The Cloud Computing

Paradigm
Hassan Takabi
LERSAIS @ SIS @ PITT
01-27-2011

Agenda
• Understanding Cloud Computing
• Cloud Computing Security
• Secure Cloud Migration Paths
• Foundational Elements of Cloud
Computing
• Cloud Computing Case Studies and
Security Models

2

Understanding Cloud Computing

3

Origin of the term “Cloud
Computing”
• “Comes from the early days of the Internet where we
drew the network as a cloud… we didn’t care where
the messages went… the cloud hid it from us” – Kevin
Marks, Google
• First cloud around networking (TCP/IP abstraction)
• Second cloud around documents (WWW data
abstraction)
• The emerging cloud abstracts infrastructure
complexities of servers, applications, data, and
heterogeneous platforms
– (“muck” as Amazon’s CEO Jeff Bezos calls it)

4

. and four deployment models. and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. 5 . servers. on-demand network access to a shared pool of configurable computing resources (e. A Working Definition of Cloud Computing • Cloud computing is a model for enabling convenient. three service models. networks. • This cloud model promotes availability and is composed of five essential characteristics.g. applications. storage.

PDA. mobile phone 6 . laptop.Essential Cloud Characteristics • On-demand self-service – Get computing capabilities as needed automatically • Broad network access – Services available over the net using desktop.

optimize services based on metering 7 . Essential Cloud Characteristics (Cont.) • Resource pooling – Location independence – Provider resources pooled to server multiple clients • Rapid elasticity – Ability to quickly scale in/out service • Measured service – control.

servers. storage or applications • Cloud Platform as a Service (PaaS) – Users deploy their applications on a cloud – Users control their apps – Users don’t manage servers. OS. Cloud Service Models • Cloud Software as a Service (SaaS) – Use provider’s applications over a network – User doesn’t manage or control the network. IS. storage 8 .

apps. storage. network capacity. Cloud Service Models (Cont. storage. and other fundamental computing resources – Consumers gets access to the infrastructure to deploy their stuff – Don’t manage or control the infrastructure – Do manage or control the OS.) • Cloud Infrastructure as a Service (IaaS) – Rent processing. selected network components • To be considered “cloud” they must be deployed on top of cloud infrastructure that has the key characteristics 9 .

Service Model Architectures 10 .

Cloud Deployment Models • Private cloud – single org only. – on or off premise • Community cloud – shared infrastructure for specific community – several orgs that have shared concerns. – managed by the org or a 3rd party. – managed by org or a 3rd party 11 .

Cloud Deployment Models (Cont.) • Public cloud – Sold to the public. mega-scale infrastructure – available to the general public • Hybrid cloud – composition of two or more clouds – bound by standard or proprietary technology 12 .

Common Cloud Characteristics • Cloud computing often leverages: – Massive scale – Homogeneity – Virtualization – Resilient computing – Low cost software – Geographic distribution – Service orientation – Advanced security technologies 13 .

The NIST Cloud Definition Framework Hybrid Clouds Deployment Privat Community Public Models e Cloud Cloud Cloud Service Software as a Platform as a Infrastructure as Models Service (SaaS) Service (PaaS) a Service (IaaS) On Demand Self-Service Essential Broad Network Access Rapid Elasticity Characteristics Resource Pooling Measured Service Massive Scale Resilient Computing Common Homogeneity Geographic Distribution Characteristics Virtualization Service Orientation Low Cost Software Advanced Security 14 .

Cloud Computing Security 15 .

Security is the Major Issue 16 .

General Security Advantages • Shifting public data to a external cloud reduces the exposure of the internal sensitive data • Cloud homogeneity makes security auditing/testing simpler • Clouds enable automated security management • Redundancy / Disaster Recovery 17 .

General Security Challenges • Trusting vendor’s security model • Customer inability to respond to audit findings • Obtaining support for investigations • Indirect administrator accountability • Proprietary implementations can’t be examined • Loss of physical control 18 .

Security Relevant Cloud Components • Cloud Provisioning Services • Cloud Data Storage Services • Cloud Processing Infrastructure • Cloud Support Services • Cloud Network and Perimeter Security • Elastic Elements: Storage. Processing. and Virtual Networks 19 .

Provisioning Service • Advantages – Rapid reconstitution of services – Enables availability • Provision in multiple data centers / multiple instances – Advanced honey net capabilities • Challenges – Impact of compromising the provisioning service 20 .

Data Storage Services • Advantages – Data fragmentation and dispersal – Automated replication – Provision of data zones (e. by country) – Encryption at rest and in transit – Automated data retention • Challenges – Isolation management / data multi-tenancy – Storage controller • Single point of failure / compromise? – Exposure of data to foreign governments 21 .g..

Cloud Processing Infrastructure • Advantages – Ability to secure masters and push out secure images • Challenges – Application multi-tenancy – Reliance on hypervisors – Process isolation / Application sandboxes 22 .

logging. authentication.g. firewalls…) • Challenges – Additional risk when integrated with customer applications – Needs certification and accreditation as a separate application – Code updates 23 . Cloud Support Services • Advantages – On demand security controls (e..

firewall. Cloud Network and Perimeter Security • Advantages – Distributed denial of service protection – VLAN capabilities – Perimeter security (IDS. authentication) • Challenges – Virtual zoning with application mobility 24 .

