Welcome to

CSD3006 CLOUD SECURITY MANAGEMENT

G.GANESAN, B.E (CSE)., M.E (CSE)., M.S(IT)., MISTE.,

Assistant Professor,
School of Computing Science and Engineering.
+91-9500234437
[email protected]
 Discussion Chapters

(1) Cloud Security and Trust Management

(2) Cloud Security Risks
(3)Cloud Security Challenges
(4) Software-as-a-Service Security
(5) Security Governance
1. CLOUD SECURITY AND TRUST
MANAGEMENT
 Introduction
Traditional Internet technology can enhance trust, justice,
reputation, credit, and assurance for application users.
Trust is a social problem, not a pure technical issue. However,
the social problem can be solved with a technical approach.
As a virtual environment, the cloud poses new security threats
that are more difficult to contain than traditional client and
server configurations.
A healthy cloud ecosystem is desired to free users from abuses,
violence, cheating, hacking, viruses, rumors, pornography,
spam, privacy, and copyright violations.
In cloud security models are based on various SLAs between
providers and users.
 Basic Cloud Security
Three basic cloud security enforcement are expected.
1. Facility Security: Data centers demands on-site security year
round. Bio-metric readers, CCTV (close-circuit TV), motion
detection, and man traps are often deployed.
2. Network Security: It demands fault-tolerant external
firewalls, intrusion detection systems (IDSes), and thrid-party
vulnerability assessment.
3. Platform Security: It demands Secure Socket Layer (SSL)
and data decryption, strict password policies, and system trust
certification.
 Basic Cloud Security contd...
Servers in the cloud can be physical machines or VMs.
User interfaces are applied to request services.
The provisioning tool carves out the systems from the cloud to
satisfy the requested service.
A security-aware cloud architecture demands security
enforcement.
Malware-based attacks such as network worms, viruses, and
DDoS attacks exploit system vulnerabilities. These attacks
compromise system functionality or provide intruders
unauthorized access to critical information.
Thus, security defense are needed to protect all cluster servers
and data centers.
 Basic Cloud Security contd...
Some cloud components that demand special security
protection:
* Protection of servers from malicious software attacks such as
worms, viruses, and malware.
* Protection of hypervisor or VMM from software-based attacks
and vulnerabilities.
* Protection of VMs and VMM from service disruption and DoS
attacks.
* Protection of data and information from theft, corruption, and
natural disaster.
* Providing authenticated and authorized access to critical data
and services.
2. CLOUD SECURITY RISKS
 Introduction
Risks and threats inherent in traditional IT computing, cloud
computing presents an organization with its own set of security
issues.
Cloud computing Risk to Privacy Assurance and Compliance
Regulations:
1.How cloud computing presents a unique risk to traditional
concept of data, identity, and access management traversing
infrastructure.
2.How those risks and threats may be unique to cloud service
providers (CSPs).
CIA Triad:
The fundamental of information security are:
Confidentiality, Integrity, and Availability.
 Confidentiality
Confidentiality:
Prevention of intentional or unintentional unauthorized disclosure
of contents.
Loss of confidentiality can occur in many ways:
Intentional release of private company information or through a
misapplication of network rights.
Telecommunication elements to ensure confidentiality are:
Network Security Protocols.
Network Authentication Services.
Data Encryption Services.
 Integrity
Integrity:
Guarantee the message sent is the message received and that the
message is not intentionally or unintentionally altered.
Elements to ensure Integrity are:
Firewall Services.
Communications Security Management
Intrusion Detection Services.
 Availability
Availability:
Create reliability and stability in networks and systems.
It ensures connectivity is accessible when needed.
Allowing authorized users to access the network or systems.
Elements to ensure availability are:
Fault tolerance for data availability – Backups and Redundant
Disk systems.
Acceptable Logins and Operating Process Performance.
