Upload
vic-winkler
View
767
Download
5
Tags:
Embed Size (px)
DESCRIPTION
Vic Winkler's 2011 FOSE presentation in Washington DC. The talk was based on the book: "Securing the Cloud" (Elsevier 2011).Highlights:--Top 10 Cloud Security Concerns;--Is organizational control good for cloud security?; --Architectural examples for cloud security
Citation preview
Booz | Allen | Hamilton
NGI-4: CloudThe Technical Foundations of Security and Interoperability
Vic WinklerJuly 2011
Washington, DC
Overview
Booz | Allen | Hamilton
The Technical Foundations of Security and Interoperability
This presentation is based on my book:
“Securing the Cloud: Cloud Computer Security Techniques and Tactics”
Vic Winkler (Elsevier/Syngress May 2011)
Graphics are Copywrited by Elsevier/Syngress 2011
My experiences in designing, implementing and operating the security for:
“SunGrid” (2004+), “Network.com” (2006+) and “The Sun Public Cloud” (2007+)
…And research into best practices in cloud security (2008-2011)
Previously, I:
Was a pioneer in network and systems based intrusion detection
Designed a B1 trusted Unix system
Graphics copyright Elsevier/Syngress 2011 2
Booz | Allen | HamiltonGraphics copyright Elsevier/Syngress 2011 3
A Brief, Distorted View of History
Overview
ContinuingTechnologyEvolution
Booz | Allen | Hamilton
More “Evolution” than “Revolution”
Graphics copyright Elsevier/Syngress 2011 4
So,what
is“cloud”?
Booz | Allen | Hamilton
A Minor Problem With Words…
5
Most common question: Is “cloud” secure?
Booz | Allen | Hamilton 6
Booz Allen:Cloud Computing “Quick Look” Assessment
Business/Mission Technology Security
Governance &Change Management
IT Management Organization
Economics
Policy
The QLA approach analyzes the organization and its potential cloud candidate functions and applications across eight Cloud Computing Factors, providing an in-depth assessment and suitability rating for each.
Booz | Allen | Hamilton
Cloud: A Model for Computing,A Model for Service Delivery
Graphics copyright Elsevier/Syngress 2011 7
• “Cloud Services" – IT model for service delivery: Expressed, delivered and consumed over the Internet or private network– Infrastructure-as-a-Service (IaaS)– Platform-as-a-Service (PaaS)– Software-as-a-Service (SaaS)
• “Cloud Computing”– IT model for computing – Environment composed of IT components
necessary to develop & deliver "cloud services”
Booz | Allen | Hamilton
The Services StackTwo Perspectives
Graphics copyright Elsevier/Syngress 2011 8
What about security?
…“Confidentiality”, “Integrity” and “Availability”?
Booz | Allen | Hamilton
The NIST Cloud Model
Graphics copyright Elsevier/Syngress 2011 9
Booz | Allen | Hamilton
Security Concerns?
• 10. Unknown Risks: Concern that cloud computing brings new classes of risks and vulnerabilities
• 9. Control over Data: User data may be comingled with data belonging to others.
• 8. Legal and Regulatory Compliance: It may be difficult (unrealistic?) to utilize public clouds when data is subject to legal restrictions or regulatory compliance
• 7. Disaster Recovery and Business Continuity: Cloud tenants and users require confidence that their operations and services will continue despite a disaster
• 6. Security Incidents: Tenants and users need to be informed and supported by a provider
• 5. Transparency: Trust in a cloud provider’s security claims entails provider transparency
• 4. Cloud Provider Viability: Since cloud providers are relatively new to the business, there are questions about provider viability and commitment
• 3. Privacy and Data concerns with public or community clouds: Data may not remain in the same system, raising multiple legal concerns
• 2. User Error: A user may inadvertently leak highly sensitive or classified information into a public cloud
• 1. Network Availability: The cloud must be available whenever you need it
Graphics copyright Elsevier/Syngress 2011 10
Booz | Allen | Hamilton
Security ConcernsSensitive Data & Regulatory Compliance
Graphics copyright Elsevier/Syngress 2011 11
Booz | Allen | Hamilton
Security ConcernsTransparency
Graphics copyright Elsevier/Syngress 2011 12
Booz | Allen | Hamilton
Security ConcernsExample of Private Cloud Concerns
Graphics copyright Elsevier/Syngress 2011 13
Booz | Allen | Hamilton
Security ConcernsTrade Offs
Graphics copyright Elsevier/Syngress 2011 14
Booz | Allen | Hamilton
Cloud Services are Expressed From Cloud IT Infrastructure
Graphics copyright Elsevier/Syngress 2011 15
Booz | Allen | Hamilton
Virtualization and Elastic Service Expression
Graphics copyright Elsevier/Syngress 2011 16
Booz | Allen | Hamilton
Is Organizational Control Good for Security?
