Security and Privacy in Cloud Computing



Similar documents
Security and Privacy in Cloud Computing

Lecture 10 Cloud Security. modified from slides of Lawrie Brown, Ragib Hasan, YounSun Cho, Anya Kim

Microsoft STRIDE (six) threat categories

Mobile Application Threat Analysis

Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats

CS573 Data privacy and security in the cloud. Slide credits: Ragib Hasan, Johns Hopkins University

Cryptography and Network Security Chapter 1

Security Testing. How security testing is different Types of security attacks Threat modelling

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

TIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13

External Supplier Control Requirements

Threat modeling. Tuomas Aura T Information security technology. Aalto University, autumn 2011

CPSC 467: Cryptography and Computer Security

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

Entire contents 2011 Praetorian. All rights reserved. Information Security Provider and Research Center

Cryptography and Network Security Overview & Chapter 1. Network Security. Chapter 0 Reader s s Guide. Standards Organizations.

CLOUD COMPUTING AND ITS SECURITY ASPECTS

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

Security Issues in Cloud Computing

Cryptography and Network Security

International Journal of Advance Research in Computer Science and Management Studies

Bellevue University Cybersecurity Programs & Courses

THREAT MODELLING FOR SQL SERVERS Designing a Secure Database in a Web Application

COSC 472 Network Security

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

AN INVESTIGATION OF SECURITY THEME FOR CLOUD COMPUTING

Cloud Computing Governance & Security. Security Risks in the Cloud

SECURITY CONCERNS AND SOLUTIONS FOR CLOUD COMPUTING

Risk, security, and legal analysis for migration to cloud. PART 2: Organising a secured cloud architecture

Notes on Network Security - Introduction

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Information System Security

An Approach to Threat Modeling in Web Application Security Analysis

EXIN Cloud Computing Foundation

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Lecture 02b Cloud Computing II

Chapter 6: Fundamental Cloud Security

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Security Goals Services

Introduction to Information Security

Introduction to Security

CNA 432/532 OSI Layers Security

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Basics of Internet Security

INTERNATIONAL JOURNAL OF ELECTRONICS AND COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) Introduction to Cloud Security. Taniya

Keyword: Cloud computing, service model, deployment model, network layer security.

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

90% of data breaches are caused by software vulnerabilities.

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.

CSCI 4541/6541: NETWORK SECURITY

Security Threat Risk Assessment: the final key piece of the PIA puzzle

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Security Issues In Cloud Computing and Countermeasures

Wireless Sensor Networks Chapter 14: Security in WSNs

The Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.

Chap. 1: Introduction

Lecture II : Communication Security Services

Discussion Draft of the Preliminary Cybersecurity Framework Illustrative Examples

Security Management of Cloud-Native Applications. Presented By: Rohit Sharma MSc in Dependable Software Systems (DESEM)

Windows Phone 8 Security Overview

Purpose. Service Model SaaS (Applications) PaaS (APIs) IaaS (Virtualization) Use Case 1: Public Use Case 2: Use Case 3: Public.

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Firewalls and Intrusion Detection

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

STORAGE SECURITY TUTORIAL With a focus on Cloud Storage. Gordon Arnold, IBM

A SURVEY OF CLOUD COMPUTING: NETWORK BASED ISSUES PERFORMANCE AND ANALYSIS

WLAN Attacks. Wireless LAN Attacks and Protection Tools. (Section 3 contd.) Traffic Analysis. Passive Attacks. War Driving. War Driving contd.

ICANWK406A Install, configure and test network security

BEST PRACTICES FOR SECURITY TESTING TOP 10 RECOMMENDED PRACTICES

GoodData Corporation Security White Paper

Data Security In The Cloud

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

External Supplier Control Requirements

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Residual risk. 3 Compliance challenges (i.e. right to examine, exit clause, privacy acy etc.)

