How to Drop your Anchor

Transcription

1 How to Drop your Anchor Enabling Trust in Cloud-Based Services Andreas Curiger CTO Securosys SA DIGS DC Day, Sep 16, :30-10:55

2 The Promising World of Cloud Computing Cloud computing offers network access from anywhere to a shared pool of configurable computing resources Cloud computing is especially attractive to SMEs opex vs. capex flexibility reliability helps focus on the business model instead of IT 2

3 Major Issues in Cloud Computing Communicating company-confidential data across the Internet might expose them to cyber attacks Strict separation of different clients data might not be verifiable Transmission of data across national borders might expose clients to legal requirements which clients are unfamiliar with IT might want to retain physical control over its environment 3

4 Building Trust in the Cloud Since banning cloud services within an organization is not an option, IT executives should shift their focus toward building a secure, trusted and audit-ready (STAR) cloud environment. - EY, 2014 Secure: Protect the confidentiality, availability and integrity of the systems and data at rest, in transit and in use Trusted: High availability and resilience to attacks Audit-ready: Continuous compliance and is ified to meet specific industry regulations and legislation 4

5 Data at Rest, in Transit and in Use Mobile User Infrastructure / Data / Apps Corporate Headquarters Infrastructure / Data / Apps Branch Office

6 Data at Rest, in Transit and in Use Mobile User Infrastructure / Data / Apps Corporate Headquarters Infrastructure / Data / Apps Branch Office

7 Data in the Cloud Infrastructure / Data / Apps Mobile User Corporate Headquarters Branch Office

8 Data in the Cloud Infrastructure / Data / Apps Mobile User Corporate Headquarters Branch Office

9 The Role of Trust Trust is the conviction, that s.o./s.th. will be acting predictably based on observed behavior in the past the assurance that systems will behave as specified with respect to functionality, availability and reliability intrinsically attributed to relationships between people 9

10 How to Establish Trust Technically Trust might be amplified, transferred, but also diminished or destroyed by technical means Cryptography provides all the mechanisms required to establish trust Encryption mechanisms Authentication mechanism Key management mechanisms 10

11 Trust-Establishing Mechanisms in Technical Systems User identification Who are you? User authentication Are you the one you claim to be? User authorization according to security policies Grant users roles and access rights to data and applications Data validation Is the data clean and correct? Data authentication Is the data coming from a trusted source? Trust is established through proper authentication of entities and data 11

12 Authentication Techniques N-factor authentication something you know something you have something you are Creation of an identity token / ticket / credentials Digital ificate Links to establish the chain of trust 12

13 The Chain of Trust Root CA CA-n CA-1 Data Server Digital Signature The root ificate acts as the trust anchor for cloud computing

14 The Problem with Digital Certificates Digital ificates might be faked Fake ificates unravel the chain of trust Make encrypted data in transit vulnerable Well established attacks for many years in academia 2008, Rogue CA in real life 2011, DigiNotar hack 2015, FREAK attack This problem needs to be seriously addressed 14

15 Unraveling the Chain of Trust Root CA Rogue CA CA-n fake CA-1 Data Server fake Digital Signature

16 How to Fix the Fake Certificate Hack Certificates need to be generated stored applied from a trusted source The trust anchor needs to be guarded well physically No tampering possible Physical realization: Hardware Security Module HSM 16

17 Hardware Security Module Secure key generation Hardware-based true random number generator Secure key storage Private / secret keys cannot be read out Tamper-resistant housing Secure key utilization For public-key cryptography Diffie-Hellman, RSA, DSA, ECC, ECDSA For secret-key cryptography AES, Camellia (GCM, CBC, ), MAC schemes (based on SHA-2/SHA-3) Resistant to side-channel attacks 17

18 Realization in the Cloud at HQs Infrastructure / Data / Apps HSM Mobile User Corporate Headquarters Branch Office

19 Realization in the Cloud at Provider Infrastructure / Data / Apps HSM Mobile User Corporate Headquarters Branch Office

20 Conclusions IT cloud services are here to stay Besides competitive pricing, users need assurance about data security to establish trust compliant ified solutions Establishing trust requires The correct implementation of cryptographic mechanisms, especially authentication The utilization of really trustworthy trust anchors HSMs are the solution for such trust anchors At the company s premises At the cloud provider s site 20

21 Links EY s STAR initiative: Y-Building-trust-in-the-cloud.pdf The rogue CA: The DigiNotar hack: The FREAK attack: IEEE Cybersecurity: Securosys: 21

22 Thank you!