A Study of Design Measure for Minimizing Security Vulnerability in Developing Virtualization Software

Transcription

1 A Study of Design Measure for Minimizing Security Vulnerability in Developing Virtualization Software 1 Mi Young Park, *2 Yang Mi Lim 1, First Author Science and Technology Policy Institute,ollive@stepi.re.kr *2, Corresponding Author Duksung Women s University, yosimi@duksung.ac.kr Abstract As lots of users share IT resources as software, hardware, etc in cloud computing, the information security should be firstly solved. The solution of security vulnerability should be considered and built with the automatic diagnosis system prior to development of software, which can be efficiently completed through simulation of virtual test. This article catalogs vulnerabilities of security in realizing cloud computing virtualization technology according to priority and proposes a design process model for minimizing the security vulnerabilities for the construction of virtualization to practice the security vulnerabilities before software development using prioritized Security Use Case. 1. Introduction Keywords: Cloud Computing, Vulnerability, Vulnerability Scoring System Cloud computing and virtualization technology have merits of flexibility, efficiency and cost reduction as the user can utilize computing resources if necessary, which many companies are focusing on. Yet, for the realization of cloud computing technology, security problems should be solved together. Currently, security problems include malignant code and service availability infringement, information disclosure risk according to information ownership and administrative segregation, protocol vulnerability, zero day, legal and regulatory issues. In order to solve these problems, it is necessary to model security design process in software development process and go through a practice phase to minimize security vulnerability in virtualization establishment. Since software vulnerability occurs throughout the phases from an early phase of development, designing measures minimizing vulnerability at the early phase can reduce development cost and other costs and increase the reliability and security of the software [1]. Thus, this study checked and categorized it to develop the template of the security vulnerability of virtualization prior to software development and prepare security design documents based on the security requirements and produced a web-based checklist so as to make virtual practices before the development phase. This study analyzed the types and impacts of the vulnerability of the virtual machine for the template composition of the virtualization vulnerabilities, set the priority of the vulnerabilities and surveyed and organized detailed countermeasures by the degree of risk. These vulnerability priority data were designed and composed with the detailed items of the checklist so as to describe the detailed items and countermeasures and make virtual practices. 2. Relevant Research Cloud computing refers to a mode of providing the user with multiple data centers integrated with virtualization technology along with a variety of software, security and computing infrastructure on demand [2]. The thing that should be treated most importantly in the adoption of this cloud computing technology is to solve the vulnerabilities of software security. Software security vulnerabilities refer to security defects occurring due to the functional specifications of the software, design, error in the implementation of phase, booting, installation, or operational issues [3]. To solve these security defects, Cloud Security Alliance (CSA) defines seven threat factors [4,5,6]. Garthner's research proposes security guidelines for the cloud computing users [7, 8]. Nevertheless, with the security vulnerabilities, annual infringement level, diversity and the whole number of infringements are gradually increasing [9]. To solve these, attempts to design the software development process and standardize the security practice phase are increasing [10]. Until now, there is almost no standardized security practice about the overall software development. Kenneth and Gary reported the security practice for the reduction of International Journal of Advancements in Computing Technology(IJACT) Volume5, Number13, September

