How To Secure Cloud Infrastructure

(1)

1 of 12

http://creativecommons.org/licenses/by/3.0/

Trustworthy Clouds

Underpinning the Future Internet

Cloudscape III, Brussels, March 2011

Elmar Husmann, Corinna Schulze

(2)

Of enterprises consider security the #1 inhibitor to cloud adoptions

80%

Of enterprises are concerned about the reliability of clouds

48%

Of respondents are concerned with cloud interfering with their ability to comply with regulations

(3)

Overview



Which cloud can we trust .. and for what?



Trust & Security Limitations of Global Cloud

Infrastructures



Cloud security market developments

(4)

(5)

Customization, efficiency,

availability, resiliency,

security and privacy …

Standardization, capital

preservation, flexibility and

time to deploy …

Public …

• Access open to everybody, subject to subscription

• Shared resources

• Multiple tenants

• Delivers select set of standardized business process, application and/or infrastructure services on a flexible price per use basis

• Always managed and hosted by 3rd _party

Private …

• Access limited to enterprise and its partner network

• Dedicated resources

• Single tenant

• Drives efficiency,

standardization and best practices while retaining greater customization and control

• Might be managed or hosted by third party

Cloud

Computing

Model

Cloud

Services

The cloud market is using different cloud service models

Hybrid …

• Private infrastructure, integrated with public cloud

Community…

• Similar to private cloud with access limited to community of organizations (e.g. Health, Public Sector)

Intercloud …

• Federation of public (and private clouds), open standards based

(6)

Top private cloud workloads

 Data mining, text mining, or other analytics  Security

 Data warehouses or data marts

 Business continuity and disaster recovery  Test environment infrastructure

 Long-term data archiving/preservation  Transactional databases

 Industry-specific applications  ERP applications

Customers differentiate what to do in which type of cloud

Source: IBM Market Insights, Cloud Computing Research, July 2009. n=1,090

Top public cloud workloads

 Audio/video/Web conferencing  Service help desk

 Infrastructure for training and demonstration  WAN capacity and VoIP infrastructure

 Desktop

 Test environment infrastructure  Storage

 Data center network capacity

(7)

http://creativecommons.org/licenses/by/3.0/ 7

Compliance

Complying with SOX, HIPAA and other regulations may prohibit the use of clouds for

some applications.

Reliability

High availability will be a key concern. IT departments will worry about a loss

of service should outages occur.

Control

Many companies and governments are uncomfortable with the idea of

their information located on systems they do not control.

Security Management

Even the simplest of tasks may be behind layers of abstraction or

performed by someone else.

Data

Migrating workloads to a shared network and compute infrastructure

increases the potential for unauthorized exposure.

(8)

Trust & Security Limitations

of Global Cloud

(9)

Isolation Breach between Multiple Customers

Different levels of multi-tenancy

Issues

• Prevent data leakage between customers

• Restrict the impact of misbehaviour of one customer or of intrusion at the tenant level

Traditional data center

• Multi tenant isolation (via dedicated infrastructure for a customer)

• Data isolation and wiping before hardware re-use

Cloud Isolation

• Labellingof virtual resources (assigned to a customer)

(10)

Resource sharing —————————— Single point of failure —————————— Loss of visibility

Traditional Threats

Virtual server sprawl —————————— Dynamic state —————————— Dynamic relocation Stealth rootkits Management Vulnerabilities —————————— Secure storage of VMs and the management data —————————— Requires new skill sets —————————— Insider threat New threats to VM environments

Traditional threats can attack VMs just like real systems

New Threats and Failure Points at the level of

Cloud Management Systems

(11)

Increasingly - Internet Services

report Vulnerabilities of the Virtualization Layer

(12)

Lack of Transparency and Guarantees

The Cloud Curtain The Cloud Curtain Curtain

Cloud

• ―Cloud-curtain‖: Technical delivery of the cloud service is shielded from the customer (typically increasing for higher level services)

• Customers can not gain insights on risk mitigation mechanisms and status

• Certified, auditable cloud services may provide a basic level of trust

• Trusted computing (e.g. customer side policy enforcement) is developing – see Trusted Computing Group (TCG)

