security in the cloud: can you trust what you can’t touch?
DESCRIPTION
Security in the Cloud: Can You Trust What You Can’t Touch?. Rob Johnson Security Architect, Cloud Engineering Unisys Corp. Security in the Cloud: Agenda. Introductions What is Cloud Computing, and what are the risks? Cloud Security Architecture Multi-Tenancy Considerations Wrap-up. - PowerPoint PPT PresentationTRANSCRIPT
Security in the Cloud:Can You Trust What You Can’t Touch?
Rob JohnsonSecurity Architect, Cloud EngineeringUnisys Corp.
Page 2
Security in the Cloud: Agenda
• Introductions• What is Cloud Computing, and what are the risks?• Cloud Security Architecture• Multi-Tenancy Considerations• Wrap-up
Page 3
Security in the Cloud: Introductions
• Who am I?– Rob Johnson, Distinguished Engineer, Unisys Corp.
– 30 years doing I/O, networking, and security
• Who is Unisys?– 130+ year heritage
– Provides technology, services, and solutions to the world’s largest enterprises
• Who are You?
Page 4
Security in the Cloud: What is Cloud Computing?
• National Institute of Standards and Technology (NIST): http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc– Essential Characteristics: On-demand self-service, Broad
network access, Resource pooling, Rapid elasticity, Measured service
– Service Models: Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS)
– Deployment Models: Private cloud, Community cloud, Public cloud, Hybrid cloud
– On/off Premise
• Security controls being defined by industry: FedRAMP, PCI DSS v2.0, etc.
Page 5
Security in the Cloud: What are the Risks?
• #1 Loss of control of assets (applications and data)– Where are they?
– How many copies are there?
– Who can access them?
• #2 Compliance– Regulatory Audits: PCI DSS v2, HIPAA, COBIT, FedRAMP,
etc.
– Jurisdictional Boundaries: Patriot Act, Data locality regulations
• #3 Provider Transparency– Process visibility
– Audit, logging, and Incident Event Management (IEM)
Page 6
Cloud Computing: Service Models
• Software as a Service (SaaS):– Complete application environment supplied and
managed by the Cloud Provider, not tenant
• Platform as a Service (PaaS)– Provider supplies an application development
and execution environment.
– Tenant can secure data and inter-process communication.
• Infrastructure as a Service (IaaS)– Provider supplies the infrastructure components
(compute, network, storage), but little else.
– Tenant runs a virtual data center.
Infrastructure as a Service
Platform as a Service
Software as a Service
Page 7
Security in the Cloud: Cloud Security Architecture
• Service Models wrapped in Access Planes
Provider Administration
End
Use
r Acc
ess
Tenant Administration
Infrastructure as a Service
Platform as a Service
Software as a Service
Intra
-Clo
ud A
cces
s
Page 8
Cloud Security Architecture: Access Planes
• Service Models wrapped in Access Planes– Provider Administration:
Controls and manages the service components
• IaaS: Hypervisors, vSwitches, vFirewalls, storage vLUNs, etc.
• PaaS: VMs for hosting applications, web services, storage containers, load balancers, etc.
• SaaS: Application suites, databases, identity management, etc.
Provider Administration
End
Use
r Acc
ess
Tenant Administration
Infrastructure as a Service
Platform as a Service
Software as a Service
Intra
-Clo
ud A
cces
s
Page 9
Cloud Security Architecture: Access Planes
• Service Models wrapped in Access Planes– Provider Administration
– Tenant Administration:Manages per-Tenant components
• IaaS: VMs, vFirewalls, vLUNs
• PaaS: Applications, object stores
• SaaS: Users, application data objects
Provider Administration
End
Use
r Acc
ess
Tenant Administration
Infrastructure as a Service
Platform as a Service
Software as a Service
Intra
-Clo
ud A
cces
s
Page 10
Cloud Security Architecture: Access Planes
• Service Models wrapped in Access Planes– Provider Administration
– Tenant Administration
– End User Access• IaaS: VM console (RDP,
rsh, etc.)• PaaS: Distributed apps
(SOA, webapps), test/dev, etc.
• SaaS: Application presentation
Provider Administration
End
Use
r Acc
ess
Tenant Administration
Infrastructure as a Service
Platform as a Service
Software as a Service
Intra
-Clo
ud A
cces
s
Page 11
Cloud Security Architecture: Access Planes
• Service Models wrapped in Access Planes– Provider Administration
– Tenant Administration
– End User Access
– Intra-Cloud Access• Service-to-service• Intra-tenant• Web services
Provider Administration
End
Use
r Acc
ess
Tenant Administration
Infrastructure as a Service
Platform as a Service
Software as a Service
Intra
-Clo
ud A
cces
s
Page 12
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
• Identity and Access Management:“Who are you, and why do they keep sending you here?”
• Transparency:“Where are my assets, and who is doing what to them?”
Page 13
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process• Memory• Processors and caches• NICs• HBAs• etc.
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Page 14
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process
– Data in Motion• Cloud Intranet
– VLANs and Firewalls
– Cryptographic Communities of Interest
─ IPsec─ SSL─ Unisys Stealth
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Page 15
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process
– Data in Motion• Cloud Intranet• Extranet / Internet
– Tenant DMZs
– Site-to-site VPNs
– Remote users
– Web access
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Page 16
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process
– Data in Motion
– Data at Rest• Network Attached Storage
(NAS)– Per-tenant file servers
– Access Control Lists (ACLs)
– Encrypted File Systems
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Page 17
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process
– Data in Motion
– Data at Rest• Network Attached Storage
(NAS)• Storage Area Network
(SAN)– Virtualized LUNs
– Encryption / Authentication
– Replication / Dispersal
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Page 18
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
– Data in Process
– Data in Motion
– Data at Rest• Network Attached Storage
(NAS)• Storage Area Network
(SAN)• PaaS storage objects &
containers
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Page 19
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
• Identity & Access Management:“Who are you, and why do they keep sending you here?”– Identification: Who are you?
– Authentication: Prove you are who you say you are.
– Authorization: What are you allowed to do / what is your role?
– Validation: Double-check before executing
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Active Directory
Active Directory
Page 20
Security in the Cloud: Multi-Tenancy Considerations
• Isolation and Containment: Tenants Share Physical Resources
• Identity & Access Management:“Who are you, and why do they keep sending you here?”
• Transparency:“Where are my assets, and who is doing what to them?”– Accountability: All actions are
securely audited
– Chargeability: Pay-for-play
– SLAs: Availability, scalability,performance, etc.
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Memory
Hardware Resources (CPUs, NICs, HBAs)
Hypervisor
VM-1a
VM-1b
VM-2a
VM-2b
VM-3a
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Tenant DMZ
Firewall Intrusion Detection Anti-virus
Internet
Active Directory
Active Directory
Page 21
Security in the Cloud: Wrap-up
• Cloud Computing = losing control of assets (data, applications)
• Secure Cloud Computing = regaining control through identity management, secure networking, secure storage, and provider transparency
Questions?