Title: Lecture 7 Security in Cloud Computing
1Lecture 7Security in Cloud Computing
- Asst.Prof. Supakorn Kungpisdan, Ph.D.
- supakorn_at_mut.ac.th
2Subwaves within the information age
3Evolution of Cloud Computing
4Why Cloud?
- Cloud computing is a low-cost solution.
- Cloud computing offers responsiveness and
flexibility. - The IT expense matches the transaction volumes.
- Business users are in direct control of
technology decisions. - The line between home computing applications and
enterprise applications will blur.
5Sources of incremental IT spending growth
6Worldwide IT cloud services spending
7Evolution of Cloud Computing (cont.)
- ISP 1.0
- ISPs quickly proliferated to provide access to
the Internet for organizations and individuals. - These early ISPs merely provided Internet
connectivity for users and small businesses,
often over dial-up telephone service. - ISP2.0
- As access to the Internet became a commodity,
ISPs consolidated and searched for other
value-added services, such as providing access to
email and to servers at their facilities.
8Evolution of Cloud Computing (cont.)
- ISP3.0
- Colocation facilities specialized facilities for
hosting organizations (customers) servers,
along with the infrastructure to support them and
the applications running on them. - Those facilities are a type of data center where
multiple customers locate network, server, and
storage gear and interconnect to a variety of
telecommunications and other network service
provider(s) with a minimum of cost and
complexity.
9Evolution of Cloud Computing (cont.)
- ISP4.0
- As collocation facilities proliferated and became
commoditized, the next step in the evolution was
the formation of application service providers
(ASPs), which focused on a higher value-added
service of providing specialized applications for
organizations, and not just the computing
infrastructure. - ASPs typically owned and operated the software
application(s) they provided, as well as the
necessary infrastructure.
10Cloud Computing (ISP5.0)
- Although ASPs might appear similar to a service
delivery model of cloud computing that is
referred to as software-as-a-service (SaaS),
there is an important difference in how these
services are provided, and in the business model.
- Although ASPs usually provided services to
multiple customers (just as SaaS providers do
today), they did so through dedicated
infrastructures. - That is, each customer had its own dedicated
instance of an application, and that instance
usually ran on a dedicated host or server. - The important difference between SaaS providers
and ASPs is that SaaS providers offer access to
applications on a shared, not dedicated,
infrastructure.
11Cloud Computing Defined
Properties Descriptions
Multi-tenancy (shared resources) cloud computing is based on a business model in which resources are shared (i.e., multiple users use the same resource) at the network level, host level, and application level.
Massive scalability cloud computing provides the ability to scale to tens of thousands of systems, as well as the ability to massively scale bandwidth and storage space
Elasticity Users can rapidly increase and decrease their computing resources as needed, as well as release resources for other uses when they are no longer required.
Pay as you go Users pay for only the resources they actually use and for only the time they require them.
Self-provisioning of resources Users self-provision resources, such as additional systems (processing capability, software, storage) and network resources
12Attributes of Elasticity
13Notable Cloud Launches
14SPI Service Model
15Architecture for Relevant Technologies
16Cloud Services Delivery Model
17Cloud Deployment Model
- Private Clouds
- Public Clouds
- Hybrid Clouds
18Cloud Service Deployment Model
19Public Clouds
20Hybrid Clouds
21Key Drivers to Adopting Clouds
- Small Initial Investment and Low Ongoing Costs
- Economies of Scale
- Open Standards
- Sustainability
22Governance in the Cloud
23Barriers to Cloud Computing Adoption in the
Enterprise
- Security
- Privacy
- Connectivity and Open Access
- Reliability
- Interoperability
- Independence from CSPs
- Economic Value
- Changes in the IT Organization
- IT Governance
- Political Issues Due to Global Boundaries
24Complexity of security in cloud environment
25Security Issues in Service Models
- Security in SaaS
- Most enterprises are still uncomfortable with the
SaaS model due to lack of visibility about the
way their data is stored and secured. - Security in IaaS
- IaaS only provides basic security (perimeter
firewall, load balancing, etc.) and applications
moving into the cloud will need higher levels of
security provided at the host.
- Security in PaaS
- PaaS offers an integrated set of developer
environment that a developer can tap to build
their applications without having any clue about
what is going on underneath the service. - This can be helpful for a hacker to leverage the
PaaS cloud infrastructure for malware command and
control and go behind IaaS applications.
26Security for the SaaS Stack
27Security for the SaaS StackData Security
- In a traditional on-premise application
deployment model, sensitive data of each
enterprise continues to reside within the
enterprise boundary and is subject to its
physical, logical and personnel security and
access control policies. - In SaaS model, the enterprise data is stored
outside the enterprise boundary, at the SaaS
vendor end. - EC2 Administrators with a business need are
required to use their individual cryptographi-
cally strong Secure Shell (SSH) keys to gain
access to a host. All such accesses are logged
and routinely audited. - Data at rest in Simple Storage Service (S3) is
not encrypted by default, users can encrypt their
data before it is uploaded to Amazon S3, so that
it is not accessed or tampered with by any
unauthorized party.
28Possible Vulnerabilities in SaaS
- Cross-site scripting XSS
- Access control weaknesses
- OS and SQL injection flaws
- Cross-site request forgery CSRF
- Cookie manipulation
- Hidden field manipulation
- Insecure storage
- Insecure configuration
29Security for the SaaS StackNetwork Security
- Sensitive data is obtained from the enterprises,
processed by the SaaS application and stored at
the SaaS vendor end. - All data flow over the network needs to be
secured in order to prevent leakage of sensitive
information. - This involves the use of strong network traffic
encryption techniques such as Secure Socket Layer
(SSL) and the Transport Layer Security (TLS) for
security.
