsResource pooling• Provider resources pooled to

server multiple clientsRapid Elasticity• Ability to quickly scale in/out

service

Essential characteris-tics

Measured service• Control, optimize services

based on metering

Cloud service models

Software as a Service (SaaS)• We use the provider apps• User doesn’t manage or control the

network, servers, OS, storage or appli-cations

Platform as a Service (PaaS)• User deploys their apps on the cloud• Controls their apps• User doesn’t manage servers, IS, stor-

age

Cloud service models

Infrastructure as a Service (IaaS)• Consumers gets access to the infrastruc-

ture to deploy their stuff• Doesn’t manage or control the infrastruc-

ture• Does manage or control the OS, storage,

apps, selected network components

SalesForce CRM

Cloud Service

Cloud deployment models

Public

• Cloud infrastructure is available to the gen-eral public, owned by organization selling cloud services

Private

• Cloud infrastructure for single organization only, may be managed by the organization or a 3rd party, on or off premise

Cloud deployment models

Community

• Cloud infrastructure shared by several orga-nizations that have shared concerns, man-aged by organizations or 3rd party

Hybrid

• 2 or more clouds bound by standard or pro-prietary technology

Problems Associated with Cloud Computing

Most security problems stem from:

• Loss of control

• Lack of trust

• Multi-tenancy

Consumer’s loss of control

• Data, applications, resources are located with provider

• User identity management is handled by the cloud

• User access control rules, security policies and enforcement are managed by the cloud provider

• Consumer relies on provider to ensure Data security and privacy Resource availability Monitoring and repairing of services/resources

Loss of Control in the Cloud

Defining trust and risk

• Opposite sides of the same coin • People only trust when it pays• Need for trust arises only in risky situations

Defunct third party management schemes

• Hard to balance trust and risk• Is the cloud headed toward the same path?

Lack of Trust in the Cloud

Multi-tenancy Issues in the Cloud

Conflict between tenants’ opposing goals

• Tenants share a pool of resources and have op-posing goals

How does multi-tenancy deal with conflict of interest?

• Can tenants get along together and ‘play nicely’ ?• If they can’t, can we isolate them?

In theory, minimizing any of the issues would help:

• Loss of ControlTake back control

Data and apps may still need to be on the cloudBut can they be managed in some way by the con-sumer?

• Lack of trustIncrease trust (mechanisms)

TechnologyPolicy, regulationContracts

• Multi-tenancyPrivate cloud

Takes away the reasons to use a cloud in the first place

VPC: its still not a separate system Strong separation

Security Issues in the Cloud

Consumers have specific security needs but don’t have a say-so in how they are handled

• What is the provider doing for me?• Currently consumers cannot dictate their re-

quirements to the provider

Standard language to convey one’s policies and expectations

• Agreed upon and upheld by both parties• Standard language for representing Service

Level Agreement Can be used in a intra-cloud environment to realize overarching security posture

Minimize Lack of Trust: Policy Language

Create policy language with the following characteristics:

• Machine-understandable• Easy to combine/merge and compare • Examples of policy statements are, requires

isolation between VMs, requires geographical isolation between VMs, requires physical sep-aration between other communities/tenants that are in the same industry.

• Need a validation tool to check that the policy created in the standard language correctly re-flects the policy creator’s intentions.

Minimize Lack of Trust: Policy Language

Minimize Lack of Trust: Certification

Certification• Some form of reputable, independent,

comparable assessment and description of security features and assurance

Risk assessment• Performed by certified third parties• Provides consumers with additional as-

surance

Minimize Loss of Control

Monitoring

Utilizing different clouds

Access control management

MonitoringCloud consumer needs situational awareness for critical applications

• When underlying components fail, what is the effect of the failure to the mission logic

• What recovery measures can be taken

Requires an application-specific run-time mon-itoring and management tool for the consumer

• The cloud consumer and cloud provider have different views of the system

• Enable both the provider and tenants to monitor the compo-nents in the cloud that are under their control

• Provide mechanisms that enable the provider to act on at-tacks he can handle.

• Provide mechanisms that enable the consumer to act on at-tacks that he can handle (application-level monitoring).

