The Cloud Computing

Paradigm
Hassan Takabi
LERSAIS @ SIS @ PITT
01-27-2011
 Agenda
Understanding Cloud Computing
Cloud Computing Security
Secure Cloud Migration Paths
Foundational Elements of Cloud
Computing
Cloud Computing Case Studies and
Security Models

2
Understanding Cloud Computing

3
 Origin of the term Cloud
Computing
Comes from the early days of the Internet where we
drew the network as a cloud we didnt care where
the messages went the cloud hid it from us Kevin
Marks, Google
First cloud around networking (TCP/IP abstraction)
Second cloud around documents (WWW data
abstraction)
The emerging cloud abstracts infrastructure
complexities of servers, applications, data, and
heterogeneous platforms
(muck as Amazons CEO Jeff Bezos calls it)

4
 A Working Definition of Cloud
Computing

Cloud computing is a model for enabling

convenient, on-demand network access to
a shared pool of configurable computing
resources (e.g., networks, servers, storage,
applications, and services) that can be
rapidly provisioned and released with
minimal management effort or service
provider interaction.
This cloud model promotes availability and is
composed of five essential characteristics, three
service models, and four deployment models.

5
Essential Cloud Characteristics
On-demand self-service
Get computing capabilities as needed
automatically
Broad network access
Services available over the net
using desktop, laptop, PDA,
mobile phone

6
 Essential Cloud Characteristics
(Cont.)
Resource pooling
Location independence
Provider resources pooled to server multiple
clients
Rapid elasticity
Ability to quickly scale in/out service
Measured service
control, optimize services based on
metering
7
 Cloud Service Models

Cloud Software as a Service (SaaS)

Use providers applications over a network
User doesnt manage or control the network,
servers, OS, storage or applications
Cloud Platform as a Service (PaaS)
Users deploy their applications on a cloud
Users control their apps
Users dont manage servers, IS, storage

8
 Cloud Service Models
(Cont.)
Cloud Infrastructure as a Service (IaaS)
Rent processing, storage, network capacity, and
other fundamental computing resources
Consumers gets access to the
infrastructure to deploy their stuff
Dont manage or control the infrastructure
Do manage or control the OS, storage,
apps, selected network components
To be considered cloud they must be
deployed on top of cloud infrastructure that
has the key characteristics

9
Service Model Architectures

10
 Cloud Deployment Models
Private cloud
single org only,
managed by the org or a 3rd party,
on or off premise
Community cloud
shared infrastructure for specific
community
several orgs that have shared concerns,
managed by org or a 3rd party
11
 Cloud Deployment Models
(Cont.)
Public cloud
Sold to the public, mega-scale
infrastructure
available to the general public
Hybrid cloud
composition of two or more clouds
bound by standard or proprietary
technology

12
 Common Cloud
Characteristics
Cloud computing often leverages:
Massive scale
Homogeneity
Virtualization
Resilient computing
Low cost software
Geographic distribution
Service orientation
Advanced security technologies

13
 The NIST Cloud Definition
Framework
Hybrid
Clouds
Deployment
Privat Community Public
Models
e Cloud Cloud
Cloud
Service Software as a Platform as a Infrastructure as
Models Service (SaaS) Service (PaaS) a Service (IaaS)

On Demand Self-Service
Essential
Broad Network Access Rapid Elasticity
Characteristics
Resource Pooling Measured Service

Massive Scale Resilient Computing

Common Homogeneity Geographic Distribution

Characteristics Virtualization Service Orientation
Low Cost Software Advanced Security 14
Cloud Computing Security

15
Security is the Major Issue

16
 General Security
Advantages
Shifting public data to a external
cloud reduces the exposure of the
internal sensitive data
Cloud homogeneity makes security
auditing/testing simpler
Clouds enable automated security
management
Redundancy / Disaster Recovery

17
 General Security
Challenges
Trusting vendors security model
Customer inability to respond to audit
findings
Obtaining support for investigations
Indirect administrator accountability
Proprietary implementations cant be
examined
Loss of physical control
18
 Security Relevant Cloud
Components
Cloud Provisioning Services
Cloud Data Storage Services
Cloud Processing Infrastructure
Cloud Support Services
Cloud Network and Perimeter
Security
Elastic Elements: Storage,
Processing, and Virtual Networks
19
 Provisioning Service
Advantages
Rapid reconstitution of services
Enables availability
Provision in multiple data centers / multiple
instances
Advanced honey net capabilities
Challenges
Impact of compromising the provisioning
service
20
 Data Storage Services
Advantages
Data fragmentation and dispersal
Automated replication
Provision of data zones (e.g., by country)
Encryption at rest and in transit
Automated data retention
Challenges
Isolation management / data multi-tenancy
Storage controller
Single point of failure / compromise?
Exposure of data to foreign governments

21
 Cloud Processing
Infrastructure
Advantages
Ability to secure masters and push out
secure images
Challenges
Application multi-tenancy
Reliance on hypervisors
Process isolation / Application sandboxes

22
 Cloud Support Services
Advantages
On demand security controls (e.g.,
authentication, logging, firewalls)
Challenges
Additional risk when integrated with
customer applications
Needs certification and accreditation as
a separate application
Code updates
23
 Cloud Network and Perimeter
Security
Advantages
Distributed denial of service protection
VLAN capabilities
Perimeter security (IDS, firewall,
authentication)
Challenges
Virtual zoning with application mobility

