Government Cloud Information System and Security

The cloud computing capabilities attracts governments and private companies to get benefit of its advantages and opportunities for increased efficiencies, increase flexibility, cost savings, pay as per use of the services and green computing technologies. With benefits of using cloud computing by the organizations there are some challenges and new risks. Security of the government data and applications on the cloud is the big issue before the governments to adopt cloud computing model. Cloud computing has various essential characteristics with various technologies and service delivery models. Isaca says a various technologies comes under the title “cloud computing,” and the complexity of their implementations of these technologies can create confusion between program managers [198].

Cloud Computing architecture is hosted on large, multi-tenant hardware and software infrastructures. Shared infrastructure of the cloud computing uses same security protocols for all the clients that makes security assessment and authorization process redundant. Infrastructure provides the same boundaries and security protocols for each customer. In cloud computing model, doing security assessment and authorization differentially for each user is more then required. Instead of that cloud providers can use a security and authorization program that is doing the security assessment and authorization process once and share the results with various client agencies. Application isolation is again a challenge in shared infrastructure environment. According to NetApp application isolation requires dedicated and isolated virtual machines. Secure multi-tenant architecture of the cloud computing model allows system to partition a virtualized and shared infrastructure. Cloud computing infrastructure also provides high security to the shared infrastructure. Data is securely isolated, and workload performance is maintained in cloud computing model [199].

In public cloud model all the controls including security controls remains with the cloud provider. Customer doesn’t know much about the location of their data (servers), security measures taken by the cloud provider. The government security personals may have

various questions about the cloud. Infosecurity says "If I go into the cloud, is my information going to be mixed up with 500 online businesses? Who gets to look at, touch, and feel my data when something goes wrong? Is there some kind of background check of cloud providers? Where is my data?" [200]

According to a Vangent white paper on private cloud security "It is imperative that a provider or agency builds security into the private cloud suite of offerings. Strict compliance with federal and state mandates for security (physical, logical, and human) and privacy must be inherent in private cloud solutions. Provisions of independent audit verification should exist, and the environment should be ready for application deployment very quickly....A private cloud provider must proactively monitor all infrastructure, network, and security components for the purpose of preventing incidents before they occur." [201]

Normally governments have two type of the information to store on the cloud computing environment sensitive and publicly available information. The sensitive information is generally not for general citizen, it is for government officials. The sensitive information are confidential that may break national security if disclosed to the general citizens. The information like military information, government’s financial information, national security information etc comes under the sensitive information. High security is needed when using cloud computing to store such sensitive information in the public cloud model, private cloud model is more suitable for sensitive and confidential information because in this model control of the cloud remains with the consumer organization. Another type of Information is publicly available information, these information are for general public. Public information are not confidential, the information like weather forecasting, various government schemes for farmers, students, retired public etc. comes under this category. Public cloud is the perfect candidate for such information.

Cloud Computing Security:

Cloud computing provides Internet-based services, computing, and storage for users in all markets including finance, healthcare, business, and government. This new approach to computing allows users to avoid investing in buying and up gradation of hardware and

software, gain flexibility, scalability, collaborate with others, and take advantage of the sophisticated services that cloud providers offer. However, security is a big concern for cloud users and it is a big challenge for the cloud provider.

Cloud providers have recognized the cloud security concerns and are giving attention to address them. In fact, cloud security is the key point that differentiates providers from each other and it is also a competitive edge between cloud providers. Trusted Computing Group says Cloud providers are using strong security techniques to make cloud more secure. Soon cloud security rises far above the level that organizations are achieving using their own hardware and software [202].

There are many security issues in cloud computing as it includes various technologies such as networking, databases management, operating systems, virtualization, load balancing, memory management etc. So the security concerns for all the technologies used in cloud computing system are also there for cloud computing system. Main security issues we are addressing here are Physical Security, Network Security, Data Security, Identity and Access management, Application Security, Host Security Auditing and Reporting, Separation between Customers.

Figure 2.27 shows the security model of government cloud computing system. Figure illustrates the entities that are involved in government cloud security. On the government cloud side, actual security needs to be implemented through a technological infrastructure that incorporates the hardware and software needed to protect systems and information in addition to the soft management factors that incorporate management and organizational policies, controls, regulations, human resource management and training. On the external or public side security can be maintained by the users on their computers. The citizens needs to use internet to access the government cloud, there are so many security threats using internet that is the reason client side security is also important when accessing government cloud.