Utilizing different clouds

Consumer may use services from different clouds through an intra-cloud or multi-cloud architecture

Propose a multi-cloud or intra-cloud architecture in which con-sumers

• Spread the risk• Increase redundancy (per-task or per-application)• Increase chance of mission completion for critical appli-

cations

Possible issues to consider:• Policy incompatibility (combined, what is the overarch-

ing policy?)• Data dependency between clouds• Differing data semantics across clouds• Knowing when to utilize the redundancy feature (moni-

toring technology)• Is it worth it to spread your sensitive data across multi-

ple clouds? Redundancy could increase risk of exposure

Access control management

Many possible layers of access control

• E.g. access to the cloud, access to servers, access to ser-vices, access to databases, access to  Virtual Memory System, and access to objects within a  Virtual Memory

• Depending on the deployment model used, some of these will be controlled by the provider and others by the consumer

Regardless of deployment model, provider needs to manage the user authentication and access control procedures

• Federated Identity Management: access control man-agement burden still lies with the provider

• Requires user to place a large amount of trust on the provider in terms of security, management, and mainte-nance of access control policies. This can be burdensome when numerous users from different organizations with different access control policies, are involved

Access control management

Consumer-managed access control

• Consumer retains decision-making process to retain some control, requiring less trust of the provider (i.e. PDP is in consumer’s domain)

• Requires the client and provider to have a pre-existing trust relationship, as well as a pre-negotiated standard way of describing resources, users, and access decisions between the cloud provider and consumer. It also needs to be able to guarantee that the provider will uphold the consumer-side’s access decisions.

• Should be at least as secure as the traditional access control model.

• Facebook and Google Apps do this to some degree, but not enough control

• Applicability to privacy of patient health records

PEP(intercepts all

resource access requestsfrom all client

domains)

PDPfor cloud resource

on Domain A

Cloud Consumer in Domain B

ACM(XACML policies)

.

.

.

resources

Cloud Provider in Domain A

IDP1. Authn request

2. SAML Assertion3. Resource request (XACML Request) + SAML assertion

4. Redirect to domain of resource owner

7. Send signed and encrypted ticket

5. Determine whether user can access specified resource 6. Create ticket for grant/deny

8. Decrypt and verify signature

9. Retrieve capability from ticket

10. Grant or deny access based on capability

Access Control

Service contracts should address these 13 domains

• Architectural Framework• Governance, Enterprise Risk Manage-

ment• Legal, e-Discovery• Compliance & Audit• Information Lifecycle Management• Portability & Interoperability

Cloud Domains

Cloud Domains

• Security, Business Continuity, Disas-ter Recovery

• Data Center Operations• Incident Response Issues• Application Security• Encryption & Key Management• Identity & Access Management• Virtualization

Cloud Architecture

Governance

• Identify, implement process, controls to maintain effective governance, risk man-agement, compliance

• Provider security governance should be as-sessed for sufficiency, maturity, consistency with user ITSEC process

• Request clear docs on how facility & ser-vices are assessed

• Require definition of what provider consid-ers critical services, info

• Perform full contract, terms of use due dili-gence to determine roles, accountability

Legal, e-DiscoveryFunctional• which functions & services in the Cloud have

legal implications for both parties

Jurisdictional• which governments administer laws and regu-

lations impacting services, stakeholders, data assets

Contractual• terms & conditions

• Both parties must understand each other’s roles Litigation hold, Discovery searchesExpert testimony

• Provider must save primary and secondary data

• Where is the data stored?laws for cross border data flows

• Plan for unexpected contract termination and orderly return or secure disposal of assets

• You should ensure you retain ownership of your data in its original form

Legal, e-Discovery

Incident Response

• Cloud apps aren’t always designed with data integrity, security in mind

• Provider keep app, firewall, IDS logs?• Provider deliver snapshots of your virtual

environment?• Sensitive data must be encrypted for data

breach regulations

Encrypt data in transit, at rest, backup media

Secure key store• Protect encryption keys• Ensure encryption is based on industry/

government standards.• Limit access to key stores• Key backup & recoverability

Encryption, Key Management

Determine how provider handles:• Provisioning• Authentication• Federation• Authorization, user profile manage-

ment

ID, Access Management

Virtualization

What type of virtualization is used by the provider?