2 the security vulnerabilities though not the overall application practices of the software development phase as follows [11, 12]: Figure 1. Practices for the Reduction of the Security Vulnerabilities in the Software Development Phase 3. Security Vulnerability of Virtual Machine and Importance Analysis This chapter analyzed the types and impacts on the security vulnerabilities of virtual machines and researched the priority by the importance of the security vulnerabilities. These significances are used in cataloging the items on the checklist to be used in the design process of minimizing the security vulnerabilities of the virtualization to be described in Chapter 4 and used for the detailed items and countermeasures for the virtual practices. First of all, in providing the virtualization technology of cloud computing, all security vulnerabilities occurring in virtual machines in three kinds of VMware, Xen and VirtualBox were classified, and the results of damages that may occur accordingly were analyzed to measure the degree of risk. The classification of the types of vulnerability referred to Common Weakness Enumeration (CWE) [13]. Table 1 selected 20 types of security vulnerabilities occurring in the virtual machines such as VMware, Xen and Virtual Box most frequently used in companies and public institutions and researched the number of the vulnerabilities. Table 1. Analysis on the Types of Virtual Machine Vulnerabilities No. Vulnerability Type CWE VMware Xen VirtualBox 1 Permissions, Privileges, and Access Control CWE Buffer Errors CWE Resource Management Errors CWE Information Leak / Disclosure CWE Link Following CWE Sum Total Through Table 1, most frequently occurring security vulnerabilities were selected, and with these vulnerabilities, the result of the damages could be understood. These damage results were defined as the impact types due to the vulnerabilities and summarized like Table 2. Table 2. Impact Types by VM Vulnerabilities No. Vulnerability impact type based on CVE VMware Xen VirtualBox 1 Provides user account access Allows disruption of service Allows unauthorized disclosure of information Provides administrator access Allows disruption of service Unknown Allows unauthorized modification Provides unauthorized access Unknown Sum Total

3 Next, for the impacts due to the security vulnerabilities in Table 2, a valuation basis was set up to pick up the most dangerous items on rankings and the importance and priority were researched and analyzed like Table 3. Generally, in the software development process, if security vulnerabilities are found, they are reported in secret to the relevant software vendors or disclosed on the Internet. In addition, since the software vendors disclose the information about the vulnerabilities themselves and estimate the degree of risk of the vulnerabilities, the reliability of the written advice for security of each product will be reduced. This is because the calculation of the rating of the degree of risk of the security vulnerabilities has not been standardized, so a standardization policy is necessary preferentially. Thus, to secure the reliability of the calculation of the rating of the degree of risk, to set up the priority in the activity of minimizing the security vulnerabilities, the standardized policy for the degree of risk specialized in the virtualization environment was defined and to score the measurement standards of the degree of risk, open framework THE CVSS was used. Fig. 2 shows the frequently assessed items and the impact assessment items [14]. It shows that in these matrixes, the basic matrix score is delivered to the temporary matrix and the environmental matrix, and it is applied appropriately in the temporary matrix and the environmental matrix environments. Generally, in the basic and temporary matrixes, security vulnerability posting analysis is used by security solution and application companies, so that they have much more information than general users do, and accordingly, the basic matrix value is preferentially assessed and delivered to the temporary matrix and the environmental matrix. At this time, the environmental matrix is useful in assessing the security vulnerabilities of the environment fitting the user, and the preceding assessment score is reflected to receive the assessment. Table 3 describes the number of frequency according to the properties of CVSS and the relationship between the matrixes according to the properties of the impact types. Basic metrics frequency Figure 2. Emphasized Subset of Attributes from CVSS Table 3. Significance and Priority of Valuation Basis Valuation basis Significance Weight Priority Access Vector 3.1% 0.3% Access Complexity 2.6% 0.3% Authentication 40.5% 4.6% Basic metrics impact Confidentiality 20.8% 2.4% Integrity 15.5% 1.8% Availability 11.5% 1.3% Temporal Metrics frequency Utilizability tools & techniques Remediation level 6.0% 0.7% % 10.6% Report confidence 13.5% 6.5% Environmental Metrics Confidentiality requirement 64.4% 31.0%

