dr. marko vukolić...user-centric management of security and dependability in clouds of clouds this...

User-centric management of security and dependability in clouds of clouds

This project has received funding from

the European Union’s Horizon 2020

research and innovation programme

under grant agreement No 643964.

This work was supported (in part) by the

Swiss State Secretariat for Education,

Research and Innovation (SERI) under

contract number 15.0091.

Dr. Marko Vukolić

IBM Research - Zurich

Horizon Maths – Paris, December 14, 2015

http://www.google.at/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=ADpIDW9agx2lcM&tbnid=OT3-ZrXoySm6mM:&ved=0CAUQjRw&url=http://www.freiraum-europa.org/eu-projekt-silver-living.html&ei=mRWCUu-fFKSr0QXyhoFY&bvm=bv.56146854,d.bGE&psig=AFQjCNHzkx6swA-hA4KYh2Gjv5x8IWCdfQ&ust=1384343316040718


Provider-centric cloud

deficiencies

INTEROPERABILITY

Vendor lock-in

Different SLAs

UNIFIED CONTROL

Heterogeneous infrastructure services

Monolithic infrastructure

Technological choices

S

E

C

U

R

I

T

Y

User-centric management of security and dependability in clouds of clouds 2

Reality today: Provider-centric clouds

The Cloud as utility

Promise: high availability & security, energy efficiency, scalability, …

Feature-rich services: intrusion monitoring, elastic load balancing, …


How about User-Centric Clouds?

Customer Security Expectations for User-Centric Clouds


• Introduction

• Supercloud Healthcare Use Cases

• Supercloud High-level Architecture

• Quick Zoom into Multi-cloud Resilience

• Conclusion and Next Steps


Outline of the Talk


SUPERCLOUD Healthcare Use Cases

• Maxdata’s CLINIdATA® LIS - a healthcare laboratory information system

Management of the entire exam process

Pre-analytical: Prescription, Specimen Collection, Specimen Transport

Analytical: Exam realization, Quality Control, Medical Validation

Post-analytical: Access to exam results by patients & clinicians, Billing

• Philips Healthcare – Medical Imaging Platform

Cloud data storage and disaster recovery use case

Cloud data storage and processing use case

Distributed cloud data storage and processing use case

AnalysersOther Information

SystemsHealthcare

professionals

& Patients

SuperCloud


Maxdata’s CLINIdATA® LIS use case

• CLINIdATA® LIS is used by many different types of healthcare organizations

Large hospitals 8,000 users | 100 analysers | 25,000 exams per day

Small hospitals 200 users | 20 analysers | 1,500 exams per day

Large laboratories 1,200 users | 70 analysers | 25,000 exams per day

Small laboratories 20 users | 10 analysers | 500 exams per day

stores medical data along with other personal data

• Compliance requirements

Directive 95/46/EC and General Data Protection Regulation (GDPR) (starting 2017)

Location-awareness Users should be aware of the physical locations where data is stored

Location-control Users should be able to define the set of possible physical locations, at

country level, where users' data may be stored

Isolation between tenants (hospitals)


Maxdata’s CLINIdATA® LIS requirements

• Medical and personal data privacy

• Flexibility for Scalability / Security Clients may choose the security and scalability services they want (e.g., disaster

recovery, redundancy, load balancing, backup)

Storage availability, up to 99.999%

In hospitals, CLINIdATA RLIS is a critical application that needs to be constantly available in order to

ensure non-stop operation of various departments including the ER (emergency room)

Replying in < 1 sec to 1,000 service requests received per second

• Control over Architecture and Data

The user should be able to monitor actively its allocated resources, while enabling

a high level of customizability of the storage architecture and its services.