Cloud Database Storage Model by Using Key-as-a-Service (KaaS)

A Methodology for Capturing Software Systems Security Requirements

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

OWASP AND APPLICATION SECURITY

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech

Transcription:

Security and Privacy in Cloud Computing Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 2 02/01/2010

Threats, vulnerabilities, and enemies Goal Learn the cloud computing threat model by examining the assets, vulnerabilities, entry points, and actors in a cloud Technique Apply different threat modeling schemes 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 2

Assignment for next class Review: Thomas Ristenpart et al., Hey, You, Get Off of My Cloud! Exploring Information Leakage in Third-Party Compute Clouds, proc. ACM CCS 2009. Format: Summary: A brief overview of the paper, 1 paragraph (5 / 6 sentences) Pros: 3 or more issues Cons: 3 or more issues Possible improvements: Any possible suggestions to improve the work Due: 2.59 pm 2/8/2010 Submission: By email to rhasan7@jhu.edu (text only, no attachments please) 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 3

Threat Model A threat model helps in analyzing a security problem, design mitigation strategies, and evaluate solutions Steps: Identify attackers, assets, threats and other components Rank the threats Choose mitigation strategies Build solutions based on the strategies 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 4

Threat Model Basic components Attacker modeling Choose what attacker to consider Attacker motivation and capabilities Assets / Attacker Goals Vulnerabilities / threats 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 5

Recall: Cloud Computing Stack 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 6

Recall: Cloud Architecture Client SaaS / PaaS Provider Cloud Provider (IaaS) 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 7

Attackers 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 8

Who is the attacker? Insider? Malicious employees at client Malicious employees at Cloud provider Cloud provider itself Outsider? Intruders Network attackers? 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 9

Attacker Capability: Malicious Insiders At client Learn passwords/authentication information Gain control of the VMs At cloud provider Log client communication 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 10

Attacker Capability: Cloud Provider What? Can read unencrypted data Can possibly peek into VMs, or make copies of VMs Can monitor network communication, application patterns 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 11

Attacker motivation: Cloud Provider Why? Gain information about client data Gain information on client behavior Sell the information or use itself Why not? Cheaper to be honest? Why? (again) Third party clouds? 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 12

Attacker Capability: Outside attacker What? Listen to network traffic (passive) Insert malicious traffic (active) Probe cloud structure (active) Launch DoS 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 13

Attacker goals: Outside attackers Intrusion Network analysis Man in the middle Cartography 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 14

Assets 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 15

Assets (Attacker goals) Confidentiality: Data stored in the cloud Configuration of VMs running on the cloud Identity of the cloud users Location of the VMs running client code 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 16

Assets (Attacker goals) Integrity Data stored in the cloud Computations performed on the cloud 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 17

Assets (Attacker goals) Availability Cloud infrastructure SaaS / PaaS 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 18

Threats 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 19

Organizing the threats using STRIDE Spoofing identity Tampering with data Repudiation Information disclosure Denial of service Elevation of privilege 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 20

Typical threats Threat type Spoofing identity Tampering with data Repudiation Mitigation technique Authentication Protect secrets Do not store secrets Authorization Hashes Message authentication codes Digital signatures Tamper-resistant protocols Digital signatures Timestamps Audit trails [STRIDE] 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 21

Typical threats (contd.) Threat type Information disclosure Denial of service Elevation of privilege Mitigation technique Authorization Privacy-enhanced protocols Encryption Protect secrets Do not store secrets Authentication Authorization Filtering Throttling Quality of service Run with least privilege [STRIDE] 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 22

Summary A threat model helps in designing appropriate defenses against particular attackers Your solution and security countermeasures will depend on the particular threat model you want to address 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 23

Further Reading Frank Swiderski and Window Snyder, Threat Modeling, Microsoft Press, 2004 The STRIDE Threat Model 2/1/2010 en.600.412 Spring 2010 Lecture 2 JHU Ragib Hasan 24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information