Wednesday, April 29, 2009

cloud security

Security is one of the most often-cited objections to cloud computing; analysts and skeptical companies ask "who would trust their essential data 'out there' somewhere?" We didn't focus on security extensively in our paper, and we wanted to offer our analysis of what the major security concerns are with cloud computing, and what might be done about them. These are preliminary thoughts; we welcome comments and criticism. Security is not our primary area of interest, and we'd love to hear from people with operational experience.

The security issues involved in protecting clouds from outside threats are similar to those already facing large datacenters, except that responsibility is divided between the cloud user and the cloud operator. The cloud user is responsible for application-level security. The cloud provider is responsible for physical security, and likely for enforcing external firewall policies. Security for intermediate layers of the software stack is a shared between the user and the operator; the lower the level of abstraction exposed to the user, the more responsibility goes with it. Amazon EC2 users have more responsibility for their security than do Azure users, who in turn have more responsibilities than AppEngine customers. This user responsibility, in turn, can be outsourced to third parties who sell specialty security services. The homogeneity and standardized interfaces of platforms like EC2 makes it possible for a company to offer, say, configuration management or firewall rule analysis as value-added services. Outsourced IT is familiar in the enterprise world; there is nothing intrinsicaly infeasible about trusting third parties with essential corporate infrastructure.

While cloud computing may make external-facing security easier, it does pose the new problem of internal-facing security. Cloud providers need to guard against theft or denial of service attacks by users. Users need to be protected against one another.

The primary security mechanism in today's clouds is virtualization. This is a powerful defense, and protects against most attempts by users to attack one another or the underlying cloud infrastructure. However, not all resources are virtualized and not all virtualizion environments are bug-free. Virtualization software has been known to contain bugs that allow virtualized code to "break loose" to some extent. [1] Incorrect network virtualization may allow user code access to sensitive portions of the provider's infrastructure, or to the resources of other users. These challenges, though, are similar to those involved in mangaging large non-cloud datacenters, where different applications need to be protected from one another. Any large internet service will need to ensure that one buggy service doesn't take down the entire datacenter, or that a single security hole doesn't compromise everything else.

One last security concern is protecting the cloud user against the provider. The provider will by definition control the "bottom layer" of the software stack, which effectively circumvents most known security techniques. Absent radical changes in security technology, we expect that users will use contracts and courts, rather than clever security engineering, to guard against provider malfeasence. The one important exception is the risk of inadvertent data loss. It's hard to imagine Amazon spying on the contents of virtual machine memory; it's easy to imagine a hard disk being disposed of without being wiped, or a permissions bug making data visible improperly.

There's an obvious defense, namely user-level encryption of storage. This is already common for high-value data outside the cloud, and both tools and expertise are readily available. The catch is that key management is still challenging: users would need to be careful that the keys are never stored on permanent storage or handled improperly. Providers could make this simpler by exposing APIs for things like curtained memory or security sensive storage that should never be paged out.

[1] Indeed, even correct VM environments can allow the virtualized software to "escape" in the presence of hardware errors. See Sudhakar Govindavajhala and Andrew W. Appel, Using Memory Errors to Attack a Virtual Machine. 2003 IEEE Symposium on Security and Privacy, pp. 154-165, May 2003.

59 comments:

  1. Cloud security will be the number one FUD story used to keep enterprises at the status quo by those that benefit from the status quo.

    The truth however is that the post-condition invariants required to have correct security in public and private clouds, namely Integrity, Confidentiality, and Availability, don't depend on physical proximity.

    ReplyDelete
    Replies
    1. I am really enjoying reading your well written articles. It looks like you spend a lot of effort and time on your blog. I have bookmarked it and I am looking forward to reading new articles. Bandar Bola

      Delete
  2. @Anthony Tarlano: Integrity, confidentiality, and, availability certainly depend on physical proximity. Let say that VMs from two customers end up on the same physical machine in the cloud. If the hypervisor does not enforce isolation between these machines, one VM can affect the other VM by modifying its memory or its CPU state. There is nothing the affected VM can do to prevent this; it has to rely on the hypervisor.

    Are you sure your cloud's hypervisor provides perfect isolation between VMs?

    ReplyDelete
    Replies
    1. It is perfect time to make some plans for the future and it is time to be happy. I’ve read this post and if I could I desire to suggest you some interesting things or suggestions. Perhaps you could write next articles referring to this article. I want to read more things about it ! see more link ibcbet, 338a indonesia

      Delete
    2. One secret of success in life is for a man to be ready for his opportunity when it comes.
      stage magic

      Delete
  3. Mihai,

    Invariants are the requirements that represent the target of engineering a correct solution, they shouldn't be confused with a particular system implementation..

    Having said that lets see what we can engineer to meet the correctness invariant.

    There is nothing *any* host hypervisor can do to data if the the requirements of confidentiality and integrity are preserved in a correct implementation where those two invariant holds.. nothing..

    There are many ways to engineer a system to meet this requirement, as there always are, but we only need one to prove correctness, so a system where a Trusted Platform Module (TPM) is constructed, where an invariant holds that the TPM is always outside the isolation boundary of the hypervisor would provide such a correct system.

    Okay there you are.. Remember to always try to solve the problem and if you need another component then your current system at hand gives you, use composition and add it.. That is engineering..

    Anthony

    ReplyDelete
    Replies
    1. This is really interesting take on the concept.I never thought of it that way. I came across this site recently which I think it will be a great use of new ideas and informations. Thank you for sharing it with us or my web about information agen 338a online

      Delete
  4. I think that there's a difference between the physical shared environments in corporate data centres and clouds as there are many restrictions on who can get access to the resources in a corporate data centre, so the real defences in place are actually quite weak. Indeed, they are often absent, but the poor auditing of the systems does not throw this up.