• QoS vs Cost Transparency Clients know what’s the cost and QoS of their options


Philips Healthcare – Medical Imaging Platform

• Cloud data storage and disaster recovery

Medical data privacy

Large volumes: 100+ tera-bytes, and kept at least for 10+ years

Data may not get tampered and must be complete and correct

Medical data may not cross certain legal country boundaries

Guaranteed cloud storage within certain countries

Distributed storage, across multiple cloud and countries, in a privacy

compliant manner

• Storage with processing use cases

Storage requirements

+ Image analysis capabilities

+ RBAC

+ Low latency of processing and access to data

+ Isolation per hospital group


Philips Healthcare – Medical Imaging Platform

• Distributed cloud data storage and processing

Patient data flows around hospitals for analytics, statistics, research, …

Storage and processing requirements

+ Identity management across clouds of healthcare professionals

+ Auditing across clouds of accessed patient data

+ Interoperability across user-clouds

+ Petabytes of data

• Introduction






Outline of the Talk


• Compute infrastructure: flexible&automated protection of resources

Vulnerabilities in complex infrastructure, mitigation of cross-layer attacks

Lack of flexibility and control in security management

Automation of security management

• Data management: unified experience for protecting data assets

Management of access rights, continuum between provider vs. user control

Traceability of information for accountability and privacy

High availability, fault and disaster tolerance, low latency

Privacy and secure data sharing

• Networking: resilient, secure, transparent virtual network connectivity

Resilient resource provisioning across heterogeneous cloud platforms

End-to-end inter-cloud network security with different security SLAs

Security Challenges


The 3 Supercloud Planes


Enabling User Clouds


Data Management Plane (logical architecture)


Data Management Plane (deployment mapping)


Maxdata Use Case - Architecture


Philips Use Case - Architecture

• Introduction






Outline of the Talk

• Flexibility

User-clouds will be able to choose the level of resilience

Modeling provider clouds as crash or Byzantine faulty

Supercloud resilience will offer both CFT and BFT

• BFT is (traditionally) very expensive

3t+1 data replicas to tolerate t faults

• In prior work we showed that separating control and data

plane helps reduce cost of BFT

3t+1 replicas only in the control plane

2t+1 replicas in the data plane (and only t+1 in the « common case »)

[Dobre et al. SoCC‘14, Cachin et al. SSS’14, Androulaki et al. OPODIS’14]


Multi-cloud resilience


SMR model CFT XFT BFT

Number of Nodes 2t+1 2t+1 3t+1

Tolerating Byzantine Nodes no yes yes

Performance Good (production) Practically as good as CFT Poor (compared to CFT)

Control plane fault-tolerance

• Control plane resilience relies on State Machine Replication (SMR)

Or Total-order broadcast

• Supercloud resilience (XFT control plane + BFT data plane)

Tolerating Byzantine clouds with only

t+1 control servers in the « critical path » (2t+1 control servers in tootal)

t+1 data replicas (+ additional t in the « worst case »)

• Introduction






Outline of the Talk


The SUPERCLOUD Project: Goals and Expected Results

Goal: a security management infrastructure for secure supercloud computing

Expected Results:

A security management infrastructure:

360°autonomic security supervision, horizontally and vertically for superclouds

A user-centric to provider-centric continuum of security services

End-to-end trust management

A data management framework:

Advanced cryptographic tools (e.g., access control, secure computation)

A resilience framework for multi-cloud storage infrastructures

A multi-cloud network management infrastructure:

Resilient virtual network provisioning across multiple clouds

Sanitized network environment with tunable security guarantees

Key take-aways

User-centric distributed clouds overcome provider-centric limitations

Secure Supercloud Computing enables to build such clouds

Security will be self-service, self-managed, end-to-end, and resilient

The SUPERCLOUD project is building this new security technology

Expected: increased trustworthy cloud services + customer experience

Next steps

SUPERCLOUD start: early February 2015

First use cases definition, 5 architecture deliverables finalized

Next: use case refinement, prototypes of SUPERCLOUD technology

Push into open source and standardization

https://supercloud-project.eu/


Conclusion and Next Steps

User-centric management of security and dependability in clouds of clouds

This project has received funding from

the European Union’s Horizon 2020

research and innovation programme

under grant agreement No 643964.

This work was supported (in part) by the

Swiss State Secretariat for Education,

Research and Innovation (SERI) under

contract number 15.0091.



dr. marko vukolić...user-centric management of security and dependability in clouds of clouds this...

Documents