Graphics copyright Elsevier/Syngress 2011 17
Booz | Allen | Hamilton
Scope of Control
Graphics copyright Elsevier/Syngress 2011 18
Booz | Allen | Hamilton
IaaS, PaaS and SaaS: Data Ownership
Graphics copyright Elsevier/Syngress 2011 19
Booz | Allen | Hamilton
Organizational Control with Private versus Public
Graphics copyright Elsevier/Syngress 2011 20
Booz | Allen | Hamilton
Cloud Demands Advanced Management Capabilities(This should benefit security)
Graphics copyright Elsevier/Syngress 2011 21
Booz | Allen | Hamilton
Planning for Competitive Pricing (…in other words, “cost-effective security”)
Graphics copyright Elsevier/Syngress 2011 22
Booz | Allen | Hamilton
Planning for Fundamental Changes
Graphics copyright Elsevier/Syngress 2011 23
Booz | Allen | Hamilton
Patterns are Key for Cloud Infrastructure
Graphics copyright Elsevier/Syngress 2011 24
Booz | Allen | Hamilton
…Patterns are Key for Cloud Infrastructure
Graphics copyright Elsevier/Syngress 2011 25
Booz | Allen | Hamilton
…Patterns are Key for Cloud Infrastructure
Graphics copyright Elsevier/Syngress 2011 26
Booz | Allen | Hamilton
ExampleSeparate Paths, Separate Networks
Graphics copyright Elsevier/Syngress 2011 27
Booz | Allen | Hamilton
Example…Separate Paths, Separate Networks
Graphics copyright Elsevier/Syngress 2011 28
Booz | Allen | Hamilton
Assessment:Is it “Correct”, “Secure” and Does it Meet Requirements?
Graphics copyright Elsevier/Syngress 2011 29
Booz | Allen | Hamilton
How Much Assurance?
Graphics copyright Elsevier/Syngress 2011 30
Booz | Allen | Hamilton
Operationally, How Will you Know?
Graphics copyright Elsevier/Syngress 2011 31
Booz | Allen | Hamilton
Security MonitoringA High-Volume Activity
Graphics copyright Elsevier/Syngress 2011 32
Booz | Allen | Hamilton
Monitoring Really Wants To BeA Near-Real-Time Feedback Loop
Graphics copyright Elsevier/Syngress 2011 33
Booz | Allen | Hamilton
Beyond Security MonitoringIntegrated Operational Security
Graphics copyright Elsevier/Syngress 2011 34
Booz | Allen | Hamilton
ExampleSecurity Use for CMDB
Graphics copyright Elsevier/Syngress 2011 35
Booz | Allen | Hamilton
Defense-in-Depth in Infrastructure
Graphics copyright Elsevier/Syngress 2011 36
Booz | Allen | Hamilton
What are the BIG Lessons?
• Provider– Model T approach: Any color the customer wants …as long as it’s “black”
• Special requests undercut profits– Plan ahead: Focus on eventual operations costs and on the certainty of change to the infrastructure– Seek to automate almost everything:
• Identify procedures/processes to drive down costs• Identify and refine patterns
– Segregate information• Don’t mix infrastructure management information • …with security information • …with customer data …etc.
– Architect for completely separate paths:• (Public) (Infrastructure control) (Network device control) (Security management)• Entails a differentiated set of networks• Isolate, Isolate, Isolate• Encrypt, Encrypt, Encrypt
• Consumer– Who is the provider?– What are you really buying? Transparency, independent verification, indemnification?
37
Booz | Allen | Hamilton
Thank You
Business: [email protected]
Personal: [email protected]
Phone: 703.622.7111
“Securing the Cloud: Cloud Computer Security Techniques and Tactics”
Vic Winkler (Elsevier/Syngress 2011)
Graphics copyright Elsevier/Syngress 2011 38