cloud security - non vendor perspectives
TRANSCRIPT
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 1
Cloud Security
Patrick McLaughlin, CISSP
Oracle Fellow
Content from late 2010
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 2
This document is for informational purposes. It is not a commitment to
deliver any material, code, or functionality, and should not be relied upon in
making purchasing decisions. The development, release, and timing of any
features or functionality described in this document remains at the sole
discretion of Oracle. This document in any form, software or printed matter,
contains proprietary information that is the exclusive property of
Oracle. This document and information contained herein may not be
disclosed, copied, reproduced or distributed to anyone outside Oracle
without prior written consent of Oracle. This document is not part of your
license agreement nor can it be incorporated into any contractual
agreement with Oracle or its subsidiaries or affiliates.
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 3
Agenda
• Cloud Standardisation efforts (incl security)
• NIST – National Institute of standards and Tech
• DMTF – Distributed Management Task Force
• Cloudcases.org,
• CSA – Cloud Security Alliance
• ENISA – European Network and Info Sec Agency
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 4
NIST Definition of Cloud Computing
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
This cloud model promotes availability and is composed of:
Source: NIST Definition of Cloud Computing v15
3 Service Models
• SaaS
• PaaS
• IaaS
4 Deployment Models
• Public Cloud
• Private Cloud
• Community Cloud
• Hybrid Cloud
5 Essential Characteristics
• On-demand self-service
• Resource pooling
• Rapid elasticity
• Measured service
• Broad network access
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 6
NIST Presentation on Effective and
Secure Use of Cloud Computing http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 7
Analyzing Cloud Security
• Some key issues:
• trust, multi-tenancy, encryption, compliance
• Clouds are massively complex systems can be
reduced to simple primitives that are replicated
thousands of times and common functional units
• Cloud security is a tractable problem
• There are both advantages and challenges
Former Intel CEO, Andy Grove: “only the paranoid survive”
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 8
General Security Advantages
• Shifting public data to an external cloud reduces the
exposure of the internal sensitive data
• Cloud homogeneity makes security auditing/testing
simpler
• Clouds enable automated security management
• Redundancy / Disaster Recovery
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 9
General Security Challenges
• Trusting vendor’s security model
• Customer inability to respond to audit findings
• Obtaining support for investigations
• Indirect administrator accountability
• Proprietary implementations can’t be examined
• Loss of physical control
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 10
Security Relevant Cloud Components
• Cloud Provisioning Services
• Cloud Data Storage Services
• Cloud Processing Infrastructure
• Cloud Support Services
• Cloud Network and Perimeter Security
• Elastic Elements: Storage, Processing, and Virtual
Networks
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 11
Cloud Security Advantages
Part 1
• Data Fragmentation and Dispersal
• Dedicated Security Team
• Greater Investment in Security Infrastructure
• Fault Tolerance and Reliability
• Greater Resiliency
• Hypervisor Protection Against Network Attacks
• Possible Reduction of C&A Activities (Access to Pre-
Accredited Clouds)
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 12
• Simplification of Compliance Analysis
• Data Held by Unbiased Party (cloud vendor assertion)
• Low-Cost Disaster Recovery and Data Storage Solutions
• On-Demand Security Controls
• Real-Time Detection of System Tampering
• Rapid Re-Constitution of Services
• Advanced Honeynet Capabilities
Cloud Security Advantages
Part 2 http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 13
Cloud Security Challenges
Part 1
• Data dispersal and international privacy laws • EU Data Protection Directive and U.S. Safe Harbor
program
• Exposure of data to foreign government and data subpoenas
• Data retention issues
• Need for isolation management
• Multi-tenancy
• Logging challenges
• Data ownership issues
• Quality of service guarantees
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 14
Cloud Security Challenges
Part 2
• Dependence on secure hypervisors
• Attraction to hackers (high value target)
• Security of virtual OSs in the cloud
• Possibility for massive outages
• Encryption needs for cloud computing • Encrypting access to the cloud resource control interface
• Encrypting administrative access to OS instances
• Encrypting access to applications
• Encrypting application data at rest
• Public cloud vs internal cloud security
• Lack of public SaaS version control
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 15
Putting it Together
• Most clouds will require very strong security controls
• All models of cloud may be used for differing tradeoffs
between threat exposure and efficiency
• There is no one “cloud”. There are many models and
architectures.
• How does one choose?
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 16
Migration Paths for Cloud Adoption
• Use public clouds
• Develop private clouds • Build a private cloud
• Procure an outsourced private cloud
• Migrate data centers to be private clouds (fully virtualized)
• Build or procure community clouds • Organization wide SaaS
• PaaS and IaaS
• Disaster recovery for private clouds
• Use hybrid-cloud technology • Workload portability between clouds
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 17
DMTF and Cloud Computing
http://dmtf.org/sites/default/files/standards/documents/DSP-IS0102_1.0.0.pdf
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 18
DMTF IAAS Management Centricity
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 19
DMTF Interaction Patterns
• Identity: A person or entity that interacts with the cloud service provider establishes their identity
and receives appropriate credentials, such as a session token. An identity token may also be
obtained through an external identity provider that has a trust relationship with the cloud service
provider. Operations and data are made accessible to the connection authenticated by the
credentials or identity token.
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 20
DMTF Security Architecture
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 21
DMTF: Policy Examples
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 22
DMTF:Policy
Examples
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 25
http://cloudusecases.org (version 4 July 2010)
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 26
htt
p:/
/clo
ud
us
ec
as
es
.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 27
htt
p:/
/clo
ud
us
ec
as
es
.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 32
htt
p:/
/clo
ud
us
ec
as
es
.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 35
htt
p:/
/clo
ud
us
ec
as
es
.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 36
http://cloudusecases.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 37
http://cloudusecases.org
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 38
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 39
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 40
Governance Domains
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 41
Operational Domains
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 42
Op
era
tio
na
l D
om
ain
s
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 43
Op
era
tio
na
l D
om
ain
s
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 44
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 45
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 46
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 47
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 48
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 49
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 50
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 51
ENISA
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 52
Th
e r
ea
l w
orl
d
Copyright © 2010, Oracle and/or its affiliates. All rights reserved. 53