30Data Locality
- Customer does not know where the data is getting
stored. - Due to compliance and data privacy laws in
various countries, locality of data is of utmost
importance in many enterprise architecture. - In many EU and South America countries, certain
types of data cannot leave the country because of
potentially sensitive information. - A secure SaaS model must be capable of providing
reliability to the customer on the location of
the data of the consumer.
31Data Integrity
- Each SaaS application may have different levels
of availability and SLA (service-level
agreement), which further complicates management
of transactions and data integrity across
multiple SaaS applications. - The lack of integrity controls at the data level
(or, in the case of existing integrity controls,
bypassing the application logic to access the
database directly) could result in problems.
32Data Segregation
- data of various users will reside at the same
location. Intrusion of data of one user by
another becomes possible in this environment. - A SaaS model should therefore ensure a clear
boundary for each users data. - The boundary must be ensured not only at the
physical level but also at the application level. - Possible Attacks include SQL injection flaws,
Data validation, and Insecure storage.
33Data Access
- The SaaS model must be flexible enough to
incorporate the specific policies put forward by
the organization. - The model must also be able to provide
organizational boundary within the cloud because
multiple organization will be deploying their
business processes within a single cloud
environment.
34Authentication and Authorization
- With SaaS, the software is hosted outside of the
corporate firewall. - Many a times user credentials are stored in the
SaaS providers databases and not as part of the
corporate IT infrastructure. - This means SaaS customers must remember to
remove/disable accounts as employees leave the
company and create/enable accounts as come
onboard.
35Vulnerabilities in Virtualization
- Some vulnerability has been found in all
virtualization software which can be exploited by
malicious, local users to bypass certain security
restrictions or gain privileges. - For example, the vulnerability of Microsoft
Virtual PC and Microsoft Virtual Server could
allow a guest operating system user to run code
on the host or another guest operating system. - Vulnerability in Virtual PC and Virtual Server
could allow elevation of privilege.
36Availability
- A multi-tier architecture needs to be adopted,
supported by a load-balanced farm of application
instances, running on a variable number of
servers. - Resiliency to hardware/software failures, as well
as to denial of service attacks, needs to be
built from the ground up within the application.
37Backups
- The SaaS vendor needs to ensure that all
sensitive enterprise data is regularly backed up
to facilitate quick recovery in case of
disasters. - The use of strong encryption schemes to protect
the backup data is recommended - In the case of cloud vendors such as Amazon, the
data at rest in S3 is not encrypted by default.
The users need to separately encrypt their data
and backups so that it cannot be accessed or
tampered with by unauthorized parties.
38Identity Management
39Security in PaaS
- Provider might give some control to the people to
build applications on top of the platform. - But any security below the application level such
as host and network intrusion prevention will
still be in the scope of the provider and the
provider has to offer strong assurances that the
data remains inaccessible between applications. - PaaS is intended to enable developers to build
their own applications on top of the platform.
40Security in PaaS (cont.)
- Hackers are likely to attack visible code,
including but not limited to code running in user
context. - They are likely to attack the infrastructure and
perform extensive black box testing. - The vulnerabilities of cloud are not only
associated with the web applications but also
vulnerabilities associated with the
machine-to-machine Service-Oriented Architecture
(SOA) applications, which are increasingly being
deployed in the cloud.
41Security Issues in IaaS
- With IaaS the developer has better control over
the security as long as there is no security hole
in the virtualization manager. - The security responsibilities of both the
provider and the consumer greatly differ between
cloud service models. - Amazons EC2 infrastructure as a service offering
includes vendor responsibility for security up to
the hypervisor, meaning they can only address
security controls such as physical security,
environmental security, and virtualization
security. - The consumer, in turn, is responsible for the
security controls that relate to the IT system
including the OS, applications and data
42Security Management and Monitoring Scope
43ITIL Life Cycle in Enterprise
44Security Management in Clouds
- Availability management (ITIL)
- Access control (ISO/IEC 27002, ITIL)
- Vulnerability management (ISO/IEC 27002)
- Patch management (ITIL)
- Configuration management (ITIL)
- Incident response (ISO/IEC 27002)
- System use and access monitoring (ISO/IEC 27002)
45Security-as-a-Service
- Email filtering (including backup, archival, and
e-discovery) - Web content filtering vulnerability management
- Identity-as-a-service (spelled as IDaaS).
46Email Filtering
- SaaS for email primarily involves cleansing spam,
phishing emails, and malware included in email
from an organizations incoming email stream, and
then delivering that clean email securely to the
organization so that it is effectively not
repolluted. - Not only more comprehensive security for clients
due to the use of multiple engines, but also
better performance of those client devices
(because the anti-malware runs in the cloud and
not on the endpoint directly), as well as far
better anti-malware management. - Provide email encryption, SSL tunnel between
email servers, backups and recovery
47Web Content Filtering
48Vulnerability Management
- Discover, prioritize, and assess systems for
vulnerabilities, and then report and remediate
those vulnerabilities and verify the systems
secure operation. - Monitor for and report on compliance with some
regulatory requirements (e.g., the Payment Card
Industrys Data Security Standard).
49Identity Management-As-a-Service
50Questions?