security and high availability in cloud computing environments ?· availability in cloud computing...

Download Security and high availability in cloud computing environments ?· availability in cloud computing environments…

Post on 29-Aug-2018




0 download

Embed Size (px)


  • IBM Global Technology ServicesTechnical White Paper

    June 2011

    Security and highavailability in cloudcomputing environments

    Executive summaryCloud computing has become an increasingly popular means of deliver-ing valuable, IT-enabled business services. Adopting cloud technology can be an affordable way to get access to a dynamically scalable, virtual-ized computing environment. Optimal IT hardware, software, expertiseand infrastructure management resources that may not otherwise beavailable from a cost perspective can be rapidly deployed and easily scaled.Processes, applications and services can be available on demand, regard-less of the user location or device. The cloud provider is responsible forthe environment, so organizations can make use of resources for shortperiods of time without having to maintain the environment when it isnot being used.

    While cloud computing models are attractive because of their flexibilityand cost effectiveness, certain challenges must be addressed in order toprovide a viable option to traditional data services. First and foremost isthe issue of security. The externalized aspect of outsourcing can make itharder to maintain data integrity and privacy, support data and serviceavailability, demonstrate compliance, and secure highly available access toapplications and information. In short, cloud computing can present anadded level of risk.

    Organizations must therefore establish trust relationships with their cloudcomputing providers and understand risk in terms of how these providersimplement, deploy, and manage security on their behalf. Whether deliv-ered as part of the service or as specific components added in, your cloudprovider should address the fundamentals of security and risk manage-ment through a comprehensive approach.


    2 Cloud computingoverviewand benefits

    3 Cloud computing and security

    4 Using the business-drivenIBM Security Framework

    7 IBM SmartCloud Enterprise

    10 Addressing high availability

  • 2

    IBM Global Technology Services June 2011Technical White Paper

    This white paper discusses security and availability-related challenges in cloud computing environments. In particular, thepaper introduces the business-driven IBM Security Frameworkand how it can be leveraged to address cloud security in a moreholistic approach. The paper also takes a closer look at theshared security responsibilities that exist between consumer and provider. Finally, the paper investigates high availabilityconcerns and demonstrates how to help improve the resilienceof your virtual servers in a cloud computing environment.

    Cloud computingoverview and benefitsEach type of cloud computing modelpublic, private orhybridfaces different levels of IT risk. In the private clouddelivery model, the cloud owner does not share resources withany other company. Private clouds are owned and operated by asingle organization, delivering IT services within the constraintsof their own network perimeter.

    In the public cloud computing model, IT activities and functions are provided as a service that can be billed on a pay-per-use or subscription basis via the Internet from externalsuppliers, using resources not owned by the consumer. Thesharing of IT resources in a public, multitenant environmentcan help improve utilization rates and can reduce costs signifi-cantly while maintaining access to high quality technology. In apublic cloud, an organization rents IT resources instead of hav-ing to invest in their own physical IT infrastructure or maintainunder-utilized equipment to service peak loads. Instead, theycan scale usage up or down, according to need, with costsdirectly proportional to need.

    Many organizations embrace both public and private cloudcomputing by integrating the two models into hybrid clouds.These hybrids are designed to meet specific business and tech-nology requirements, so that activities and tasks are allocated to traditional IT, external or internal clouds, as appropriate,helping to optimize security and privacy with a minimuminvestment in fixed IT costs.

    In addition to the different cloud computing models, there aredistinctions among the most common cloud service models asshown in Figure 1. Available to anyone with Internet access,cloud service models include:

    Software as a Service (SaaS) cloud modelEnables softwareto be delivered from a host source over a network as opposedto installations or implementations

    Platform as a Service (PaaS) cloud modelEnables operatingsystems and middleware services to be delivered from a man-aged source over a network

    Infrastructure as a Service (IaaS) cloud modelEnables theentire infrastructure to be delivered as a service over a net-work, including storage, routers, virtual systems, hardwareand servers.

    In this paper we will focus on the IaaS cloud computing models.

    Figure 1. Cloud computing models

    Software as a Service











    Platform as a Service

    Middleware Database

    Web 2.0 ApplicationRuntime



    Infrastructure as a Service


    Networking Storage

    Data CenterFabric

  • 3

    IBM Global Technology Services June 2011Technical White Paper

    Cloud computing and security: the grandchallengeAlthough cloud computing can shift some control over data andoperations from the client organization to its cloud providermuch in the same way organizations entrust part of their IToperations to outsourcing companiesoperating a securecloud-based IT environment is, after all, a shared responsibility.Even basic tasks, such as applying patches and configuring net-work security, are the responsibility of both the cloud serviceprovider and consumer. Let us examine an example for bothpublic and private cloud.

    In an IaaS model it is the cloud providers responsibility to offera number of pre-configured virtual machines that constantlyhave to be kept updated with the latest security patches. Whenclients provision the virtual machines, they have to trust thecloud provider to deliver secure systems. The clients do nothave access to the hypervisor layerthe underlying operatingsystem that manages one or more virtual machines that run ona physical machinewhich typically does not share the virtualnetwork segment with any of the other hosted virtual machinesto avoid network-based intrusions. The cloud provider may also separately offer an optional virtual private network (VPN)capability so that the client can help ensure a protected networkthat is not directly visible for Internet-based attackers. It is theclients responsibility to maintain the patch level for all provi-sioned virtual machines after the initial deployment as well as aproperly configured VPN to shield their valuable data andinfrastructure. If a client, however, chooses to refrain from purchasing a VPN option or does not patch any of their web-facing virtual machines, the machines can be vulnerable.

    If an organization decides to implement these mechanisms in aprivate cloud using their internal IT department, they will relyon their business policies to govern aspects like data confiden-tiality, access control to applications and systems, and so on.

    Employees will be entrusted to handle the IT infrastructurebecause they are recertified against the business policies on aregular basis. In this environment organizations have to dealwith the risk of unauthorized privileged user access, data lossprevention, malicious intrusions and unintentional user errors.They also have to observe and comply with internal or regula-tory guidelines.

    If the organization decides to implement these mechanisms in apublic cloud using the cloud provider discussed in the exampleabove, they will rely on written business agreements to governthe exact same aspects, as explained in the private cloud exam-ple. They also have to deal with the same risks and comply withthe same internal or regulatory guidelines.

    To implement this or a similar cloud-based approach, organiza-tions must establish trust relationships with their providers and understand the risk in terms of how these providers implement, deploy and manage security on their behalf. Thistrust-but-verify relationship between cloud service providersand consumers is critical because the cloud service consumer isstill ultimately responsible for compliance and protection oftheir critical data, even if that workload moves to the cloud.

    Other aspects about cloud computing also require a majorreassessment of security and risk. Inside the cloud, it is oftendifficult to physically locate where data is stored. Securityprocesses that were once visible are now hidden behind layersof abstraction. This lack of visibility can create a number ofsecurity and compliance issues and may prohibit certain IT usecases to be implemented using a strictly public cloud environ-ment. Clients need to ensure that they can select a physicallocation even for a public cloud deployment, and that contractsare in place to guarantee localized data storage.

  • 4

    IBM Global Technology Services June 2011Technical White Paper

    In addition, the massive sharing of infrastructure with cloudcomputing creates a significant difference between cloud secu-rity and security in a more traditional IT environments. Usersspanning different corporations and trust levels often interactwith the same set of computing resources. At the same time,workload balancing, changing service level agreements andother aspects of todays dynamic IT environments create evenmore opportunities for misconfiguration, data compromise andmalicious conduct.

    Infrastructure sharing calls for a high degree of standardizedand


View more >