Towards the Integration of Security transparency in the modelling and design of cloud based systems. M. Ouedraogo, S. Islam

Transcription

1 Towards the Integration of Security transparency in the modelling and design of cloud based systems M. Ouedraogo, S. Islam

2 The rationale for security transparency [and mutual auditability] A Shift: From finance to data center Sensitive information are stored or processed by providers at geographically dispersed areas. Security now lies in the hand of a third party Difficulty in assessing one s service security level due to the often unknown chain of provider-sub-providers involved in the provisioning of a service. Security assurance: the ground for confidence that deployed security are correctly implemented and also effective in thwarting the relevant threats.

3 Security assurance in the cloud realm gaining more visibility on its security policy and operation Security assurance Vetting security against a reference (standard, policy, regulation, etc.) Security transparency [Mutual] auditablity

4 Initiatives for Enabling STMA PCMONS.. PVI TCCP Monitoring of virtual machine Mosaic SLA management Security certification and audits FedRamp CSA CCS TÜV Rheinland SSAE16 C S A

5 More implication from the SSE community Similarity between the context of security transparency for cloud to the non-inclusion of security concerns in early systems modelling and design -e.g Secure Tropos, UMLsec, SecureUML, KAOS,.. Solutions should enable: More customised security solutions rather than one fit all type security monitor the health of the security deployed by its providers and to gather evidence supporting claims of security by the CSP Be able to verify that SLA is fulfilled or held CSP accountable Be less reluctant to consider cloud computing as a possible solution for their data/services management

6 What can we expect from the secure system engineering Communty? Strategy (methods and architecture) for verification and monitoring of deployed service security controls PCMONS Secuirty incident Unintentional modification Design assumption now invalid Capturing Security and privacy requirements More visibility through security related infromation for the outsourced services Regulation IaaS SLA/ other contracts PaaS SaaS Service provisioning service provider Consumer

7 Things to consider.. (1/2) Modeling and designing for security transparency will need: some level of interactivity given the possibility to the CSC to validate, proposed security solutions and make decision on those (s)he would require further visibility on Be resource-oriented like the cloud paradigm Interactive Resource Profile modelling Strategic Assurance Modelling

8 Things to consider.. (2/2) CSCSP Specify events of interest, Get notification Reasoning Layer: Cloud Infrastructure /Service & Software component for vetting Algorithms for reasoning and detecting Capturing client s S&P requirements that are transparency relevant Strategy Interactivity I CSC CSP

9 Conclusion Security transparency is a core requirement for companies considering the adoption of cloud based services Existing effort to addressing Security transparency are too generic and often the underlining clauses are in the terms of the CSP Call for approaches that are interactive and resource driven Experienced built by this community from the plethora of work on early integration of security issue is of pertinence to efficiently dealing with security transparency need in the cloud.

10 Further reading on security transparency in cloud Ouedraogo et al. (2015) Security transparency: the next frontier for security research in the cloud, Journal of cloud computing, Springer Ouedraogo et al. (2015) Adopting an Agent and Event Driven Approach for Enabling Mutual Auditability and Security Transparency in Cloud Based Services, In proceeding of CLOSER 2015.