Cloud Security Advantages • Data Fragmentation and Dispersal • Dedicated Security Team • Greater Investment in Security Infrastructure • Fault Tolerance and Reliability • Greater Resiliency • Hypervisor Protection Against Network Attacks • Possible Reduction of C&A Activities (Access to Pre-Accredited Clouds) 25 .

Cloud Security Advantages (Cont.) • Simplification of Compliance Analysis • Data Held by Unbiased Party (cloud vendor assertion) • Low-Cost Disaster Recovery and Data Storage Solutions • On-Demand Security Controls • Real-Time Detection of System Tampering • Rapid Re-Constitution of Services • Advanced Honeynet Capabilities 26 .

Cloud Security Challenges • Data dispersal and international privacy laws – EU Data Protection Directive and U.S. Safe Harbor program – Exposure of data to foreign government and data subpoenas – Data retention issues • Need for isolation management • Multi-tenancy • Logging challenges • Data ownership issues • Quality of service guarantees 27 .

Cloud Security Challenges (Cont.) • Dependence on secure hypervisors • Attraction to hackers (high value target) • Security of virtual OSs in the cloud • Possibility for massive outages • Encryption needs for cloud computing – Encrypting access to the cloud resource control interface – Encrypting administrative access to OS instances – Encrypting access to applications – Encrypting application data at rest • Public cloud vs internal cloud security • Lack of public SaaS version control 28 .

Additional Issues • Issues with moving PII and sensitive data to the cloud – Privacy impact assessments • Using SLAs to obtain cloud security – Suggested requirements for cloud SLAs – Issues with cloud forensics • Contingency planning and disaster recovery for cloud implementations • Handling compliance – FISMA – HIPAA – SOX – PCI – SAS 70 Audits 29 .

Obstacles & Opportunities 30 .

31 .

Unique Features • Outsourcing Data and Applications • Extensibility and Shared Responsibility • Multi-tenancy • Service-Level Agreements • Virtualization and Hypervisors • Heterogeneity • Compliance and Regulations 32 .

Security Implications 33 .

Security and Privacy Challenges • Authentication and Identity Management – interoperability – password-based: inherited limitation – How multi-tenancy can affect the privacy of identity information isn’t yet well understood. 34 . – multi-jurisdiction issue – integrated with other security components.

context. Security and Privacy Challenges • Access Control and Accounting – Heterogeneity and diversity of services. as well as the domains’ diverse access requirements – capture dynamic. or attribute.or credential-based access requirements – integrate privacy-protection requirements – interoperability – capture relevant aspects of SLAs 35 .

and policy-evolution management. Security and Privacy Challenges • Trust Management and Policy Integration – compose multiple services to enable bigger application services – efficiently capturing a generic set of parameters required for establishing trust and to manage evolving trust and interaction/sharing requirements – address challenges such as semantic heterogeneity. secure interoperability. 36 .

and SLAs – automatic and systematic service provisioning and composition framework that considers security and privacy issues 37 . Security and Privacy Challenges • Secure-Service Management – WSDL can’t fully meet the requirements of cloud computing services description – issues such as quality of service. price.

– Privacy-protection mechanisms must be embedded in all security solutions. – Provenance – Balancing between data provenance and privacy 38 . Security and Privacy Challenges • Privacy and Data Protection – storing data and applications on systems that reside outside of on-premise datacenters – shared infrastructure. risk of potential unauthorized access and exposure.

39 . Security and Privacy Challenges • Organizational Security Management – shared governance can become a significant issue if not properly addressed – Dependence on external entities – the possibility of an insider threat is significantly extended when outsourcing data and processes to clouds.

40 .

zero-knowledge proof-based techniques 41 . for example. Security and Privacy Approaches • Authentication and Identity Management – User-centric IDM – users control their digital identities and takes away the complexity of IDM from the enterprises – federated IDM solutions – privacy-preserving protocols to verify various identity attributes by using.

Security and Privacy Approaches • Access Control Needs – RBAC – policy-integration needs – credential-based RBAC.8 location-based RBAC 42 . GTRBAC.

verified. Security and Privacy Approaches • Secure Interoperation – Multi-domain – centralized approach – decentralized approaches – specification frameworks to ensure that the cross-domain accesses are properly specified. and enforced – Policy engineering mechanisms 43 .

Security and Privacy Approaches • Secure-Service Provisioning and Composition – Open Services Gateway Initiative (OSGi) – Declarative OWL-based language can be used to provide a service definition manifest. component grouping and topology instructions 44 . functional requirements. including a list of distinct component types that make up the service.

Security and Privacy Approaches • Trust Management Framework – trust-based policy integration – Delegation – must be incorporated in service composition framework 45 .

46 . Security and Privacy Approaches • Data-Centric Security and Privacy – shifts data protection from systems and applications – documents must be self-describing and defending regardless of their environments.

Security and Privacy Approaches • Managing Semantic Heterogeneity – semantic heterogeneity among policies – Use of an ontology is the most promising approach – policy framework and a policy enforcement architecture – inference engines 47 .

Questions? 48 .