4 impact Integrity requirement 7.2% 2.9% Availability requirement 15.3% 6.2% Collateral damage potential 25.0% 10.1% Workload scalability and reliability 52.4% 21.2% Priority-applied Security Design for Minimizing the Vulnerabilities of Virtualization This chapter describes the security design process including the priority-applied valuation basis checklist for the reduction of the security vulnerabilities in the software development phase based on the security vulnerability priority list of virtualization. The security design valuation basis is different from the general design valuation basis. The general design considers the module among the features, hours of work, procedures etc. except the security factor, so it is not proper for the security design assessment. Fig.3 is the model applying the result by the risk degree attribution using the security requirements and vulnerability list. Figure 3. The Proposed Design Model That Applies the Priority for Minimizing the Vulnerability of Virtualization The checklist testing web page for minimizing the security vulnerability of virtualization was established based on the security design model of Fig. 3. In order to design the checklist, the first page was composed for inputting the information of project for development and the information of the user who writes the relevant template. Secondly, the item for writing the misuse case which is relevant to the project was designed. Thirdly, the step for examining the input status of the case of using security by misuse case was composed. On this page, if many security use cases are inputted, then the priority input status should be examined. The priority input status as the detailed item is composed by referring the category of the virtual machine security vulnerability type analysis in Table 1, and the priority result of the upper and lower structure was examined by inputting weighting of security use case per each factor and the importance and priority assessment factor by the virtual machine vulnerability of Table 3. This content is a design section reflected by the security requirements, and the detailed scheme of the section is described in a picture. The range to test a point where this vulnerability is detected is determined on the basis of the guideline to solution in the configuration management application system based on the integrated information sharing DB. Figure 4. Steps of Design that reflects security requirements 391

5 The result shows the development of the project from the webpage which established the external review and the check list review in the process of test plans. The developed software tool should be passed through the process of practice based on the software simulation which examines the risk factor analysis and penetration state test finally after examining the result of the test. 5. Result This study developed a method of drawing out security requirements and the template according to that so as to prevent and mitigate the vulnerabilities of virtualization at an early phase of software development. The security requirements resolution method and template were developed for the prevention and mitigation of the initial vulnerability of virtualization. The security vulnerability type of virtualization technology was analyzed and the impact type was examined for the template composition. In addition, the priority was set by the importance and risk degree assessment about the security vulnerability for the upper and lower structural design of template contents, so the security vulnerability minimizing software development methodology reflecting the security requirements was suggested. The tool kit development for the security vulnerability minimizing can prepare countermeasure for the security vulnerabilities of virtualization in the cloud environment, and it can simulate the many security problems in the software development, so it is expected that it can save development cost and shorten the period of development. 6. References [1] Ministry of Information and Communication, Medium-and Long-term Information Protection Roadmap for Safe Implementation of u-korea, ICTD Report, Korea, [2] Myong Jun. Kim, Korea s Cloud Computing Strategy, IT21 Global Conference, [3] William A.Arbaugh, William L.Fithen, John McHugh, Windows of Vulnerability: A Case Study Analysis, IEEE Computer, vol. 33, pp , [4] CSA, Top Threats to Cloud Computing V1.0, Cloud Security Alliance, [5] Kichul Kim, Ok Heo, Seungjoo. Kim, A Security Evaluation Criteria for Korean Cloud Computing Service, Institute of Information Security and Cryptology, vol. 23, no. 2, pp.1-17, [6] Sunyoung Shin, Sukhyun Song, A Priority Study for Applying Public Cloud Services in Korea by Mapping the SRM with Overseas Cloud Services in the Public Sector, Internet and Information Security, vol.3, no. 3, pp.67-89, [7] Gartner, [8] J. Brodkin, Gartner: Seven Cloud Computing Security Risks, Network World, [9] Larry Bridwell, Computer Virus Prevalence Survey, ICSA Labs, [10] Honggun. Kim, The Software Security Standards for the Secure Realization of IT839 Strategy, Korea Information Security Agency, The 1st Distinguished Information Communication Standardization Paper Collection, pp , [11] Kenneth R. van Wyk, & Gary McGraw, Bridging the Gap between Software Development and Information Security, IEEE Security and Privacy, vol. 03, no. 5, pp.75-79, [12] Siv Hilde Houmb, Virginia N. L. Franqueira, Erlend A. Engum, Quantifying Security Risk Level from CVSS Estimates of Frequency and Impact, EEMCS, The Journal of Systems and Software, Elsevier, Vol.83 Issue 9, pp , [13] CWE, [14] Peter Mell, Karen A. Scarfone, Sasha Romanosky, A Complete Guide to the Common Vulnerability Scoring System, Version 2.0. Forum of Incident Response and Security Teams,