1、Cloud Computing lecture 17,Cloud Security an overviewKeke Chen,Outline,Introduction Infrastructure security Data security Identity and access management,Introduction,Many security problems in non-cloud environment are still applicable We focus on cloud-specific problems Reference book “cloud securit
2、y and privacy”,overview,Infrastructure security,Infrastructure IaaS, PaaS, and SaaS Focus on public clouds No special security problems with private clouds traditional security problems only Different levels Network level Host level Application level,Network level,confidentiality and integrity of da
3、ta-in-transit Amazon had security bugs with digital signature on SimpleDB, EC2, and SQS accesses (in 2008) Less or non-existent system logging/monitoring Difficult to trace attacks Reassigned IP address Expose services unexpectedly spammers using EC2 difficult to identify Availability of cloud resou
4、rces Some factors, such as DNS, controlled by the cloud provider. Physically separated tiers become logically separated E.g., 3 tie web applications,Host level (IaaS),Hypervisor security “zero-day vulnerability” in VM, if the attacker controls hypervisorVirtual machine security Ssh private keys (if
5、mode is not appropriately set) VM images (especially private VMs) Vulnerable Services,Application level,SaaS application security Google Docs inappropriately shared the access of some documents,Data Security,Data-in-transit Data-at-rest Processing of data, including multitenancy Data lineage Data pr
6、ovenance Data remanence,Data-in-transit Confidentiality and integrity The Amazon digital signature problem Data-at-rest & processing data Possibly encrypted for static storage Cannot be encrypted for most PaaS and SaaS (such as Google Apps) prevent indexing or searching Research on indexing/searchin
7、g encrypted data Fully homomorphic encryption?,Data lineage,Definition: tracking and managing data For audit or compliance purpose Data flow or data path visualization Time-consuming process even for inhouse data center Not possible for a public cloud,Data provenance,Origin/ownership of data Verify
8、the authority of data Trace the responsibility e.g., financial and medical data Difficult to prove data provenance in a cloud computing scenario,Data remanence,Data left intact by a nominal delete operation In many DBMSs and file systems, data is deleted by flagging it. Lead to possible disclosure o
9、f sensitive information Department of Defense: National Industrial security program operating manual Defines data clearing and sanitization,Providers data and its security,The provider collects a huge amount of security-related data Data possibly related to service users If not managed well, it is a
10、 big threat to users security,Identity and Access Management,Traditional trust boundary reinforced by network control VPN, Intrusion detection, intrusion prevention Loss of network control in cloud computing Have to rely on higher-level software controls Application security User access controls - I
11、AM,IAM components Authentication Authorization Auditing IAM processes User management Authentication management Authorization management Access management access control Propagation of identity to resources Monitoring and auditing,IAM standards and specifications,avoid duplication of identity, attri
12、butes, and credentials and provide a single sign-on user experience SAML(Security Assertion Markup Lang).automatically provision user accounts with cloud services and automate the process of provisioning and deprovisioning SPML (service provisioning markup lang).provision user accounts with appropri
13、ate privileges and manage entitlements XACML (extensible access control markup lang).authorize cloud service X to access my data in cloud service Y without disclosing credentials Oauth (open authentication).,ACS: Assertion Consumer Service. SSO : single sign-on,SPML example,PEP: policy enforcement p
14、oint (app interface) PDP: policy decision point,XACM Examples,OAuth example,IAM standards/protocols,OpenID Information Cards Open Authentication (OATH),IAM practice- Identity federation,Dealing with heterogeneous, dynamic, loosely coupled trust relationships Enabling “Login once, access different sy
15、stems within the trust boundary” Single sign-on (SSO) Centralized access control services Yahoo! OpenID,summary,Infrastructure-level security example in previous lecture Data security & privacy next class Outsourced data: confidentiality, privacy, and integrity IAM service level Actually, independent of cloud computing, more general to service computing,
