Security and Cloud Computing

(1)

Security and

Cloud Computing

Michael Waidner

TU Darmstadt/FB Informatik, Chair Professor Security in IT Fraunhofer Institute for Secure IT, Director

(2)

Objectives of this Lecture

 Get a feeling for

 The importance of security for the success of cloud computing  The technical challenges

 The technologies used to address these challenges

 This lecture

 Will not make you an an expert in cloud security

(3)

<End Commercial>

We are hiring!

Engineers and Researchers

BSc/MSc, PhD Students, Post Docs

(4)

1.

(In)security by example

2.

What CIOs think about cloud security

3.

Best practices and standards

4.

Security technologies

5.

Outlook

(5)

What is the state of

(6)

Some Security Slang

IT System

Attacker • Intentional • Careless user • Hacktivist • Criminal • Spy • Nation state Attacks aims at

• Confidentiality: Stealing data, invading privacy

• Integrity: Corrupting data & service, stealing resources, illegal service • Availability: Destroy system, deny service

• Accountability: Escape responsibility for actions

Attacks exploits

• Privileges of attackers: insider

• Privileges of others: social engineering, confusing UI’s, poor security processes • Vulnerable design: wrong idea, architecture or design

• Vulnerable implementation: right idea, but done wrongly

Risk Management

• Accept, Avoid,

Transfer or Mitigate Risks

Business System

(7)

Major Attacks in 2011

Targeted, well orchestrated, economically or politically motivated.

(8)

Example: Targeted Attack on RSA and Defense Sector

RSA // Lockheed Martin, Northrop Grumman, L3 Communications (2011)

http://www.f-secure.com/weblog/archives/00002226.html ()

http://www.nytimes.com/2011/06/08/business/08security.html?pagewanted=all () http://www.informationweek.com/news/government/security/232700341 ()

1: Social engineering & phishing

March 3: Fake email to some RSA employees: [2011 Recruitment plan.xls] with embedded flash zero-day CVE-2011-0609 in Adobe Flash Player.

Planted “Poison Ivy” trojan horse.

2:Digital Shoulder Surfing

Poison Ivy connects back to control server, giving full control to attacker.

Attacker gradually moves towards higher value accounts and data.

3: Collecting SecureID secret seed records, downloading them from staging server.

4: Exploiting compromised SecureID to break into the target systems at defense industry.

June 3: Lockheed discloses a

blocked attack, which exploited the breach at RSA.

RSA announced replacement program for tokens (>40M tokens worldwide, Lockheed > 45’000).

August 2011: RSA acknowledge immediate 66M$ for recovery.

March 27, 2012: NSA attributes attack to Chinese hackers

RSA issues warning on March 17

Unusually fast (e.g., attack on Nortel went unnoticed for more then 10 years)

(9)

What are actual, known

(10)

Not Specific for Cloud, but Key Problem: Web-App Security

Well-known software problems result in insecure products and services

Source: IBM X-Force® Research and Development (), 2012 + OWASP Top Ten 2010 ()

Representative test of web

applications (IBM 2012)

86%

Security misconfiguration

79%

Broken authentication



Secure engineering

(11)

Attacks out of the Cloud

Attackers use cloud services to perform attacks

 Attacker as regular cloud user  Unclear responsibility

of cloud providers

 Many challenges for forensics / law enforcement

Examples

 Spammer

 Password cracker  Automated fraud

 Botnet commmand & control

(12)

Virtual Machine Escape

Guest VM takes over hypervisor, gets access to other guests

Examples

 Rafal Wojtczuk, Jan Beulich: Advanced Exploitation of Xen Hypervisor Sysret VM Escape Vulnerability; Sept 4, 2012 (CVE-2012-0217) ()

 Kostya Kortchinsky: CLOUDBURST – A VMware Guest to Host Escape Story; BlackHat USA 2009 ()

 Nelson Elhage: Virtunoid: A KVM Guest  Host privilege escalation exploit; Black Hat USA 2011 ()

Hypervisor

VM VM VM VM Exploits vulnerability in the _{design or code of the hypervisor} for privilege escalation

(13)

Incomplete or Insecure Data Deletion

Cloud provider does not (securely) delete data before

reassigning space, leaking secrets

VM VM

Time

Exploits vulnerability of the cloud management system



Secure processes

(14)

Forensics in Cloud Computing

Standard approaches to forensics do not work with virtualization

VM VM

Time

Forensics needs traces (old data, …)



Explicit subscriber logging

and auditing

Litigation Hold:

(15)

Malicious Insider

Cloud administrators may have privileged access to customer data

Hypervisor

VM VM VM VM Exploits basic architecture of _{current cloud computing} offerings.