Reliable and interoperable security processes and Network
security mechanisms.
 Other concepts
Other concepts in Traditional IT & Cloud Computing are:
Identification: Which users claim their identities to a system.
Mostly used for Access Control, Identification is necessary for
Authentication and Authorization.
Authentication: Testing of evidence of a user’s identity.
Authorization: The rights and permission granted to an individual
or process that enable access to a computer resources.
Accountability: A systems capability is to determine the actions
and behaviors of a single individual within a system and to identify
that particular individual. Audit trails and Logs support
accountability.
Privacy: The level of confidentiality and privacy protection given
to a user in a system.
3. CLOUD SECURITY CHALLENGES
 Introduction
Traditional network attacks: buffer overflows, DoS, spyware,
malware, rootkit, Trojan horses, and worms.
In a cloud environment: Hypervisor malware, Guest hopping,
Guest hijacking, VM rootkits. Man-in-middle attack for VM
migration.
Passive attacks steal sensitive data or passwords. Active attacks
may manipulate kernel data structures which will cause major
damage to cloud servers.
An IDS can be a NIDS or a HIDS. Program shepherding can be
applied to control and verify code execution.
Other using the RIO dynamic optimization infrastructure, or
VMware’s vSafe and vShield tools, security compliance for
hypervisor, and Intel vPro technology. Others apply hardened OS
environment or use isolated execution and sandboxing.
 Cloud Defence Methods
“Virtualization enhance cloud security”.
A single physical machine can be divided or partitioned into
multiple VMs using virtualization. This provide each VM with
better security isolation and each partition contained from
affecting the other VMs.
One VM failures do not propagate to other VMs. The hypervisor
provides visibility of the guest OS, with complete guest isolation.
Fault containment and failure isolation of VMs provide a more
secure and robust environment.
Malicious intrusion may destroy valuable hosts, networks, and
storage resources.
Internet anomalies found in routers, gateways, and distributed
hosts may stop cloud services.
 Cloud Defence Methods – contd...
Trust negotiation is often done at the SLA level.
Public Key Infrastructure (PKI) services could be augmented with
data-center reputation systems.
Worm and DDoS attacks must be contained.
It is harder to establish security in the cloud because all data and
software are shared by default.
 Defence with Virtualization
The VM is decoupled from the physical hardware. The entire VM
can be represented as a software component and can be regarded
as binary or digital data.
The VM can be saved, cloned, encrypted, moved, or restored with
ease. VMs enable HA and faster disaster recovery.
Live migration of VMs for building Distributed Intrusion
Detection Systems (DIDSes). Multiple IDS VMs can be deployed
at various resource sites including data centers.
DIDS design demands trust negation among PKI domains.
Security policy conflicts must be resolved at design time and
updated periodically.
 Privacy and Copyright Protection
The user gets a predictable configuration before actual system
integration.
Yahoo!: Pipes is a lightweight cloud platform. With shared files
and data sets, privacy, security, and copyright data could be
compromised in a cloud computing environment. Users desire to
work in a software environment that provides many useful tools to
build cloud applications over large data sets.
Google: Cloud platform essentially applies in-house software to
protect resources.
Amazon EC2: It applies HMEC and X.509 certificates in
securing resources. It is necessary to protect browser-initiated
application software in the cloud environment.
 Cloud Security Features
* Dynamic web services with full support from secure web
technologies.
* Established trust between users and providers through SLAs and
reputation systems.
* Effective user identity management and data-access management.
* Single sign-on and sign-off to reduce security enforcement
overhead.
* Auditing and copyright compliance through proactive
enforcement.
* Shifting of control of data operations from the client environment

