Security and Cloud Computing

Transcription

1 Security and Cloud Computing Michael Waidner TU Darmstadt/FB Informatik, Chair Professor Security in IT Fraunhofer Institute for Secure IT, Director CASED 1 Fraunhofer SIT

2 Objectives of this Lecture Get a feeling for The importance of security for the success of cloud computing The technical challenges The technologies used to address these challenges This lecture Will not make you an an expert in cloud security Does not replace a regular course on Information Security 2

3 <Begin Commercial> We are hiring! Engineers and Researchers BSc/MSc, PhD Students, Post Docs <End Commercial> 3

4 Outline 1. (In)security by example 2. What CIOs think about cloud security 3. Best practices and standards 4. Security technologies 5. Outlook 4

5 What is the state of (in)security, in general? 7

6 Some Security Slang Attacks exploits Privileges of attackers: insider Privileges of others: social engineering, confusing UI s, poor security processes Vulnerable design: wrong idea, architecture or design Vulnerable implementation: right idea, but done wrongly Attacker Intentional Careless user Hacktivist Criminal Spy Nation state Business System IT System Risk Management Accept, Avoid, Transfer or Mitigate Risks Attacks aims at Confidentiality: Stealing data, invading privacy Integrity: Corrupting data & service, stealing resources, illegal service Availability: Destroy system, deny service Accountability: Escape responsibility for actions 8

7 Major Attacks in 2011 Targeted, well orchestrated, economically or politically motivated. Source: IBM X-Force Research and Development, 2012 ( ) 9

8 Example: Targeted Attack on RSA and Defense Sector RSA // Lockheed Martin, Northrop Grumman, L3 Communications (2011) 1: Social engineering & phishing 3: Collecting SecureID secret seed records, downloading them from staging server. RSA issues warning on March 17 March 3: Fake to some RSA employees: [2011 Recruitment plan.xls] with embedded flash zero-day CVE in Adobe Flash Player. Planted Poison Ivy trojan horse. Unusually fast (e.g., attack on Nortel went unnoticed for more then 10 years) 4: Exploiting compromised SecureID to break into the target systems at defense industry. 2: Digital Shoulder Surfing Poison Ivy connects back to control server, giving full control to attacker. Attacker gradually moves towards higher value accounts and data. ( ) ( ) ( ) June 3: Lockheed discloses a blocked attack, which exploited the breach at RSA. RSA announced replacement program for tokens (>40M tokens worldwide, Lockheed > ). August 2011: RSA acknowledge immediate 66M$ for recovery. March 27, 2012: NSA attributes attack to Chinese hackers 10

9 What are actual, known attacks on cloud computing? 11

10 Not Specific for Cloud, but Key Problem: Web-App Security Well-known software problems result in insecure products and services Representative test of web applications (IBM 2012) 86% Security misconfiguration 79% Broken authentication Secure engineering Source: IBM X-Force Research and Development ( ), OWASP Top Ten 2010 ( ) 12

11 Attacks out of the Cloud Attackers use cloud services to perform attacks Attacker as regular cloud user Unclear responsibility of cloud providers Many challenges for forensics / law enforcement Examples Spammer Password cracker Automated fraud Botnet commmand & control ( ) 13

12 Virtual Machine Escape Guest VM takes over hypervisor, gets access to other guests VM VM VM VM Hypervisor Exploits vulnerability in the design or code of the hypervisor for privilege escalation Secure engineering Examples Rafal Wojtczuk, Jan Beulich: Advanced Exploitation of Xen Hypervisor Sysret VM Escape Vulnerability; Sept 4, 2012 (CVE ) ( ) Kostya Kortchinsky: CLOUDBURST A VMware Guest to Host Escape Story; BlackHat USA 2009 ( ) Nelson Elhage: Virtunoid: A KVM Guest Host privilege escalation exploit; Black Hat USA 2011 ( ) 14

13 Incomplete or Insecure Data Deletion Cloud provider does not (securely) delete data before reassigning space, leaking secrets VM VM Time Exploits vulnerability of the cloud management system Secure processes Secure deletion (NIST, BSI) 15

14 Forensics in Cloud Computing Standard approaches to forensics do not work with virtualization VM VM Forensics needs traces (old data, ) Time Explicit subscriber logging and auditing Litigation Hold: Freeze all machines and data! 16

