Securing the Cloud. Cloud Computer Security Techniques and Tactics. Vic (J.R.) Winkler. Technical Editor Bill Meine ELSEVIER

Transcription

1 Securing the Cloud Cloud Computer Security Techniques and Tactics Vic (J.R.) Winkler Technical Editor Bill Meine ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint of Elsevier SVNGRESS

2 Contents Acknowledgments About the Author About the Technical Editor Introduction xiii xv xvii xix CHAPTER 1 Introduction to Cloud Computing and Security 1 Understanding Cloud Computing 1 Cloud Scale, Patterns, and Operational Efficiency 2 A Synergistic Trick 3 Elasticity, Shape Shifling, and Security 3 The IT Foundation for Cloud 4 Cloud Computing as Foundation for Cloud Services 5 Cloud Computing Qualities 7 The Bottom Line 8 An Historical View: Roots of Cloud Computing 10 Decentralization and Proliferation 10 Networking, the Internet, and the Web 11 Virtualization 12 A Brief Primer on Security: From 50,000 ft 13 Terminology and Principles 14 Risk Management 17 Security Must Become a Business Enabler 17 A Brief Primer on Architecture 18 Systems Engineering 19 IT Architecture 20 Security Architecture: A Brief Discussion 20 Defense in Depth 23 Cloud Is Driving Broad Changes 23 Cloud Works Today 24 Valid Concerns 25 Summary 26 Endnotes 26 CHAPTER 2 Cloud Computing Architecture 29 Cloud Reference Architecture 29 Revisiting Essential Characteristics 30 Cloud Service Models 33 Cloud Deployment Models 35

3 viii Contents Control over Security in the Cloud Model 37 Cloud Application Programming Interfaces 39 Making Sense of Cloud Deployment 39 Public Clouds 40 Private Clouds 40 Community Clouds 41 Hybrid Clouds 41 Making Sense of Services Models 43 Cloud Software-as-a-Service 43 Cloud Platform-as-a-Service 43 Cloud Infrastructure-as-a-Service 43 How Clouds Are Formed and Key Examples 44 Using Virtualization to Form Clouds 45 Using Applications or Services to Form Clouds 48 Real-world Cloud Usage Scenarios 49 Virtualization Formed Clouds 49 Application/Service Formed Clouds 51 Hybrid Cloud Models 52 Summary 52 Endnotes 52 CHAPTER 3 Security Concerns, Risk Issues, and Legal Aspects 55 Cloud Computing: Security Concerns 56 A Closer Examination: Virtualization 57 A Closer Examination: Provisioning 62 A Closer Examination: Cloud Storage 64 A Closer Examination: Cloud Operation, Security, and Networking 66 Assessing Your Risk Tolerance in Cloud Computing 67 Assessing the Risk 68 Information Assets and Risk 69 Privacy and Confidentiality Concerns 70 Data Ownership and Locale Concerns 71 Auditing and Forensics 72 Emerging Threats 73 So, Is It Safe? 73 Legal and Regulatory Issues 74 Third Parties 75 Data Privacy 79 Litigation 84 Summary 85 Endnotes 87

4 Contents ix CHAPTER 4 Securing the Cloud: Architecture 89 Security Requirements for the Architecture 91 Physical Security 91 Cloud Security Standards and Policies 93 Cloud Security Requirements 94 Security Patterns and Architectural Elements 102 Defense In-depth 102 Honeypots 104 Sandboxes 104 Network Patterns 104 The Importance of a CMDB 107 Cabling Patterns 109 Resilience and Grace 110 Planning for Change Ill Cloud Security Architecture Ill Cloud Maturity and How It Relates to Security 112 Jericho Forum 113 Representative Commercial Cloud Architectures 114 Representative Cloud Security Architectures 115 Planning Key Strategies for Secure Operation 121 Classifying Data and Systems 121 Define Valid Roles for Cloud Personnel and Customers 122 Summary 123 Endnotes 123 CHAPTER 5 Securing the Cloud: Data Security 125 Overview of Data Security in Cloud Computing 125 Control over Data and Public Cloud Economics 126 Organizational Responsibility: Ownership and Custodianship 127 Data at Rest 128 Data in Motion 130 Common Risks with Cloud Data Security 130 Data Encryption: Applications and Limits 132 Overview of Cryptographic Techniques 133 Common Mistakes or Errors with Data Encryption 135 Cloud Data Security: Sensitive Data Categorization 137 Authentication and Identity 137 Access Control Techniques 138 Data Categorization and the Use of Data Labels 140 Application of Encryption for Data at Rest 141

