lecture 7 security in cloud computing asst.prof. supakorn kungpisdan, ph.d. [email protected]

Lecture 7Security in Cloud ComputingAsst.Prof. Supakorn Kungpisdan, Ph.D.

[email protected]

Subwaves within the information age

NETE4630 Advanced Network Security and Implementation

2

Evolution of Cloud Computing


3

Why Cloud?

Cloud computing is a low-cost solution.

Cloud computing offers responsiveness and flexibility.

The IT expense matches the transaction volumes.

Business users are in direct control of technology decisions.

The line between home computing applications and enterprise applications will blur.


4

Sources of incremental IT spending growth


5

Worldwide IT cloud services spending


6

Evolution of Cloud Computing (cont.)

ISP 1.0 ISPs quickly proliferated to provide access to the Internet

for organizations and individuals. These early ISPs merely provided Internet connectivity for

users and small businesses, often over dial-up telephone service.

ISP2.0 As access to the Internet became a commodity, ISPs consolidated

and searched for other value-added services, such as providing access to email and to servers at their facilities.


7


ISP3.0 Colocation facilities: specialized facilities for hosting

organizations’ (customers’) servers, along with the infrastructure to support them and the applications running on them.

Those facilities are “a type of data center where multiple customers locate network, server, and storage gear and interconnect to a variety of telecommunications and other network service provider(s) with a minimum of cost and complexity.”


8


ISP4.0 As collocation facilities proliferated and became

commoditized, the next step in the evolution was the formation of application service providers (ASPs), which focused on a higher value-added service of providing specialized applications for organizations, and not just the computing infrastructure.

ASPs typically owned and operated the software application(s) they provided, as well as the necessary infrastructure.


9

Cloud Computing (ISP5.0)

Although ASPs might appear similar to a service delivery model of cloud computing that is referred to as software-as-a-service (SaaS), there is an important difference in how these services are provided, and in the business model.

Although ASPs usually provided services to multiple customers (just as SaaS providers do today), they did so through dedicated infrastructures.

That is, each customer had its own dedicated instance of an application, and that instance usually ran on a dedicated host or server.

The important difference between SaaS providers and ASPs is that SaaS providers offer access to applications on a shared, not dedicated, infrastructure.


10

Cloud Computing Defined

Properties Descriptions

Multi-tenancy (shared resources)

cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level, and application level.

Massive scalability

cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space

Elasticity Users can rapidly increase and decrease their computing resources as needed, as well as release resources for other uses when they are no longer required.

Pay as you go Users pay for only the resources they actually use and for only the time they require them.

Self-provisioning of resources

Users self-provision resources, such as additional systems (processing capability, software, storage) and network resources


11

Attributes of Elasticity


12

Notable Cloud Launches


13

SPI Service Model


14

Architecture for Relevant Technologies


15

Cloud Services Delivery Model


16

Cloud Deployment Model

Private Clouds

Public Clouds

Hybrid Clouds


17

Cloud Service Deployment Model


18

Public Clouds


19

Hybrid Clouds


20

Key Drivers to Adopting Clouds

Small Initial Investment and Low Ongoing Costs

Economies of Scale

Open Standards

Sustainability


21

Governance in the Cloud


22

Barriers to Cloud Computing Adoption in the Enterprise

Security

Privacy

Connectivity and Open Access

Reliability

Interoperability

Independence from CSPs

Economic Value

Changes in the IT Organization

IT Governance

Political Issues Due to Global Boundaries


23

Complexity of security in cloud environment


24

Security Issues in Service Models

Security in SaaS Most enterprises are still

uncomfortable with the SaaS model due to lack of visibility about the way their data is stored and secured.

Security in IaaS IaaS only provides basic

security (perimeter firewall, load balancing, etc.) and applications moving into the cloud will need higher levels of security provided at the host.

Security in PaaS PaaS offers an integrated

set of developer environment that a developer can tap to build their applications without having any clue about what is going on underneath the service.

This can be helpful for a hacker to leverage the PaaS cloud infrastructure for malware command and control and go behind IaaS applications.


25

Security for the SaaS Stack


26

Security for the SaaS StackData Security

In a traditional on-premise application deployment model, sensitive data of each enterprise continues to reside within the enterprise boundary and is subject to its physical, logical and personnel security and access control policies.

In SaaS model, the enterprise data is stored outside the enterprise boundary, at the SaaS vendor end.

EC2 Administrators with a business need are required to use their individual cryptographi- cally strong Secure Shell (SSH) keys to gain access to a host. All such accesses are logged and routinely audited.

Data at rest in Simple Storage Service (S3) is not encrypted by default, users can encrypt their data before it is uploaded to Amazon S3, so that it is not accessed or tampered with by any unauthorized party.


27

Possible Vulnerabilities in SaaS

Cross-site scripting [XSS]

Access control weaknesses

OS and SQL injection flaws

Cross-site request forgery [CSRF]

Cookie manipulation

Hidden field manipulation

Insecure storage

Insecure configuration


28

Security for the SaaS StackNetwork Security

Sensitive data is obtained from the enterprises, processed by the SaaS application and stored at the SaaS vendor end.

All data flow over the network needs to be secured in order to prevent leakage of sensitive information.