What 3rd party security technology augments the virtual OS?

Which controls protect admin inter-faces exposed to users?

Opportunities and Challenges

The use of the cloud provides a number of opportunities: • It enables services to be used without any under-

standing of their infrastructure.• Cloud computing works using economies of scale:

It potentially lowers the outlay expense for start up companies, as they would no longer need to buy their own software or servers.

Cost would be by on-demand pricing. Vendors and Service providers claim costs by establish-

ing an on-going revenue stream.• Data and services are stored remotely but access-

ible from “anywhere”.

Opportunities and ChallengesThere has been backlash against cloud comput-ing:

• Use of cloud computing means dependence on others and that could possibly limit flexibility and innovation: The others are likely become the bigger Internet companies

like Google and IBM, who may monopolise the market. Some argue that this use of supercomputers is a return to

the time of mainframe computing that the PC was a reac-tion against.

• Security could prove to be a big issue: It is still unclear how safe out-sourced data is and when us-

ing these services ownership of data is not always clear.• There are also issues relating to policy and access:

If your data is stored abroad whose policy do you adhere to?

What happens if the remote server goes down? How will you then access files? There have been cases of users being locked out of ac-

counts and losing access to data.

Advantages of Cloud Computing

Lower computer costs:

• Do not need a high-powered and high-priced computer to run cloud computing's web-based applications.

• Since applications run in the cloud, not on the desktop PC, the desktop PC does not need the processing power or hard disk space de-manded by traditional desktop software.

Advantages of Cloud Computing

Reduced software costs:

• Instead of purchasing expensive software ap-plications

• better than paying for similar commercial soft-ware

Improved performance:

• With few large programs hogging the com-puter's memory, will see better performance from your PC.

• Computers in a cloud computing system boot and run faster because they have fewer pro-grams and processes loaded into memory…

Advantages of Cloud Computing

Easier group collaboration:• Sharing documents leads directly to better col-

laboration.• Many users do this as it is an important advan-

tages of cloud computing

Device independence. • You are no longer tethered to a single computer

or network. • Changes to computers, applications and docu-

ments follow you through the cloud. • Move to a portable device, and your applications

and documents are still available.

Disadvantages of Cloud ComputingRequires a constant Internet connection:• Cloud computing is impossible if cannot con-

nect to the Internet. • Since you use the Internet to connect to both

your applications and documents, if do not have an Internet connection you cannot ac-cess anything, even the own documents.

Does not work well with low-speed con-nections: • Similarly, a low-speed Internet connection,

such as that found with dial-up services, makes cloud computing painful at best and of-ten impossible.

• Web-based applications require a lot of band-width to download, as do large documents.

Disadvantages of Cloud Computing

Features might be limited:• This situation is bound to change, but today

many web-based applications simply are not as full-featured as their desktop-based applica-tions.For example, you can do a lot more with Microsoft PowerPoint than with Google Presentation's web-based offering

Can be slow:• Even with a fast connection, web-based applica-

tions can sometimes be slower than accessing a similar software program on the desktop PC.

• Everything about the program, from the inter-face to the current document, has to be sent back and forth from the computer to the com-puters in the cloud.

Stored data might not be secure:• With cloud computing, all your data is stored on

the cloud. The questions is How secure is the cloud?

• Can unauthorized users gain access to your con-fidential data?

Stored data can be lost:• Theoretically, data stored in the cloud is safe,

replicated across multiple machines. • But on the off chance that your data goes miss-

ing, you have no physical or local backup.

Disadvantages of Cloud Computing

Reference

http://www.nist.gov/index.htmlhttp://www.cloudsecurityalliance.orghttp://www.revistacloudcomputing.comhttp://www.ibm.com/co/services/cloud.phtml

C. Cachin, et al., "Trusting the cloud," SIGACT News, vol. 40, pp. 81-86, 2009.

R. G. Lennon, et al., "Best practices in cloud computing: designing for the cloud," presented at the Proceeding of the 24th ACM SIGPLAN con-ference companion on Object oriented programming systems lan-guages and applications, Orlando, Florida, USA, 2009.

Questions??