to cloud providers.
* Protection of sensitive and regulated information in a shared
environment.
DISCUSSION
4. SaaS SECURITY
 Introduction
Cloud computing models combine the use of SaaS, utility
computing, and Web2.0 collaboration technologies to leverage the
Internet to satisfy their customers needs.
Seven Security Issues

1. Privileged User Access: who has specialized access to data, and

about the hiring and management of such administrators.

2. Regulatory Compliance: Make sure that the vendor is willing to
undergo external audits and/or security certifications.
3. Data Location: Does the provider allow for any control over the
location of data?
4. Data Segregation: Make sure that encryption is available at all
stages, and that these encryption schemes were designed and
tested by experienced professionals.
 Introduction contd...
5. Recovery: Find out what will happen to data in the case of a
disaster. Do they offer complete restoration? If so, how long would
that take?
6. Investigative Support: Does the vendor have the ability to
investigate any inappropriate or illegal activity?
7. Long-term Viability: What will happen to data if the company
goes out of business? How will data be returned, and in what
format?
SaaS providers - Need to incorporate and enhance security
practices
SaaS formulated by security management (people), security
governance, risk management, risk assessment, security portfolio
management, security awareness, education and training, policies,
standards, and guidelines.
 Secure Software Development Life Cycle
The SecSDLC involves identifying specific threats and the risks
they represent. The SecSDLC must provide consistency,
repeatability, and conformance.
The SDLC consists of 6 phases, and there are steps unique to the
SecSLDC in each of phases.
Phase-1-Investigation: Define project processes and goals, and
document them in the program security policy.
Phase-2-Analysis: Analyze existing security policies and
programs, current threats and controls, examine legal issues, and
perform risk analysis.
Phase-3-Logical Design: Develop a security blueprint, plan
incident response actions, plan business responses to disaster, and
determine the feasibility of continuing and/or outsourcing the
project.
Secure Software Development Life Cycle contd...
Phase-5-Implementation: Buy or develop security solutions. At
the end of this phase, present a tested package to management for
approval.
Phase-6-Maintenance: Constantly monitor, test, modify, update,
and repair to respond to changing threats.
SecSDLC - Application code is written in a consistent manner that
can easily be audited and enhanced; core application services are
provided in a common, structured, and repeatable manner; and
framework modules are thoroughly tested for security issues
before implementation and continuously retested for conformance
through the software regression test cycle.
Additionally, internal and external penetration testing and
standard security requirements based on data classification.
Formal training and communications should be developed to raise
5. SECURITY GOVERNANCE
 Introduction
A Security steering committee should be developed.
The objective is to focus on
* Providing guidance about security initiatives and alignment with
business and IT strategies.
A charter for the security team is the first deliverable from the steering
committee. This charter must clearly define the roles and responsibilities
of the security team and other groups involved in performing
information security functions.
The security governance should meet the requirements of risk
management, security monitoring, application security, and sales
support.
Lack of proper governance and management duties can result in
potential security risk and miss to improve the business opportunities.
 Data Governance
A formal data governance framework that defines a system of decision
rights and accountability for information-related processes should be
developed.
It describes “who can take what actions with what information” and
“when, under what circumstances”, and “using what methods”.
The data governance framework should include:
 Data Classification
 Data Destruction
 Data Inventory
 Data Protection
 Data Privacy
 Data Retention / Recovery / Discovery
 Data Security
Data level security is the ultimate challenge in cloud computing.
The sensitive data’s are considered in the domain of enterprise.
Security will need to move to the data level so that enterprises can be
sure their data is protected wherever it goes.
For example: The enterprise can specify that this data is not allowed to
go outside of some region area or county based.
It can also force encryption of certain types of data, and permit only
specified users to access the data.
It can provide compliance with the Payment Card Industry Data Security
Standard (PCIDSS).
True unified end-to-end security in the cloud will likely requires an
ecosystem of partners.
 Application Security
Application security is one of the critical factor for a world class SaaS
company.
Application security processes, secure coding guidelines, training, and
testing scripts and tools are typically a collaborative effort between the
security and the development teams.
Product engineering focus on the application layer and need the security
itself for infrastructure layers interacting with applications.
The security team provide the security requirements for the product
development engineers to implement.
External penetration testers are used for application source code reviews,
and attack and penetration tests provide an objective review of the
security of the application.
Fragmented and undefined collaboration on application security can
result in lower-quality design, coding efforts, and testing results.
 Application Security contd...
SaaS providers are having many connections between companies
through the web.
SaaS providers should secure their web applications by Open Web
Application Security Project (OWASP) guidelines for secure application
development and locking down ports and unnecessary commands on
Linux, Apache, MySQL, and PHP (LAMP) stacks in the cloud.
LAMP is an open-source web development platform, also called a web
stack, that uses
Linux as the OS, Apache as the Web Server, MySQL as the relational
database management system RDBMS, and PHP as the object-oriented
scripting language.
Perl or Python is often substituted for PHP.
DISCUSSION
Thank You