24
 Cloud Security Advantages
Data Fragmentation and Dispersal
Dedicated Security Team
Greater Investment in Security Infrastructure
Fault Tolerance and Reliability
Greater Resiliency
Hypervisor Protection Against Network
Attacks
Possible Reduction of C&A Activities (Access
to Pre-Accredited Clouds)
25
Cloud Security Advantages
(Cont.)
Simplification of Compliance Analysis
Data Held by Unbiased Party (cloud
vendor assertion)
Low-Cost Disaster Recovery and Data
Storage Solutions
On-Demand Security Controls
Real-Time Detection of System Tampering
Rapid Re-Constitution of Services
Advanced Honeynet Capabilities
26
Cloud Security Challenges

Data dispersal and international privacy

laws
EU Data Protection Directive and U.S. Safe
Harbor program
Exposure of data to foreign government and
data subpoenas
Data retention issues
Need for isolation management
Multi-tenancy
Logging challenges
Data ownership issues
Quality of service guarantees
27
Cloud Security Challenges
(Cont.)
Dependence on secure hypervisors
Attraction to hackers (high value target)
Security of virtual OSs in the cloud
Possibility for massive outages
Encryption needs for cloud computing
Encrypting access to the cloud resource control
interface
Encrypting administrative access to OS instances
Encrypting access to applications
Encrypting application data at rest
Public cloud vs internal cloud security
Lack of public SaaS version control
28
 Additional Issues
Issues with moving PII and sensitive data to
the cloud
Privacy impact assessments
Using SLAs to obtain cloud security
Suggested requirements for cloud SLAs
Issues with cloud forensics
Contingency planning and disaster recovery
for cloud implementations
Handling compliance
FISMA
HIPAA
SOX
PCI
SAS 70 Audits 29
Obstacles & Opportunities

30
31
 Unique Features
Outsourcing Data and Applications
Extensibility and Shared Responsibility
Multi-tenancy
Service-Level Agreements
Virtualization and Hypervisors
Heterogeneity
Compliance and Regulations

32
Security Implications

33
 Security and Privacy
Challenges
Authentication and Identity
Management
interoperability
password-based: inherited limitation
How multi-tenancy can affect the privacy of
identity information isnt yet well
understood.
multi-jurisdiction issue
integrated with other security components.

34
 Security and Privacy
Challenges
Access Control and Accounting
Heterogeneity and diversity of services,
as well as the domains diverse access
requirements
capture dynamic, context, or attribute- or
credential-based access requirements
integrate privacy-protection requirements
interoperability
capture relevant aspects of SLAs

35
 Security and Privacy
Challenges
Trust Management and Policy Integration
compose multiple services to enable bigger
application services
efficiently capturing a generic set of
parameters required for establishing trust and
to manage evolving trust and
interaction/sharing requirements
address challenges such as semantic
heterogeneity, secure interoperability, and
policy-evolution management.

36
 Security and Privacy
Challenges
Secure-Service Management
WSDL cant fully meet the requirements
of cloud computing services description
issues such as quality of service, price,
and SLAs
automatic and systematic service
provisioning and composition framework
that considers security and privacy
issues

37
 Security and Privacy
Challenges
Privacy and Data Protection
storing data and applications on systems that
reside outside of on-premise datacenters
shared infrastructure, risk of potential
unauthorized access and exposure.
Privacy-protection mechanisms must be
embedded in all security solutions.
Provenance
Balancing between data provenance and
privacy

38
 Security and Privacy
Challenges
Organizational Security Management
shared governance can become a
significant issue if not properly
addressed
Dependence on external entities
the possibility of an insider threat is
significantly extended when outsourcing
data and processes to clouds.

39
40
 Security and Privacy
Approaches
Authentication and Identity Management
User-centric IDM
users control their digital identities and takes
away the complexity of IDM from the
enterprises
federated IDM solutions
privacy-preserving protocols to verify various
identity attributes by using, for example,
zero-knowledge proof-based techniques

41
 Security and Privacy
Approaches
Access Control Needs
RBAC
policy-integration needs
credential-based RBAC, GTRBAC,8
location-based RBAC

42
 Security and Privacy
Approaches
Secure Interoperation
Multi-domain
centralized approach
decentralized approaches
specification frameworks to ensure that
the cross-domain accesses are properly
specified, verified, and enforced
Policy engineering mechanisms

43
 Security and Privacy
Approaches
Secure-Service Provisioning and
Composition
Open Services Gateway Initiative (OSGi)
Declarative OWL-based language can be
used to provide a service definition
manifest, including a list of distinct
component types that make up the
service, functional requirements,
component grouping and topology
instructions
44
 Security and Privacy
Approaches
Trust Management Framework
trust-based policy integration
Delegation
must be incorporated in service
composition framework

45
 Security and Privacy
Approaches
Data-Centric Security and Privacy
shifts data protection from systems and
applications
documents must be self-describing and
defending regardless of their
environments.

46
 Security and Privacy
Approaches
Managing Semantic Heterogeneity
semantic heterogeneity among policies
Use of an ontology is the most
promising approach
policy framework and a policy
enforcement architecture
inference engines

47
Questions?

48