Monitoring and auditing

of privileged identities



Trusted Computing

(16)

Unsafe Virtual Images

Image author does not to clean up image before publication, leaking secrets

Source: Fraunhofer SIT / S. Bugiel, S. Nürnberger, T. Pöppelmann, A. Sadeghi., T. Schneider : AmazonIA: When Elasticity Snaps Back; ACM CCS, Chicago 2011. ()

1/3 of 1100 public Amazon Machine Images with major vulnerabilities



Unpublished code, private documents



Caches, shadow files



Passwords



Public / private SSH keys



SVN credentials



Secure engineering for clouds

(17)

No Identity Verification in Storage Clouds

Cloud provider does not understand risk in usage patterns

I am

[email protected]

Source: Fraunhofer SIT / T. Hahn, T. Kunz, M. Schneider, S. Vowé: Vulnerabilities through Usability Pitfalls in Cloud Services; 2nd_{IEEE TSCLOUD, Liverpool 2012. (}_₎

Share secret with someone pretending to be Bob Receive malware or illegal content under Bob’s name

Examples of services with this problem (as of end of 2011) • Dropbox, SugarSync, CloudMe, HiDrive, wuala



Identity verification

(18)

Data Duplication for Compressing Data in Storage Clouds

Second upload of identical data results in reference to first upload only

(1) hash(data)

(2) ack(known already)

(2) ack(new file)

(3) data

OR

Client-side cross-user deduplication • Saves up to 90% cloud storage and bandwidth • Introduces vulnerabilities • (Better: server-side dedup)

(19)

Example 1: Extend Storage for Free, Share Files

Source: Martin Mulazzani et. al.: Dark Clouds on the Horizon; USENIX Security 2011. ()

Dropbox Client Modified NCrypto (wrapper) OpenSSL (hash functions) SHA256 Replacing hashvalue D ro pb ox S er ve r

1. Send User Identification, Hash of File 2. File Exists, Linked to User

3. Download File 4. Send File Checks if: • User exists • File exists with Hash

Malicious user can provide hashes for downloading files

(20)

Example 2: Guess Confidential Values

Theoretical example only!

… 10‘000.00 € … … 11‘000.00 € … … 12‘000.00 € … … 13‘000.00 € … Scenario:

• Companies bidding for a certain contract

• Adversary knows structure of contract, just not the price

• Attack: test all possible prices, dedup will identify the right one

Source: Danny Harnik et.al.: Side Channels in Cloud Services, the Case of Deduplication in Cloud Storage; IEEE Security and Privacy Magazine 8/2 (2010). ()

(21)

Changing Access Pattern

Parallel and Connected Trends: Mobile and Cloud Computing

 “Bring Your Own Device”

 Malware spreads via mobile / cloud into enterprise  Data leaks via cloud / mobile



Devices and OS’s with strong separation between business and

personal resources, e.g., Bizztrust by Fraunhofer SIT (



)

(22)

Recap of Discussed Attacks

Four areas of problems in cloud security

 Virtual Machine Escape

 Incomplete or Insecure Data Deletion

 Attacks based on Client-side Deduplication

 Unsafe Virtual Images

 Forensics in Cloud Computing

 Malicious Insider

 No Identity Verification in Storage Clouds

 Changing Access Patterns

 Attacks out of the Cloud

Isolation /

Multi-tenancy

Trust in provider

Trust in subscriber /

Identity

Secure Engineering

for Cloud Apps

(23)

1.

2.

3.

4.

5.

Outlook

(24)

Where CIOs see the Risks with Public Cloud Computing

http://www.cio.de/knowledgecenter/netzwerk/861652/index2.html () 6% 11% 11% 11% 12% 19% 19% 24% 25% 26% 26% 45% Other Vendor lock-in Customization Return on investment Satisfaction with offerings Compliance IT governance Performance Availability Loss of control over data Integration w/ legacy Security

(25)

Source: CloudPassage Cloud Security Survey, February 2012. ()

Who is Considered Responsible for Securing the Public Cloud?

Question: “How do you Secure Your Cloud Servers Today (in IaaS)?”

31.2%

21.3% _19.9%

9.9%

6.4% 6.4%

(26)

Who is Really

Responsible for Securing the Public Cloud?

