Cloud Security
-
Upload
christoph-hechenblaikner -
Category
Technology
-
view
7 -
download
3
description
Transcript of Cloud Security
Cloud SecurityChristoph Hechenblaikner
Johannes Innerbichler
Why Cloud Security?
CC + SP-Sec
• User: “App” = Whole package
• App + Web service
• Smartphone-Security:
• Protect assets on the device
• Cloud-Security
• Protect assets in the cloud
Agenda
• Basics of Cloud Computing
• Cloud Security Basics
• Cloud Services Analysis
• Virtualization Security
• Cloud Cryptography
Cloud Computing BasicsWhat is it about ?
Cloud Computing
• NIST
• On-demand self-service
• Broad network access
• Resource pooling
• Rapid elasticity
• Measured Service
Source: http://pre-developer.att.com/home/learn/enablingtechnologies/The_NIST_Definition_of_Cloud_Computing.pdf
Cloud Computing
• IDC CC-Forecast Nov 2012:
• 2012: $40 billion
• 2016: $100 billion
• AGR: 26,4% (2012 - 2016)
• 2016: 41% of total IT growth
Source: http://www.idc.com/getdoc.jsp?containerId=prUS23684912#.UOiFdYnjlgw
XaaS
SaaS
PaaS
End User
Developer
System Engineers /Developers
IaaS
user
val
ue
IaaS
• Cloud
• Hardware / Network
• OS (partly) / Virtualization
• User
• Applications / Data
• Runtime / Middleware
• OS (limited)
IaaS
User /Developer
Provider
Provider managed
Application
.
.
.
Provider managed
Application
www
Scaleability!
Server-VM
Server-VM
MMI
IaaS
• Pay as you use
• Own runtimes, ...
• Highly scaleable
• Dynamic application environment
• Application / Developer manages scaling
IaaS
PaaS
• Cloud
• Hardware / Network
• OS / Virtualization
• Runtime / Middleware
• User
• Applications / Data (APIs)
PaaS
User /Developer
www
ProviderApplication
Users API
Blobstore API
DataQueue API
SSL-access API
Images API
Security API
Memcache API
.
.
.
Framework
PaaSIDE
Application Application
Client Server
Platform Framework
Provider account
Deployment Tool
to platform
PaaS
• Developer focuses on application
• “native” application scaling
• Performance
• Pay as you use (CPU time, transferred data, ...)
PaaS
SaaS
• Cloud
• Provides the application
• User
• Uses it!
SaaS
• Application delivered through the cloud
• Access via different devices
• Access:
• Web Technology
• Client Applications
• Future Software Distribution Channel
SaaS
XaaSApplications
Data
Runtime
Middleware
OS
Virtualisation
Hardware
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtualisation
Hardware
Storage
Networking
Applications
Data
Runtime
Middleware
OS
Virtualisation
Hardware
Storage
Networking
SaaS
PaaS
IaaS
Cloud Security BasicsWhat are we afraid of ?
Cloud Security Assets
• Sensitive user data
• Credentials, Keys, SSN
• Military / Business Information,
• Medical Health Records
• Control over Cloud-System
• Computational Power
Security Goals
• As usual:
• Confidentiality
• Integrity
• Availability
• Accountability
Cloud Security
0%
25,00%
50,00%
75,00%
100,00%
Regulatory requirements Availability Security
74,6%
63,1%59,2%
Source: IDC Enterprise Panel, August 2008 n=244 % responding 4 or 5
Security Threads
• CSA “Top threads to Cloud Computing”
• Alliance of Cloud-Computing companies
• Goal: Providing Guidelines
Source: cloudsecurityalliance.org/research/top-threats/
Security Threads
• #1 “Abuse and Nefarious Use of Cloud Computing”
• DDoS-Attacks, Botnets
• Cracking Hashes / Keys, Rainbow Tables
• CAPTCHA solving farms
• Solutions: User registration, Signatures, ...
Example
Source: http://www.zdnet.com/blog/security/zeus-crimeware-using-amazons-ec2-as-command-and-control-server/5110
• Amazon EC2 (AWS)
• 2009 - 2010
• The Botnet behind CrimeWare Zeus used Amazon E2 Service for “command and control” purposes.
• 3,600,000 bots (Bank of America, NASA, Cisco, Oracle, Amazon, ...)
Security Threads
• #2 “Insecure Interfaces and APIs”
• MMI of Cloud Providers
• APIs to additional services (layered API)
• Must prevent policy circumventions
Security Threads
• 2009
• Part of API-functions accessible via HTTP-Authentication
• MITM, CSRF, ...
• Lots of bad mashups!
Source: http://securitylabs.websense.com/content/Blogs/3402.aspx
Source: www.theprogrammableweb.com
Security Threads
• #3 “Malicious Insiders”
• Hobby hacker, corporate espionage, nation-state sponsored intrusion
• Transparency of providers
• Solutions: Contracts, Compliance monitoring, ...
Security Threads
Source: http://datalossdb.org/incidents/5883-firm-may-have-illegally-bought-and-sold-150-million-customers-information
• Roadway D&B (Shanghai)
• 03/2012
• Personal data bought and sold by D&B
• Income, family, car, ...
• 150,000,000 records from (IT) insiders at banks, issuance groups, real estates agencies, ...
Security Threads
• #4 “Shared Technology Issues”
• Hypervisor Mediated Architectures (VMs)
• Storage
• Network Security
• Solutions: Regular audits, Monitoring, ...