 Physical Security: - The servers and hardware of cloud computing data centers is similar to the servers and hardware of the regular data centers those are using simple client server model. In each case it is important for the data centers to be physically secure against unauthorized access and natural disasters, but no security requirement appears suddenly simply because one of those facilities is supporting cloud computing [203]. Thomas J. Trappler suggests some of the key issues to investigate [204]:

Security Policy: - Cloud provider should have proper security policies to protect the infrastructure from the unauthorized access and natural disaster.

Access Control: - Cloud provider should have physical access control procedure, so only authorized person can access the system.

Background checks: - Cloud Provider should have background checks on everyone who has access to its infrastructure and data.

Segregation of duties: - Task should be distributed among multiple employees. This ensures no single person is able to execute unauthorized transaction and go undetected.

Third-party adherence: - If cloud provider works with third party, the third party should understand and abide by the same security policies that apply to the provider’s employee.

Many cloud providers are working in designing, constructing, managing, and operating large scale data centers, Amazon is one of them. According to Amazon Web Services Physical access should strictly controlled both at the perimeter and at building entry points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means [205].

Authentication system can be used to protect infrastructure from the unauthorized users, two factor or multi factor authentications can be used to make the system more strong. Authorized staff should be trained to use authentication system to access the system. The visitors should present identification and should be escorted by the authorized staff person to visit the data center.

 Network Security: - The entire cloud infrastructure is connected using network. The data travels in the network should be secure and protected against unauthorized access and intruders. Network security is fundamentally about three goals/objectives Confidentially, Integrality and Availability [203]

Confidentiality: - When unauthorized person access information from a system is known as loss of confidentiality which is a very important attribute of network security. Confidential data and information should be protected from the unauthorized access. Data such as military data, research data, finance related data of organizations, medical record, new product related information, company strategy data are the example of confidential data. Unauthorized user can access

and misuse the data and information from the insecure network. Authentication and access control techniques can be used to achieve confidentiality and protect data from unauthorized access.

Integrity: - Modification of data by unauthorized user is known as loss of integrity. Unauthorized modification of data can happen by human error or can be done intentionally. Integrity is very important in case of critical safety, such as online fund transfer, air traffic control, and financial accounting.

Availability: - Data and Information is not available due to some reasons is known as loss of availability. The general reason of loss of availability is, information can be erased intentionally or accidentally, or become inaccessible due to technical fault. This means due to loss of availability authorized user can not get needed information even he/she is authorized to access that information. Availability is very important for information dependent service oriented business. Availability of the network is important for any business which is network connection dependent. When user can not get access to the needed service due to network fail, user experiences denial of service.

Applications running on cloud computing system are heavily dependent on network connections and internet. Network connections are used to connect different clouds and servers and other equipments of the cloud. Internet is used to connect user to cloud computing infrastructure. If network of a cloud fails whole cloud goes down and if internet is not working then inter cloud connectivity also fails. The security challenges to availability can be grouped into protection of cloud content, secure virtualization technology, distribution transparency control, and secure operations [206].

 Data Security: - Data stored in the cloud is valuable asset of the cloud user which should be secure against unauthorized access. If data is shared by many applications or users then proper data sharing policies should be made and log

should be maintained. When using cloud computing, user doesn’t know where their data is hosted and in which country it is stored. So it is important to store and process data in user defined jurisdictions. Cloud provider should make commitment to follow local privacy requirements specified by the user. The cloud provider should access, user related sensitive and personal data and information according to the policies discussed with user.

Cloud computing provides virtual environment that allow user to access computing power. To enter this virtual environment exact location of the data is required. John Harauz et. al says, to ensure data confidentiality, integrity, and availability, storage provider should provide encryption method which can be used to encrypt the data before storing it in to the storage device. This ensures safeguard to data which is stored in the storage device and access control to prevent unauthorized access to the data. The provider should also schedule data backup and safe storage of the backup media [207]. In cloud computing data must be protected from unauthorized access while in rest or in transit. According to Rutrell Yasin data should be protected from the moment of creation, when it moves from user data centre to the cloud, when it is in the rest mode and after it is taken into the wilderness of users [208].

Securing Data at Rest: - Data which resides in the hard disk and presently not in use is called data at rest. Cryptographic encryption is the best way of protecting the data at rest; data should be encrypted before storing it in the hard drive. Some hard drive manufacturers are providing self encryption drives that implements the Trusted Storage Standards (TCG’s). These hard disks contain encryption hardware, providing automated encryption within minimum cost. Software encryption can also be used, but it is slower and less secure since the encryption key can be copied off the machine without detection [202]. So data should be encrypted by hardware or software encryption method before storing it into the storage device.