Split of Responsibilities between Provider and Subscriber

Platform-as-a-Service Infrastructure-as-a-Service Application-as-a-Service Business Process-as-a-Service

Who is responsible for security at the … level?

Datacenter Infrastructure Middleware Application Process

Provider Subscriber

Provider/Subscriber service agreement determines actual responsibilities.

(27)

The Root Cause of Concerns over Cloud Security

Real or Perceived Loss of Control when Moving from Private to Public

We Have Control

 It’s located at X.

 We have backups.

 Our admins control access.

 Our uptime is sufficient.

 The auditors are happy.

 Our security team is engaged.

Who Has Control?

 Where is it located?

 Who backs it up?

 Who has access?

 How resilient is it?

 How do auditors observe?

 How does our security team engage? Community Cloud Private Cloud Public Cloud On Premise Off Premise Hybrid Clouds 3rd-Party Managed

(28)

Source: Removing the Cloud of Insecurity; Altertlogic, 2012. ()

Well Managed Shared Cloud Might be

More

Secure

than Enterprise Managed Private IT

Percentage of surveyed cloud customers

experiencing security incidents of this type

(29)

Well Managed Shared Cloud Might be

More

Secure

than Enterprise Managed Private IT

Economy of scale favors security and privacy



Dedicated and trained security team



Professional service management (patch, change, incident, …)



Professional security management, tools, processes, etc.



Standardization simplifies security

Caveats:



Most shared clouds have pre-defined service levels, no negotiated SLAs



Physical cloud location may influence regulatory compliance

(30)

1.

(In)security by example

2.

3.

4.

5.

Outlook

(31)

Information Security Process and Management System

Security is a dynamic and evolving property. Risks are managed through

controls (safeguards), which need to be continuously managed.

Reference: BSI Grundschutz 100-2 (), ISO 27002] Initiation of security process Creation of security concept Implementation of security concept Maintenance and improvement

 Strategy, objectives, compliance

 Organization, resources, education

 Scope

 Documented security policy

 Threat analysis and risk decisions

 Safeguards and controls  Security Policy

 Organization of Information security  Asset Management

 Human Resource Security

 Physical and Environmental Security

 Communications and Operations Management  Access control

 Information Systems Acquisition Development and Maintenance  Information Security Incident Management

 Business Continuity Management  Compliance

(32)

Guidelines, Standards, Requirements

 Recommendations (from Provider’s and/or Subscriber’s perspective)

 Cloud Security Alliance (CSA): Security Guidance v3; 2011 (); Cloud Control Matrix (CCM); 2010 (); Trusted Cloud Initiative, Ref Architecture; 2011()  BSI: Security Recommendations for Cloud Computing Providers; 2011 ()  NIST Special Pub 800-144: Guidelines on Security and Privacy in Public Cloud

Computing; 2011 ()

 OSA Security Architecture Pattern SP-011: Cloud Computing Pattern; 2010 ()

 Mandatory Framework (for US Federal Government)

 US General Services Administration: Federal Risk and Authorization Management Program (FedRAMP) ()

(33)

Auditable Framework

 Auditable Frameworks  ISO 2700x Framework

 27002: Code of practice for information security management  Annex A: “Mother of all control matrices”

 In progress 27017: Security in cloud computing

 In progress 27018: Code of practice for data protection controls for public cloud computing services

(34)

(35)

(36)

(37)

Anything specific for Cloud Computing?

At a high level, everything applies equally well to data centers

 Sharing and multi-tenancy across all hw/sw − Lack of multi-tenant hw/sw

− Lack of detailed and verifiable metering and billing

+ Sharing of security info improves detection,

lowers time to respond (aka “Big Data” for security)

 Virtualization turns everything into data & software

−

Need for “Secure Cloud Engineering”

+

Enables introspection of resources

+

Simplifies security management (e.g., patch management)

 Subscribers may distrust providers (resp. cloud admins)

−

Impossibility of individual audits by each subscriber

+

Privileged user management, Usages control

+

Trusted Computing and Cryptography can extend trust boundaries

 Public clouds may have to deal with anonymous subscribers

−

Lack of “Trusted Identities”

+

Identity verification as new opportunity for cloud providers

 Speed: quick on-boarding/offboarding of subcribers identities

+

Case for Federated Identity (and other SOA constructs)

Isolation / Multi-tenancy Trust in provider Trust in subscriber / Identity Secure Engineering for Cloud Apps

(38)

1.