    In practice, it seems hard to me to target a specific entity to breach its CIA unless the VMs can identify each other or specific storage resources.

    @Anthony
    I don't think that the issue is the theoretical proximity provability. Your argument makes sense. However, you've introduced a new hardware requirement, which means that the VMs cannot see the whole platform and therefore cannot be VMs as they are currently envisaged. That may be a reasonable constraint, especially for Linux based OSes.

    ReplyDelete
  5. Thanks for sharing information on cloud computing. I got a complete information about the Cloud computing and its services from the Cloud Computing and Virtual Conference 2009 which is the World's largest and virtual conference on Cloud computing. I got a good opportunity to meet and talk with the World's leading experts on Cloud computing.

    ReplyDelete
  6. I completely agree with you Dan. I was at streaming media east and spoke to a lot of customers and their comments resonated with your observation.
    operatore video

    ReplyDelete
  7. When I used xanax generic for hte first time it was very effective. But last time xanax doesn't worked for me...

    ReplyDelete
  8. Earlier rumors suggest that the iphone 5 will come up with amazing and improved features including a “radical new design"....The Best Android

    ReplyDelete
    Replies
    1. I enjoy a couple of from the Information which has been written, and particularly the comments posted! I will definitely be visiting again!
      taruhan bola terpercaya, agen ibcbet online

      Delete
  9. magic bullet
    Thanks for sharing information on cloud computing. I got a complete information about the Cloud computing

    ReplyDelete
  10. we welcome comments and criticism. Security is not our primary area of interest, and we'd love to hear from people with operational experience.
    magic bullet
    goraka
    bullet express
    kosmo disk
    sauna esofman

    ReplyDelete
  11. This is the perfect blog for anyone who wants to know about this topic. You know so much its almost hard to argue with you (not that I really would want...HaHa). You definitely put a new spin on a subject thats been written about for years. Great stuff, just great! Centro Metro

    ReplyDelete
  12. Mantaffff niceeeee pokk postt sobbb....
    Sepeda Polygon

    ReplyDelete
  13. ksjkdjkas sjdsajdsha sdsdhsdsh sdjksdhjshdshda asjdjsdsd
    Suzuki GW250

    Kata Kata Bijak

    ReplyDelete
  14. oisaiodmasdmaskllkad ksadk sadkklsd asdskdlad
    little titties really rocks.I loved it a lot.
    Desain Kamar Tidur
    Tattoo Design

    ReplyDelete
  15. asdjksakdjkas sjkdajdjla sjkdasll sadkasjdl lsajd
    Kata Kata Motivasi

    ReplyDelete
  16. http://www.filmterkini.com/2011/11/download-film-indonesia-terbaru-2012.html Download Film Indonesia
    http://www.modelterbaru.info/2011/12/model-rambut-wanita-populer-2012.html
    http://info-onliners.blogspot.com
    http://blogger-jepara.blogspot.com/2011/12/cara-menghilangkan-bekas-jerawat-dengan.html
    http://www.filmterkini.com/2011/12/download-film-drama-korea-terbaru-2012.html - Drama Korea Terbaru

    ReplyDelete
  17. This is the perfect blog for anyone who wants to know about this topic. You know so much its almost hard to argue with you (not that I really would want...HaHa). You definitely put a new spin on a subject thats been written about for years. Great stuff, just great! Agen Sbobet Sbobet Ibcbet Casino Sbobet Pasar Bola

    ReplyDelete
  18. sadskladkl affasfbsdsdAnda mencari kumpulan resep kue kering yang enak? Well, pada postingan kali ini Blogger Jepara akan sedikit memberikan beberapa contoh cara membuat kue kering yang enak dan mantab untuk anda nikmati di rumah bersama keluarga. Resep Kue Kering

    ReplyDelete
  19. online business cards

    Great article and this is good initiative and i appreciate it.
    This step is running toward the progress and prosperity.

    ReplyDelete
  20. Thanks for posting this one, I learned a lot from it. Very informative and it'a great article. Keep it up!
    family vacation waikiki hotel

    ReplyDelete
  21. This comment has been removed by the author.

    ReplyDelete
  22. Excellent written post. thanks for sharing with us.
    Dissertation Help

    ReplyDelete
  23. Thank you for sharing to us.there are many person searching about that now they will find enough resources by your post.I would like to join your blog anyway so please continue sharing with us. Agen Judi Online 338A Sbobet Casino Agen Sbobet

    ReplyDelete
  24. Great post! I?m just starting out in community management/marketing media and trying to learn how to do it well - resources like this article are incredibly helpful. As our company is based in the US, it?s all a bit new to us. The example above is something that I worry about as well, how to show your own genuine enthusiasm and share the fact that your product is useful in that case. Agen Casino Ibcbet Sbobet Casino

    ReplyDelete
  25. Great post! I?m just starting out in community management/marketing media and trying to learn how to do it well - resources like this article are incredibly helpful. As our company is based in the US, it?s all a bit new to us. The example above is something that I worry about as well, how to show your own genuine enthusiasm and share the fact that your product is useful in that case. Agen Bola Sbobet Sbobet Ibcbet

    ReplyDelete
  26. Its a great pleasure reading your post.Its full of information I am looking for and I love to post a comment that "The content of your post is awesome Great work. Bandar Bola

    ReplyDelete
  27. At TechTrendsIT we believe that Cloud Application Development Service will drive future technology strategy and help business grow effectively. We suggest and give a strong recommendation to our clients to consider a “cloud first policy” while designing and deploying web application and mobile applications.

    ReplyDelete