5 X Contents Application of Encryption for Data in Motion 142 Impediments to Encryption in the Cloud 143 Deletion of Data 143 Data Masking 144 Cloud Data Storage 145 Cloud Lock-in (the Roach Motel Syndrome) 146 Metadata 148 Avoiding Cloud Lock-in (the Roach Motel Syndrome) 149 Summary 150 Endnotes 151 CHAPTER 6 Securing the Cloud: Key Strategies and Best Practices 153 Overall Strategy: Effectively Managing Risk 154 Risk Management: Stages and Activities 154 Overview of Security Controls 156 Cloud Security Controls Must Meet Your Needs 156 NIST Definitions for Security Controls 157 Unclassified Models 158 Classified Model 160 The Cloud Security Alliance Approach 161 The Limits of Security Controls 162 Security Exposure Will Vary over Time 164 Exploits Don't Play Fair 164 Best Practices 165 Best Practices for Cloud Computing: First Principals 165 Best Practices across the Cloud Community 170 Other Best Practices for Cloud Computing: Cloud Service Consumers 172 Other Best Practices for Cloud Computing: Cloud Service Providers 173 Security Monitoring 174 The Purpose of Security Monitoring 176 Transforming an Event Stream 177 The Need for C.I.A. in Security Monitoring 183 The Opportunity for MaaS 184 Summary 184 Endnotes 185 CHAPTER 7 Security Criteria: Building an Internal Cloud 187 Private Clouds: Motivation and Overview 187 Security Implications: Shared versus Dedicated Resources 189

6 Contents xi Considerations for Achieving Cost Savings 190 Private Clouds: The Castle Keep? 193 Analysis to Support Architecture Decisions 194 Security Criteria for Ensuring a Private Cloud 195 Network Considerations 196 Data Center Considerations 202 Operational Security Considerations 206 Regulation 208 Summary 209 Endnotes 210 CHAPTER 8 Security Criteria: Selecting an External Cloud Provider 211 Selecting a CSP: Overview of Assurance 211 Vendor Claims and Independent Verification 212 Selecting a CSP: Vendor Transparency 215 Selecting a CSP: Overview of Risks 217 Risk Will Vary by Customer and by CSP 217 Assessing Risk Factors 218 Selecting a CSP: Security Criteria 224 Security Criteria: Revisiting Defense-in-depth 225 Security Criteria: Other Considerations 227 Additional Security-relevant Criteria 229 Summary 232 Endnotes 232 CHAPTER 9 Evaluating Cloud Security: An Information Security Framework 233 Evaluating Cloud Security 234 Existing Work on Cloud Security Guidance or Frameworks 235 Checklists for Evaluating Cloud Security 237 Foundational Security 238 Business Considerations 240 Defense-in-depth 242 Operational Security 246 Metrics for the Checklists 249 Summary 249 Endnotes 250 CHAPTER 10 Operating a Cloud 253 From Architecture to Efficient and Secure Operations 255 The Scope of Planning 255 Physical Access, Security, and Ongoing Costs 256

7 xii Contents Logical and Virtual Access 257 Personnel Security 257 From the Physical Environment to the Logical 259 Bootstrapping Secure Operations 260 The Refinement of Procedures and Processes over Time 260 Efficiency and Cost 260 Security Operations Activities 262 Server Builds 263 Business Continuity, Backup, and Recovery 265 Managing Changes in Operational Environments 266 Information Security Management 269 Vulnerability and Penetration Testing 270 Security Monitoring and Response 271 Best Practices 274 Resilience in Operations 275 Summary 275 Endnotes 277 Index 279