(In)security by example

2.

3.

4.

5.

Outlook

(39)

Virtualization enables

introspection of resources

(40)

Hypervisor-level Security Services – Physical

What changes in a naïve transition from physical (this picture) to virtual?

 Security becomes harder: VM sprawl, hypervisor as a new component

 Services unnecessarily replicated

 Security becomes easier: move security services out of the OS into the Hypervisor, security system can introspect the virtual hardware HW OS App 1 AV/FW App 2 App 3

(41)

Hypervisor-level Security Services – Virtual

OS A1 AV/FW A2 A3 OS A1 AV/FW A2 A3 Hypervisor HW

Switch / NAC / FW / IPS

Security VM Policy Hardened OS Rootkit Detection Discovery, license mgmt, update, congestion control + …

Reference: IBM Security Virtual Server Protection for Vmware ()

(42)

Cryptography extends trust boundaries

How to protect data from malicious cloud admins

(43)

OmniCloud: Approach

 Easy integration

 Standard software, no client installation

 Uses existing communication protocols (e.g., FTP, SCP, WebDAV, Amazon S3, ...)

Main objectives

 Provide secure cloud storage

 Avoid cloud provider lock-in

(44)

OmniCloud: Security

Client-side file encryption

 Before leaving the company’s intranet

Key management

 Separation of keys and encrypted files

 Keys under exclusive control of the company

 (Pseudo-) randomly generated keys for each file

 Modular key generation / key storage approach

Filename and folder structure obfuscation Authentication and identity management

 Various authentication mechanisms

Role-based access control

(45)

OmniCloud: API Mapping

API mapping

 Multitude of input and output interfaces

 Mapping between both

High interoperability w.r.t.

 Supported client software

 Supported cloud storage providers

(46)

OmniCloud: Features

Storage Strategies

 Specify how data is distributed over storages

 Consideration of storage specific properties

 Extensible approach (Inform. Dispersal, Reed Solomon)

Data Deduplication

 Recognition of duplicated files within a service

 Copied just once to the cloud

 Reduction of cloud storage costs

Mirroring

(47)

Cryptography extends trust boundaries

How to protect data from malicious cloud admins

(48)

General Idea



Encryption a la OmniCloud does not work if provider needs to process

the encrypted data

 Fully Homomorphic Encryption (Rivest, Adleman, Dertouzos, 1978, )

 Represent algorithm as arithmetic circuit, e.g., f(x1, x2, …) = x1+x2*(1-x3)  Homomorphic encryption means:

Enc(x1)+Enc(x2)*(1-Enc(x3)) … = Enc(x1+x2*(1-x3) …  Really means: server can compute on the encrypted data

 First provably secure and polynomial solution (Gentry, 2009, )

(49)

State of the Art

 Actually efficient solutions exist for  Homomorphic in one operation

 Somewhat homomorphic (limited depth)

 E.g., selective document retrieval from encrypted database (Bösch 2012)

 Secure function evaluation

 Two parties evaluate function, only one gets result

(50)

1.

2.

What CIOs think about cloud security

3.

4.

5.

Outlook

(51)

Areas for Research

Not a complete list …

 Definition, Measurement and Assurance

 VM Security = Platform Security ∪ Application Security  Provenance, trust management

 Compliance checking, scanning and patching of dormant images

 Reconsider proof-carrying code and other “mobile agent” security constructs  Security Through Cloud Computing

 Security as a service

 Hypervisor-based security services

 Security in emerging cloud computing programming models and languages  Architectures for trustworthy cloud computing

 Key management

 TCG-style trusted computing

 Fully homomorphic encryption, and other crypto tricks to support privacy

 Trusted “clouds of clouds”

(52)

Acknowledgements

Support provided by Support provided by

(53)

Secure Information Technology

Rheinstrasse 75

64295 Darmstadt, Germany

www.fraunhofer.de

www.sit.fraunhofer.de

Technical University of Darmstadt

Chair for Security in Information Technology Mornewegstrasse 30

64289 Darmstadt, Germany

www.sit.tu-darmstadt.de

Prof. Dr. Michael Waidner

[email protected]

TECHNISCHE

UNIVERSITÄT

DARMSTADT

(



) (

(

. (

(

)



(

)

(

);



(

)



www.fraunhofer.de

www.sit.fraunhofer.de

www.sit.tu-darmstadt.de