15 Malicious Insider Cloud administrators may have privileged access to customer data VM VM VM VM Hypervisor Exploits basic architecture of current cloud computing offerings. Monitoring and auditing of privileged identities Trusted Computing Cryptography 17

16 Unsafe Virtual Images Image author does not to clean up image before publication, leaking secrets 1/3 of 1100 public Amazon Machine Images with major vulnerabilities Secure engineering for clouds Compliance checking of images Unpublished code, private documents Caches, shadow files Passwords Public / private SSH keys SVN credentials Source: Fraunhofer SIT / S. Bugiel, S. Nürnberger, T. Pöppelmann, A. Sadeghi., T. Schneider : AmazonIA: When Elasticity Snaps Back; ACM CCS, Chicago ( ) 18

17 No Identity Verification in Storage Clouds Cloud provider does not understand risk in usage patterns I am [email protected] Identity verification Federated identity management Share secret with someone pretending to be Bob Receive malware or illegal content under Bob s name Examples of services with this problem (as of end of 2011) Dropbox, SugarSync, CloudMe, HiDrive, wuala Source: Fraunhofer SIT / T. Hahn, T. Kunz, M. Schneider, S. Vowé: Vulnerabilities through Usability Pitfalls in Cloud Services; 2 nd IEEE TSCLOUD, Liverpool ( ) 19

18 Data Duplication for Compressing Data in Storage Clouds Second upload of identical data results in reference to first upload only (1) hash(data) (2) ack(known already) OR (2) ack(new file) (3) data Client-side cross-user deduplication Saves up to 90% cloud storage and bandwidth Introduces vulnerabilities (Better: server-side dedup) 20

19 Example 1: Extend Storage for Free, Share Files Dropbox Client Modified NCrypto (wrapper) 1. Send User Identification, Hash of File 2. File Exists, Linked to User 3. Download File 4. Send File Replacing hashvalue Checks if: User exists File exists with Hash Dropbox Server SHA256 OpenSSL (hash functions) Malicious user can provide hashes for downloading files Source: Martin Mulazzani et. al.: Dark Clouds on the Horizon; USENIX Security ( ) 21

20 Example 2: Guess Confidential Values Theoretical example only! Scenario: Companies bidding for a certain contract Adversary knows structure of contract, just not the price Attack: test all possible prices, dedup will identify the right one Source: Danny Harnik et.al.: Side Channels in Cloud Services, the Case of Deduplication in Cloud Storage; IEEE Security and Privacy Magazine 8/2 (2010). ( ) 22

21 Changing Access Pattern Parallel and Connected Trends: Mobile and Cloud Computing Bring Your Own Device Malware spreads via mobile / cloud into enterprise Data leaks via cloud / mobile Devices and OS s with strong separation between business and personal resources, e.g., Bizztrust by Fraunhofer SIT ( ) 23

22 Recap of Discussed Attacks Four areas of problems in cloud security Isolation / Multi-tenancy Secure Engineering for Cloud Apps Trust in provider Virtual Machine Escape Incomplete or Insecure Data Deletion Attacks based on Client-side Deduplication Unsafe Virtual Images Forensics in Cloud Computing Malicious Insider Trust in subscriber / Identity No Identity Verification in Storage Clouds Changing Access Patterns Attacks out of the Cloud 24

23 Outline 1. (In)security by example 2. What CIOs think about cloud security 3. Best practices and standards 4. Security technologies 5. Outlook 26

24 Where CIOs see the Risks with Public Cloud Computing Security 45% Integration w/ legacy 26% Loss of control over data 26% Availability 25% Performance 24% IT governance 19% Compliance 19% Satisfaction with offerings 12% Return on investment 11% Customization 11% Vendor lock-in Other 6% 11% ( ) 27

25 Who is Considered Responsible for Securing the Public Cloud? Question: How do you Secure Your Cloud Servers Today (in IaaS)? 31.2% 21.3% 19.9% 9.9% 6.4% 6.4% 5.0% Source: CloudPassage Cloud Security Survey, February ( ) 28

26 Who is Really Responsible for Securing the Public Cloud? Split of Responsibilities between Provider and Subscriber Who is responsible for security at the level? Datacenter Infrastructure Middleware Application Process Business Process-as-a-Service Application-as-a-Service Platform-as-a-Service Infrastructure-as-a-Service Provider Provider Provider Provider Subscriber Subscriber Subscriber Subscriber Provider/Subscriber service agreement determines actual responsibilities. 29