(13)

Privacy Risks

Traditional data center

• Security controls to guarantee compliance to regulatory requirements

• Application-level privacy protection (e.g. consent enforcing)

• Raw data protection via encryption and access right limitation

Cloud

• Customer remains responsible for data regulatory compliance

• Data needs to become personal and identifiable (PII)

• The challenge is to ensure PII protection across the cloud stack and lifecycle (e.g. physical storage location needs to be controlled – according to compliance requirements)

Protection of personal identifiable information (PII) along its life-cycle

(14)

Cloud Security and Trustworthiness

Important Research Strands*)

Customer Isolation and Information Flow

• Reliably manage isolation across various abstraction layers

• Implement the notion of a single customers across various systems

• Reduce amount of covert or side channels (today often frozen in hardware)

Insider Attacks

• Practical and cost efficient schemes to mitigate the risk of insider fraud

• Minimize the set of trusted employees per customer

• Support of overseas management

Security Integration and Transparency

• Allow customers to continue operating a secure environment

• Integrate customer specific security infrastructure (e.g. intrusion detection, event handling..) within an overall cloud security landscape

• E.g. to allow comparison between intrusion patterns in the cloud and in a corporate data centre environment

(15)

Cloud Security and Trustworthiness

Important Research Strands

Multi Compliance Clouds

• Build clouds that are able to comply with multiple regulations at the same time (e.g. Health Care)

• Build automated ways to enforce different regulations

Federation and Secure Composition

• Obtain services from a federation of cloud (increasing availability and scalability) – by finding an accepted way to compose services securely

Make Regulations and the Cloud Compatible

(16)

(17)

Cloud security market trends

Security market prospects

• According to Forrester Research the cloud security market is expected to grow to 1.5 billion $ by 2015 and to approach 5 % of overall IT security spending.

Industrial Trends

We expect particular growth in three directions:

1) securing commercial clouds to the needs of specific markets -‗community clouds‖ 2) bespoke highly secure private clouds

3) a new range of providers offering cloud security services to add external security to public clouds

Open cloud standards

• Increased collaboration on open cloud standards under developments by groups such as the DMTF Open Clouds Standards Incubator, the SNIA Cloud Storage Technical Working Group or the OGF Open Clouds Computing Interface Working Group

(18)

(19)

TClouds - Trustworthy Clouds



Privacy and resilience for Internet-scale trustworthy

infrastructure



Make cloud computing more secure and more reliable, to

enable hosting of critical infrastructure



3-year research project funded by the European

Commission in FP7

◦

15 European partners

◦

Industry and academia

◦

Volume is 10.5 MEUR, 7.5 MEUR contribution

◦

1000 person-months work planned

(20)

TClouds partners



Technikon Forschungs- und Planungsges. mbH (AT)



IBM Research GmbH (CH)



Philips Electronics Nederland B.V. (NL)



Sirrix Aktiengesellschaft (DE)



Technische Universität Darmstadt (DE)



Universidade de Lisboa (PT)



University of Oxford (UK)



Politecnico di Torino (IT)



Universität Erlangen-Nürnberg (DE)



Fondazione San Raffaele (IT)



Electricidade de Portugal (PT)



Universiteit Maastricht-Merit (NL)

(21)

TClouds – Key Results



Activity 3: End-user Application Scenarios

◦ Home Healthcare Monitoring (privacy, resilience)

◦ Capacity Planning for Smart Grid (resilience, computing)



Activity 2: Security Technology Portfolio for Future

Internet

◦ Federated (Cloud-of-clouds) Security Architecture

◦

Resilient and privacy-preserving protocols,

◦

Security management components

◦

OSS Reference Implementations

◦ Security Standards and Open APIs



Activity 1: Regulatory and Business Enablers

◦ Regulatory Framework for Cross-border Clouds ◦ Business Models and Opportunities

◦ Requirements from Advisory Board

Activity 1: Regulatory Guidance and Business

Enablers Activity 2: Trustworthy Cloud-of-Clouds Infrastructure for Adaptive Resilience Activity 3: Innovative Cloud Applications