Trusted Clouds

Dr. Zahid Anwar Trusted Computing MS-CCS-3 Credits: 3 0 Spring 2011 Dr. Zahid Anwar

What is Cloud Computing?

Lets hear from the experts

2

What is Cloud Computing?

The infinite wisdom of the crowds (via Google Suggest)

3

What is Cloud Computing?

Weve redefined Cloud Computing to include everything that we already do. . . . I dont understand what we would do differently in the light of Cloud Computing other than change the wording of some of our ads.

Larry Ellison, founder of Oracle

4

What is Cloud Computing?

Its stupidity. Its worse than stupidity: its a marketing hype campaign

Richard Stallman GNU

5

What is Cloud Computing?

Cloud Computing will become a focal point of our work in security. Im optimistic

Ron Rivest The R of RSA

6

Tremendous Buzz
Not only is it faster and more flexible, it is cheaper. [] the emergence of cloud models radically alters the cost benefit decision
(FT Mar 6, 2009)

Cloud computing achieves a

quicker return on investment

(Lindsay Armstrong of salesforce.com, Dec 2008)

Economic downturn, the appeal of that cost advantage will be greatly magnified"
(IDC, 2008)

Revolution, the biggest upheaval since the invention of the PC in the 1970s [] IT departments will have little left to do once the bulk of business computing shifts [] into the cloud
(Nicholas Carr, 2008)

No less influential than ebusiness

(Gartner, 2008)

The economics are compelling, with business applications made three to five times cheaper and

consumer applications five to 10 times cheaper

(Merrill Lynch, May, 2008)

So, What really is Cloud Computing?

Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with
Infinite and elastic resource scalability On demand just-in-time provisioning No upfront cost pay-as-you-go
That is, use as much or as less you need, use only when you want, and pay only what you use,

The real story

Computing Utility holy grail of computer science in the 1960s. Code name: MULTICS

Why it failed?
Ahead of time lack of communication tech.
(In other words, there was NO (public) Internet)

And personal computer became cheaper and stronger

The real story

Mid to late 90s, Grid computing was proposed to link and share computing resources

10

The real story continued

Post-dot-com bust, big companies ended up with large data centers, with low utilization

Solution: Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computing was born
11

Cloud computing provides numerous economic advantages

For clients:
No upfront commitment in buying/leasing hardware Can scale usage according to demand Barriers to entry lowered for startups

For providers:
Increased utilization of datacenter resources

12

Delivery Models
Software as a Service (SaaS)
Use providers applications over a network SalesForce.com

Platform as a Service (PaaS)

Deploy customer-created applications to a cloud AppEng

Infrastructure as a Service (IaaS)

Rent processing, storage, network capacity, and other fundamental computing resources EC2, S3

13

Cloud computing means selling X as a service

IaaS: Infrastructure as a Service
Selling virtualized hardware

PaaS: Platform as a service

Access to a configurable platform/API

SaaS: Software as a service

Software that runs on top of a cloud
14

Cloud computing architecture

e.g., Web browser SaaS , e.g., Google Docs

PaaS, e.g., Google AppEngine

IaaS, e.g., Amazon EC2

15

Different types of cloud computing

IaaS PaaS

Amazon EC2 Clients can rent virtualized hardware, can control the software stack on the rented machines

Microsoft Azure Clients can choose languages, but cant change the operating system or runtime

Google AppEngine Provides a programmable platform that can scale easily

16

So, if cloud computing is so great, why arent everyone doing it?

Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks

17

Companies are still afraid to use clouds

[Chow09ccsw]
18

Anatomy of fear
Confidentiality
Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) Will the cloud provider itself be honest and wont peek into the data?

19

Anatomy of fear
Integrity
How do I know that the cloud provider is doing the computations correctly? How do I ensure that the cloud provider really stored my data without tampering with it?

20

Anatomy of fear
Availability
Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? What happens if cloud provider goes out of business?

21

Anatomy of fear
Privacy issues raised via massive data mining
Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients

22

Anatomy of fear
Increased attack surface
Entity outside the organization now stores and computes data, and so Attackers can now target the communication link between cloud provider and client Cloud provider employees can be phished

23

Anatomy of fear
Auditability and forensics
Difficult to audit data held outside organization in a cloud Forensics also made difficult since now clients dont maintain data locally

24

Anatomy of fear
Legal quagmire and transitive trust issues
Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? If cloud provider subcontracts to third party clouds, will the data still be secure?

25

Recall: Cloud Architecture

Client SaaS / PaaS Provider

Cloud Provider (IaaS)

26

Attackers

27

Who is the attacker?

Insider?
Malicious employees at client Malicious employees at Cloud provider Cloud provider itself

Outsider?
Intruders Network attackers?

28

Attacker Capability: Malicious Insiders

At client
Learn passwords/authentication information Gain control of the VMs

At cloud provider
Log client communication

29

Attacker Capability: Cloud Provider

What?
Can read unencrypted data Can possibly peek into VMs, or make copies of VMs Can monitor network communication, application patterns

30

Attacker motivation: Cloud Provider

Why?
Gain information about client data Gain information on client behavior Sell the information or use itself

Why not?
Cheaper to be honest?

Why? (again)
Third party clouds?
31

Attacker Capability: Outside attacker

What?
Listen to network traffic (passive) Insert malicious traffic (active) Probe cloud structure (active) Launch DoS

32

Attacker goals: Outside attackers

Intrusion Network analysis Man in the middle Cartography
33

What we need is to
Adapt well known techniques for resolving some cloud security issues Perform new research and innovate to make clouds secure

34

Final quote
[Cloud Computing] is a security nightmare and it can't be handled in traditional ways.

John Chambers CISCO CEO

35

An Open-source Software Infrastructure for Cloud Computing

Eucalyptus Systems Inc. 805-845-8000 www.eucalyptus.com

Whats in a name?
Elastic Utility Computing Architecture Linking Your Programs To Useful Systems Web services based implementation of elastic/utility/cloud computing infrastructure Linux image hosting ala Amazon How do we know if it is a cloud? Try and emulate an existing cloud: Amazon AWS Functions as a software overlay Existing installation should not be violated (too much) Focus on installation and maintenance System Administrators are people too.

Architecture
Client-side Interface (via network)

Client-side API Translator

Cloud Controller
Cluster Controller

Database

Walrus (S3) Node Controller

Further Reading
Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing, UC Berkeley Tech Report UCB/EECS-2009-28, February 2009. Chow et al., Cloud Computing: Outsourcing Computation without Outsourcing Control, 1st ACM Cloud Computing Security Workshop, November 2009.

39