Seminar: Security Metrics in Cloud Computing ( se)

Transcription

1 Technische Universität Darmstadt Dependable, Embedded Systems and Software Group (DEEDS) Hochschulstr Darmstadt Seminar: Security Metrics in Cloud Computing ( se) Topics Descriptions OVERVIEW Surveying existing security metrics for the Cloud... 2 Audit-as-a-Service... 2 Adaptive Authentication for the Cloud... 2 Security Level-based scheduling for IaaS Clouds... 3 Coping with Dark Clouds: how to measure a botnet?... 3 Security metrics and the convergence between the Cloud, P2P and, the Internet of Things and Services... 3 Economy and information security risk models... 4 Vulnerability Markets, a Novel Economic Perspective to approach Information Security... 4 Economic-Driven Vulnerability Assessment... 4 Benchmarking security and privacy in Attribute Based Credential s (ABC) systems... 4 Advanced Data Storage Mechanisms in Cloud and P2P Environments... 4 Consistency and Integrity for Cloud Storage... 5 Sensor Cloud: Towards Sensor-Enabled Cloud Services... 5 Machine-to-Machine Networks /6

2 Surveying existing security metrics for the Cloud Security practitioners agree on the overall benefits of using metrics in order to quantify the effectiveness of the security mechanisms being used. Unfortunately, the use of existing security metrics in the Cloud conveys several challenges due the inherent features of these environments: multi-tenancy, geographic distribution, rapid elasticity, etc. Due to these challenges, the Cloud community is arriving to a common consensus on the creation of security metrics specifically tailored for the Cloud. The objective of this seminar topic is to perform a comprehensive research survey (from the academic and industrial perspective) on those security metrics specifically designed for the Cloud, along with its associated protocols (e.g. CloudAudit). The report should include a summary of the different challenges that need to be solved in order to create new security metrics for the Cloud, taking into account its different service and deployment models. Audit-as-a-Service The Cloud is here and has arrived to redefine the on-demand availability of remotely-located computing Infrastructures, Platforms and Software to the user. However, in order to provide trustworthy Cloud services, the users need to be well-informed about the security guarantees that the different providers offer. Nowadays, there are some industrial efforts to create repositories and methods, so Cloud Service Provider s are able to publicly advertise their security assessment reports. Are we approaching to Audit-as-a-Service systems? The goal of this research topic is to survey state of the art notions of such systems, with a particular focus on their security metrics aspects. Adaptive Authentication for the Cloud Security metrics have become an enabler for a new IT paradigm known as Adaptive Security AS-. An AS-enabled mechanism, is able to change its behavior (e.g. secret-key length, encryption algorithm, firewall rules, ) according to the measured security level, therefore allowing the system to protect itself from security attacks. Consequently, authentication systems built under the AS principle (a.k.a. AS-AuthN) are able to change their identification mechanism (e.g. from username/password to X.509 certificates), according to the incoming connection s security- or risk-level. AS-AuthN is a promising approach for Cloudbased Identity Management, which is nowadays a hot topic in academia and industry. 2/6

3 Within this seminar topic, we aim to survey state of the art works on security metrics that could enable an AS-AuthN service for the Cloud, including concepts like Levels of Authentication. Security Level-based scheduling for IaaS Clouds Infrastructure as a Service IaaS- Clouds are becoming more a more common everyday (e.g. Amazon EC2, OpenNebula, ). A central component of the IaaS architecture is the front-end s scheduler, which is in charge of instantiating new computational or storage resources in the different IaaS nodes according to a predefined policy. In the best of the cases, the scheduling policy will be based on parameters extracted from a Service Level Agreement, but unfortunately most IaaS schedulers do no take into account security parameters. The goal of this research topic is to survey the security metrics, policies (Security Level Agreement SecLA-) and architectures that enable a security-driven IaaS scheduler. Coping with Dark Clouds: how to measure a botnet? A botnet is a network of compromised computers (also known as zombies) remotely controlled and instructed to work in a coordinated fashion by one or more central hosts (known as the command and control nodes or C&Cs). Botnets are responsible for severe Internet threats such as Distributed Denial of Service (DDoS) attacks, spam campaigns and phishing activities. Unfortunately, in the last few months some botnets have found a new attack vector: the Cloud. It is not a surprise to find news related with botnets performing their attacks via these Dark Clouds (e.g. Amazon). This seminar topic aims to survey existing state of the art related with mechanisms to detect and measure botnets, with a particular emphasis in those applicable to Dark Clouds. Security metrics and the convergence between the Cloud, P2P and, the Internet of Things and Services The advent of the Cloud is also promising a technological convergence with other IT ecosystems like the Peer-to-Peer networks (P2P) and the Internet of Things and Services (IoTaS). Let us take as an example the use Cloud-based storage services via smartphones in order to backup agendas, apps, etc. This goal of this seminar topic is to explore how this technological convergence could affect that overall security level of a Cloud provider, and which are the underlying techniques and technologies that might allow us to quantitatively measure the overall security level of these complex systems. 3/6