27 The Root Cause of Concerns over Cloud Security Real or Perceived Loss of Control when Moving from Private to Public On Premise Private Cloud Off Premise Hybrid Clouds Community Cloud Public Cloud 3rd-Party Managed We Have Control It s located at X. We have backups. Our admins control access. Our uptime is sufficient. The auditors are happy. Our security team is engaged. Who Has Control? Where is it located? Who backs it up? Who has access? How resilient is it? How do auditors observe? How does our security team engage? 30

28 Well Managed Shared Cloud Might be More Secure than Enterprise Managed Private IT Percentage of surveyed cloud customers experiencing security incidents of this type Source: Removing the Cloud of Insecurity; Altertlogic, ( ) 31

29 Well Managed Shared Cloud Might be More Secure than Enterprise Managed Private IT Economy of scale favors security and privacy Dedicated and trained security team Professional service management (patch, change, incident, ) Professional security management, tools, processes, etc. Standardization simplifies security Caveats: Most shared clouds have pre-defined service levels, no negotiated SLAs Physical cloud location may influence regulatory compliance ( discussion about impact of US Patrot Act on European cloud users) 32

30 Outline 1. (In)security by example 2. What CIOs think about cloud security 3. Best practices and standards 4. Security technologies 5. Outlook 34

31 Information Security Process and Management System Security is a dynamic and evolving property. Risks are managed through controls (safeguards), which need to be continuously managed. Initiation of security process Strategy, objectives, compliance Organization, resources, education Creation of security concept Implementation of security concept Maintenance and improvement Scope Documented security policy Threat analysis and risk decisions Safeguards and controls Security Policy Organization of Information security Asset Management Human Resource Security Physical and Environmental Security Communications and Operations Management Access control Information Systems Acquisition Development and Maintenance Information Security Incident Management Business Continuity Management Compliance Reference: BSI Grundschutz ( ), ISO 27002] 35

32 Guidelines, Standards, Requirements Recommendations (from Provider s and/or Subscriber s perspective) Cloud Security Alliance (CSA): Security Guidance v3; 2011 ( ); Cloud Control Matrix (CCM); 2010 ( ); Trusted Cloud Initiative, Ref Architecture; 2011( ) BSI: Security Recommendations for Cloud Computing Providers; 2011 ( ) NIST Special Pub : Guidelines on Security and Privacy in Public Cloud Computing; 2011 ( ) OSA Security Architecture Pattern SP-011: Cloud Computing Pattern; 2010 ( ) Mandatory Framework (for US Federal Government) US General Services Administration: Federal Risk and Authorization Management Program (FedRAMP) ( ) Baselines, e.g., BSI Grundschutz, NIST SP

33 Auditable Framework Auditable Frameworks ISO 2700x Framework 27002: Code of practice for information security management Annex A: Mother of all control matrices In progress 27017: Security in cloud computing In progress 27018: Code of practice for data protection controls for public cloud computing services Statement on Standards for Attestation Engagements (SSAE) No

34 CSA s Basic Cloud Security Reference Model (2011) Source: CSA Security Guidance Version 3, 2011; p20/fig 5 ( )

35 CSA s Trusted Cloud Initiative Reference Architecture Model (2011) Source: ( )

36 CSA s Trusted Cloud Initiative Reference Architecture Model (2011) Source: ( )

37 Anything specific for Cloud Computing? At a high level, everything applies equally well to data centers Isolation / Multi-tenancy Secure Engineering for Cloud Apps Trust in provider Sharing and multi-tenancy across all hw/sw Lack of multi-tenant hw/sw Lack of detailed and verifiable metering and billing + Sharing of security info improves detection, lowers time to respond (aka Big Data for security) Virtualization turns everything into data & software Need for Secure Cloud Engineering + Enables introspection of resources + Simplifies security management (e.g., patch management) Subscribers may distrust providers (resp. cloud admins) Impossibility of individual audits by each subscriber + Privileged user management, Usages control + Trusted Computing and Cryptography can extend trust boundaries Trust in subscriber / Identity Public clouds may have to deal with anonymous subscribers Lack of Trusted Identities + Identity verification as new opportunity for cloud providers Speed: quick on-boarding/offboarding of subcribers identities + Case for Federated Identity (and other SOA constructs) 49