This involves the use of strong network traffic encryption techniques such as Secure Socket Layer (SSL) and the Transport Layer Security (TLS) for security.


29

Data Locality

Customer does not know where the data is getting stored.

Due to compliance and data privacy laws in various countries, locality of data is of utmost importance in many enterprise architecture.

In many EU and South America countries, certain types of data cannot leave the country because of potentially sensitive information.

A secure SaaS model must be capable of providing reliability to the customer on the location of the data of the consumer.


30

Data Integrity

Each SaaS application may have different levels of availability and SLA (service-level agreement), which further complicates management of transactions and data integrity across multiple SaaS applications.

The lack of integrity controls at the data level (or, in the case of existing integrity controls, bypassing the application logic to access the database directly) could result in problems.


31

Data Segregation

data of various users will reside at the same location. Intrusion of data of one user by another becomes possible in this environment.

A SaaS model should therefore ensure a clear boundary for each user’s data.

The boundary must be ensured not only at the physical level but also at the application level.

Possible Attacks include SQL injection flaws, Data validation, and Insecure storage.


32

Data Access

The SaaS model must be flexible enough to incorporate the specific policies put forward by the organization.

The model must also be able to provide organizational boundary within the cloud because multiple organization will be deploying their business processes within a single cloud environment.


33

Authentication and Authorization

With SaaS, the software is hosted outside of the corporate firewall.

Many a times user credentials are stored in the SaaS providers’ databases and not as part of the corporate IT infrastructure.

This means SaaS customers must remember to remove/disable accounts as employees leave the company and create/enable accounts as come onboard.


34

Vulnerabilities in Virtualization

Some vulnerability has been found in all virtualization software which can be exploited by malicious, local users to bypass certain security restrictions or gain privileges.

For example, the vulnerability of Microsoft Virtual PC and Microsoft Virtual Server could allow a guest operating system user to run code on the host or another guest operating system.

Vulnerability in Virtual PC and Virtual Server could allow elevation of privilege.


35

Availability

A multi-tier architecture needs to be adopted, supported by a load-balanced farm of application instances, running on a variable number of servers.

Resiliency to hardware/software failures, as well as to denial of service attacks, needs to be built from the ground up within the application.


36

Backups

The SaaS vendor needs to ensure that all sensitive enterprise data is regularly backed up to facilitate quick recovery in case of disasters.

The use of strong encryption schemes to protect the backup data is recommended

In the case of cloud vendors such as Amazon, the data at rest in S3 is not encrypted by default. The users need to separately encrypt their data and backups so that it cannot be accessed or tampered with by unauthorized parties.


37

Identity Management


38

Security in PaaS

Provider might give some control to the people to build applications on top of the platform.

But any security below the application level such as host and network intrusion prevention will still be in the scope of the provider and the provider has to offer strong assurances that the data remains inaccessible between applications.

PaaS is intended to enable developers to build their own applications on top of the platform.


39

Security in PaaS (cont.)

Hackers are likely to attack visible code, including but not limited to code running in user context.

They are likely to attack the infrastructure and perform extensive black box testing.

The vulnerabilities of cloud are not only associated with the web applications but also vulnerabilities associated with the machine-to-machine Service-Oriented Architecture (SOA) applications, which are increasingly being deployed in the cloud.


40

Security Issues in IaaS

With IaaS the developer has better control over the security as long as there is no security hole in the virtualization manager.

The security responsibilities of both the provider and the consumer greatly differ between cloud service models.

Amazon’s EC2 infrastructure as a service offering includes vendor responsibility for security up to the hypervisor, meaning they can only address security controls such as physical security, environmental security, and virtualization security.

The consumer, in turn, is responsible for the security controls that relate to the IT system including the OS, applications and data


41

Security Management and Monitoring Scope


42

ITIL Life Cycle in Enterprise


43

Security Management in Clouds

Availability management (ITIL)

Access control (ISO/IEC 27002, ITIL)

Vulnerability management (ISO/IEC 27002)

Patch management (ITIL)

Configuration management (ITIL)

Incident response (ISO/IEC 27002)

System use and access monitoring (ISO/IEC 27002)


44

Security-as-a-Service

Email filtering (including backup, archival, and e-discovery)

Web content filtering; vulnerability management

Identity-as-a-service (spelled as IDaaS).


45

Email Filtering

SaaS for email primarily involves cleansing spam, phishing emails, and malware included in email from an organization’s incoming email stream, and then delivering that clean email securely to the organization so that it is effectively not repolluted.

Not only more comprehensive security for clients due to the use of multiple engines, but also better performance of those client devices (because the anti-malware runs in the cloud and not on the endpoint directly), as well as far better anti-malware management.

Provide email encryption, SSL tunnel between email servers, backups and recovery


46

Web Content Filtering


47

Vulnerability Management

Discover, prioritize, and assess systems for vulnerabilities, and then report and remediate those vulnerabilities and verify the systems’ secure operation.

Monitor for and report on compliance with some regulatory requirements (e.g., the Payment Card Industry’s Data Security Standard).


48

Identity Management-As-a-Service


49

Questions?


lecture 7 security in cloud computing asst.prof. supakorn kungpisdan, ph.d. [email protected]

Documents

network service providers

computing infrastructure

implementationwhy cloud

cloud computingasst

home computing applications

service saas

specialized facilities

specialized applications