4 Economy and information security risk models Review of the most important existing credit risk models such as the Tschebyscheff-inequation, CreditRisk+, credit metrics, etc. An appropriate mapping to information security risks should be done. The objective of that exercise is to figure out how we can elaborate a preliminary information security risk model in analogy to the credit risk models. Vulnerability Markets, a Novel Economic Perspective to approach Information Security Within this seminar, students are asked to review and compare the existing approaches regarding the economic perspective on information security. The focus is on the new concept of vulnerability markets. Advantages and drawbacks of different concepts for vulnerability markets, where security-related information can be traded, should be discussed. Economic-Driven Vulnerability Assessment The existing vulnerability databases such as the National Vulnerability Database (NVD) or the Open Source Vulnerability Database (OSVDB) try to assess the criticality of discovered vulnerabilities. A less explored filed is economic-driven vulnerability assessment. Within this seminar, we adopt an economic perspective to do such an assessment for selected vulnerabilities (from the Top 5 list). Benchmarking security and privacy in Attribute Based Credential s (ABC) systems Traditional identification methods ranging from password to Public Key Infrastructures (PKI)- present several privacy tradeoffs, because in most of the cases users need to disclose more personal information than necessary. In order to cope with this issue, few years ago were proposed new kind of privacypreserving authentication, called Attribute Based Credentials. Due to the practical usefulness of these cryptosystems (e.g. for the Cloud), the goal of this seminar topic is to survey existing methodologies and frameworks aimed to measure the security and privacy being offered by relevant ABC systems (e.g. IBM s IdeMix and Microsoft s u-prove). Advanced Data Storage Mechanisms in Cloud and P2P Environments 4/6

5 Distributed hash tables are mostly put on a level with structured P2P networks. Yet, new extensions and evaluations to these systems play a key role in distributed environments like P2P networks or Cloud infrastructures. Anonymity, confidentiality, integrity and availability are substantial requirements in these environments. Each of the proposed extensions addresses at least one of these requirements. Students are required to investigate the proposed extensions and relate them to each other in a overall context. Consistency and Integrity for Cloud Storage This topic is about how to ensure Integrity of storage in the Cloud. Moreover, the proposed solution detects whenever consistency is violated and sends a notification to the client. Interestingly, these properties can be guaranteed even if the cloud itself, i.e. the service provider, is untrusted. Sensor Cloud: Towards Sensor-Enabled Cloud Services Wireless Sensor Networks (WSNs) seamlessly couples the physical environment with the digital world. Sensor nodes are small, low power, low cost, and provide multiple functionalities. WSNs have sensing capabilities, processing power, memory, communication bandwidth, battery power. If aggregated, sensor nodes have substantial data acquisition and processing capabilities. On the other hand, Cloud computing refers to both the applications delivered as services over the internet and, the hardware and software in the data centers that provide those services. Cloud computing is a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. The Sensor Cloud is an infrastructure that allows truly pervasive computation using sensors as interfaces between physical and cyber worlds, the datacompute clusters as the cyber backbone and the internet as the communication medium. Sensor Clouds integrate large-scale sensor networks with sensing applications and cloud computing infrastructures. Sensor Clouds collect and process data from various sensor networks and enables large-scale data sharing and collaborations among users and applications on the cloud. The sensor Cloud delivers Cloud services via sensorrich mobile devices. The key challenges are to provide both an overview and the basic concepts of sensor Clouds, along with defining the potential applications and how to integrate WSNs and Clouds. 5/6

6 Machine-to-Machine Networks In the near future, there will be many more embedded devices than there are mobile phones. When these devices are connected to the Internet, many novel kinds of ubiquitous services will be enabled. It wasestimated that in 2010, the number of communicating devices were a thousand times greater than the number of mobile phones, which is already more than one billion. When connecting devices such as various machines, actuators and sensors to the Internet, novel types of services are enabled. Previously, such devices communicated with services using technology such as SMS. The applications were vendor or domain-specific closed systems, for which achieving interoperability with other vendor/domain systems was challenging. M2M services refer to the services resulting from collection, transmission and processing of information, and establish an interactive system with the remote devices that are ultimately integrated within a managed M2M software system. M2M systems will provide essential business possibilities and advantages for companies, especially when information systems controlling their core processes are utilizing the real-time information produced by an M2M system. In consequence, a company can increase the quality of its services, reduce costs and increase customer satisfaction. Currently, no universally applicable M2M service infrastructure exists that would allow interoperation between devices and their enabled applications in wired and wireless systems, regardless of the supplier. Information technology applications usually operate as separate M2M solutions that are unaware of each other. As a result, a number of business opportunities remain unexploited as the services provided by the devices cannot be placed on the Internet. The primary goals of this topic are: Investigate and explore the M2M area to understand the domain Identify requirements which are important for a general M2M system Explore technologies and protocols relevant for the different parts of an M2M system This topic also seeks to discuss possible approaches to the overall M2M system architecture. 6/6