38 Outline 1. (In)security by example 2. What CIOs think about cloud security 3. Best practices and standards 4. Security technologies 5. Outlook 50

39 Virtualization enables introspection of resources 56

40 Hypervisor-level Security Services Physical What changes in a naïve transition from physical (this picture) to virtual? App 1 App 2 App 3 AV/FW OS HW Security becomes harder: VM sprawl, hypervisor as a new component Services unnecessarily replicated Security becomes easier: move security services out of the OS into the Hypervisor, security system can introspect the virtual hardware Switch / NAC / Firewall / IPS... 57

41 Hypervisor-level Security Services Virtual A1 A2 AV/FW A3 A1 A2 AV/FW A3 Security VM Policy Hardened OS Security Mgmt OS OS Discovery, license mgmt, update, congestion control + Switch / NAC / FW / IPS Rootkit Detection Hypervisor HW Reference: IBM Security Virtual Server Protection for Vmware ( ) 58

42 Cryptography extends trust boundaries How to protect data from malicious cloud admins Example 1: Fraunhofer OmniCloud 59

43 OmniCloud: Approach Main objectives Provide secure cloud storage Avoid cloud provider lock-in Easy integration Standard software, no client installation Uses existing communication protocols (e.g., FTP, SCP, WebDAV, Amazon S3,...) Reference: ( ) 60

44 OmniCloud: Security Client-side file encryption Before leaving the company s intranet Key management Separation of keys and encrypted files Keys under exclusive control of the company (Pseudo-) randomly generated keys for each file Modular key generation / key storage approach Filename and folder structure obfuscation Authentication and identity management Various authentication mechanisms Role-based access control Fine grained user permissions 61

45 OmniCloud: API Mapping API mapping Multitude of input and output interfaces Mapping between both High interoperability w.r.t. Supported client software Supported cloud storage providers OC Gateway OC Gateway 62

46 OmniCloud: Features Storage Strategies Specify how data is distributed over storages Consideration of storage specific properties Extensible approach (Inform. Dispersal, Reed Solomon) Data Deduplication Recognition of duplicated files within a service Copied just once to the cloud Reduction of cloud storage costs Mirroring Stripping 63

47 Cryptography extends trust boundaries How to protect data from malicious cloud admins Example 1: Homomorphic Encryption 64

48 General Idea Encryption a la OmniCloud does not work if provider needs to process the encrypted data Fully Homomorphic Encryption (Rivest, Adleman, Dertouzos, 1978, ) Represent algorithm as arithmetic circuit, e.g., f(x1, x2, ) = x1+x2*(1-x3) Homomorphic encryption means: Enc(x1)+Enc(x2)*(1-Enc(x3)) = Enc(x1+x2*(1-x3) Really means: server can compute on the encrypted data First provably secure and polynomial solution (Gentry, 2009, ) Far from being practical 65

49 State of the Art Actually efficient solutions exist for Homomorphic in one operation Somewhat homomorphic (limited depth) E.g., selective document retrieval from encrypted database (Bösch 2012) Secure function evaluation Two parties evaluate function, only one gets result E.g., pattern matching for genetic analysis (Katzenbeisser 2011) 66

50 Outline 1. (In)security by example 2. What CIOs think about cloud security 3. Best practices and standards 4. Security technologies 5. Outlook 72

51 Areas for Research Not a complete list Definition, Measurement and Assurance VM Security = Platform Security Application Security Provenance, trust management Compliance checking, scanning and patching of dormant images Reconsider proof-carrying code and other mobile agent security constructs Security Through Cloud Computing Security as a service Hypervisor-based security services Security in emerging cloud computing programming models and languages Architectures for trustworthy cloud computing Key management TCG-style trusted computing Fully homomorphic encryption, and other crypto tricks to support privacy Trusted clouds of clouds Trusted data and identity portability 73

52 Acknowledgements Support provided by Support provided by 74

53 Prof. Dr. Michael Waidner Fraunhofer-Institute for Secure Information Technology Rheinstrasse Darmstadt, Germany TECHNISCHE UNIVERSITÄT DARMSTADT Technical University of Darmstadt Chair for Security in Information Technology Mornewegstrasse Darmstadt, Germany 75