Securing Data in Transit: - Data which is traveling on the internet is called as data in transit. Encryption techniques should also be used for data in transit to protect it from the hackers and intruders. In addition, authentication and integrity protection should be used to make sure that data only goes where customer wants it to go without modification. Protocols such as SSL/TLS can be used for this purpose, strong authentication is the tricky part here [202].

 Identity and Access management: - An identity and access management system in cloud computing environment should be able to manage control points, dynamic composite and decommissioned machines, virtual device or service identities, and user identity [209].

Cloud computing based services require security and protection against misuse of the identities of users and devices. The cloud computing system for identity and access control should be strong and base on in person proofing and use cryptography where ever required. The cryptography can be used to encrypt the user credentials before storing them in to server for authentication purpose. These credentials enable claim based authentication system, which authenticates the claim made by the user. Roger Halbheer and Doug Cavit says “the strength of authentication system should be balanced with the need of protection and privacy of the user of the system. To achieve this balance, the system should use strong claim to be transmitted and verified without using more then necessary information to connect with the server” [210].

Secure identity management is key requirement of information and access management system. Identity management and access control system is very complex in cloud computing system. Cloud computing system has various identity claim providers, each claim provides separate process that needs to be understood and verified. According to Sumner Blount, Merritt Maxim; “a comprehensive identity and access management platform is the foundation of

effective security and compliance” [211]. The identity and access management process help authentication system to identify authenticated user.

As systems and applications are deployed into the cloud, controlled access to these systems must be treated in the same way as to on-premise systems and applications. Identity governance policies allows organizations to set up a centralized set of identity security policies which can be implemented on a investigation or protection basis to ensure users of an organization receives or maintains appropriate privileges [212]. This includes separation of duties of the user policies which makes the user separate from each other and there is no conflict in the role of the users.

Role based identity management system plays very important role in efficient management of identities and access control on large scale. Role management tools support powerful methods to help organizations to build an effective role based identity management system which includes roles, policies, access rights, etc. Most security-related regulations specify the requirement for a clearly defined method for giving user access rights. By creating a set of roles that map to job function with a corresponding set of access rules for each role, a set of access rights can easily be assigned to each new user based on his or her role [211]. Organizations that are using role based identity management system in their traditional system can extend it to the management and control of role-based system and applications access in cloud computing system [213].

Authorization: - Authorization is the process of permitting user to access the data or information of a system. In a system where more then one user needs access to the data center, an administrator define access rights and privileges of use for every user. After successfully signing in into the system, user gets access to the required resources for a particular session only. According to Techtarget “authorization is sometimes seen as both the preliminary setting up of permissions by a system administrator and the actual checking of the permission values that

have been set up when a user is getting access” [214]. In other word authorization is the process of determining whether the quoting user is allowed to use the requested resources or not. Normally successful authentication leads to authorization, but authorization can sometimes be attempted irrespective of the outcome of authentication.

Authentication and authorization are different from each other, independent and separate processes, they can be processed independently. AkiNiemi says it is possible that successfully authenticated user will not be authorized to access requested services or it may take more time to get authorization. Also, the lifetime of the authorization can vary depending on the requested resource [215]. Identifying and defining appropriate boundaries for information system for authorization purpose is the challenging task for the government authorizing system. Well defined boundaries ensures the security of government information system, these boundaries includes the user, processes and information technologies that are the part of the system supporting government’s mission and service processes.

The application of security controls within a complex information system is challenging task in front of an organizations or governments. It is easy and feasible to implement security controls on small systems, so the big systems can be decomposed to make the security more effective and manageable. According to Perry Bryden et al, to make information system security more manageable, the information system and authorization system needs to examine the purpose and feasibility of decomposing the system into more manageable components [216]. The decomposition of the system into sub systems should be done such that boundary of the sub systems should be defined properly. This helps in applying the security and achieving adequate security targets and more effective risk management system.

Identity Provisioning: - According to Sysec, timely management of on boarding and off boarding of the user are the major challenges in front adoption of cloud computing. On boarding is provisioning and off boarding is de provisioning. Organizations that have invested in user management system in their traditional data center seek to extend those user management systems to cloud services [217].

Martijn Oostdijk et al, defines provisioning is the process of creation or updating of user identities (user account) and storing it into the server for further use. De provisioning is the process of removing the user account from the server when no