Security Threads
• VMware
• 2009
• VMware SVGA II exploit
• MMIO used to place and execute code at host OS
• Many products affected (Workstation, ESX-Server)
VMware exploitHost Guest
vmx-process
Frame Buffer
SVGA-FIFO
OS
Virtual Video Card
SVG_RECT_COPY
Source: http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
SVGA_RECT_COPY
Figure 3: Normal behavior of the SVGA_RECT_COPY operation
Figure 4: Source rectangle is out of the frame buffer (leak memory)
10
Frame Buffer
Src
Dst
Frame Buffer
Src
Dst
Source: http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
SVGA_RECT_COPYFigure 3: Normal behavior of the SVGA_RECT_COPY operation
Figure 4: Source rectangle is out of the frame buffer (leak memory)
10
Frame Buffer
Src
Dst
Frame Buffer
Src
Dst
Source: http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
SVGA_RECT_COPY
Figure 5: Destination rectangle is out of the frame buffer (overwrite memory)
There are two obvious ways to abuse the command, either misplace the source rectangle or the destination rectangle, leading to two different types of bugs.
3.1.1 Memory Leak (Figure 4)If the source rectangle is located out of the frame buffer, the RECT_COPY
operation will copy the content of the memory range in the host process memory defined as the source into the frame buffer. Since the frame buffer is shared between the host and the guest, the guest can then read the content of the frame buffer and thus leak the host process memory.
Debug versions (and Beta/RC) of VMware products include additional ASSERTs lowering the extent of the memory one can leak, even though the bug is still there. In retail versions, this bug can be used to leak pretty much any part of the memory.
The leak is relative to the base address of the frame buffer in the host process memory. In order to leak any address content, you will HAVE to know or leak this address.
3.1.2 Memory Write (Figure 5)If the destination rectangle is abused in the RECT_COPY operation, it is
possible for someone to overwrite part of the memory of the host process. Since the
11
Frame Buffer
Src Dst
Source: http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
VMware exploitHost Guest
vmx-process
Frame Buffer
SVGA-FIFO
OS
Virtual Video Card
Source: http://www.blackhat.com/presentations/bh-usa-09/KORTCHINSKY/BHUSA09-Kortchinsky-Cloudburst-PAPER.pdf
Security Threads
• #5 “Data Loss or Leakage”
• Deletion, Alteration, Storage System Failure
• Deleting encryption keys, weak keys
• Leakage of data to third parties
Security Threads
Source: http://datalossdb.org/incidents/1518-malicious-software-hack-compromises-unknown-number-of-credit-cards-at-fifth-largest-credit-card-processor
• Heartland Payment Systems
• May 2008
• 130,000,000 records ($2.5 Million damage)
• credit card numbers, ...
Security Threads
• United States Army
• December 28th 2012
• 36, 000 records
• SSN, names, dates of birth, ...
Source: http://datalossdb.org/incidents/8680-social-security-numbers-of-36-000-who-worked-at-or-visited-fort-monmouth-as-well-as-some-of-their-names-dates-and-places-of-birth-home-addresses-and-salaries-accessed-by-hacker
Security Threads
• #6 “Account or Service Hijacking”
• Getting control over account (without the user noticing it!)
• phishing, social engineering, tampered images, ...
• constant / hidden business manipulation
Security Threads
• #7 “Unknown Risk Profile”
• Versions of software, Security design, Intrusion attempts, ...
• Competitors using the service?
• Bad attempt: Security by obscurity
• Solutions: Disclosure of {infrastructure, software, logs,...}, Customer notification / alerts, ...
Security Threads
• Heartland Payment Systems
• Used known vulnerable software components (did not disclosure them)
• Did not provide their customers with appropriate logs / alerts
• Did inform their customers too late!
Cloud Service Analysis(How) is it done ?
SaaS
• Dropbox
• Ubuntu1
• iCloud
• Wuala
• GoogleDrive
• Spideroak
• MS SkyDrive
• Mozy
Google Drive• Initial free 5 GB
• Provides optional free two-factor authentication via SMS or Google Authenticator app
• Search functionality
• optical character recognition (OCR)
• Optional disabled automatic deletion
• Files are stored unencrypted. Transfer: SSL
• But who own the data after uploading?
GDrive: Terms of Service
"Your Content in our Services:
When you upload or otherwise submit content to our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes that we make so that your content works better with our Services), communicate, publish, publicly perform, publicly display and distribute such content.
The rights that you grant in this license are for the limited purpose of operating, promoting and improving our Services, and to develop new ones. This license continues even if you stop using our Services (for example, for a business listing that you have added to Google Maps)."
http://www.google.co.uk/intl/en/policies/terms/regional.html
SkyDrive
• Initial free 7 GB
• Access of every file on that PC it is installed in.
• Microsoft Web Apps
• Privacy concerns
• No two-factor authentication offered
• Files are stored unencrypted Transfer: SSL
SkyDrive - Security
• “Secure Sockets Layer (SSL) to encrypt your files when you upload or download them.”
• “Sophisticated physical and electronic security measures on the servers to help keep your files safe.”
• “Multiple copies of each file saved on different servers and hard drives to help protect your data from hardware failure.”
http://windows.microsoft.com/en-US/skydrive/any-file-anywhere#1TC=t1
Security concerns in SkyDrive Hotmail
• Person A want to send a sensitive document to Person B.
• Now person A log in to his Hotmail account, types a brief email to person B and adds the file to be sent. The file is automatically added to the SkyDrive and the link is shared through the email to person B.
• Now, person B reads the email in a public computer, access the file from SkyDrive, Signs out from his mail and goes away.
• Now person C comes to the same computer. He simply checks the URLs accessed by the previous user in the browser and finds the links to the file in SkyDrive. He visit the file in SkyDrive, downloads it and sends to some business competitors.
Wuala
• Free 2 GB
• Upload by drag-and-drop into client application
• Versioning: 10 most recent versions
• Sharing Functionality
• with other subscribers
• with non-subscribers (https://www.wuala. com/username/folder/?key=value)
• with everybody
Wuala - Security
• No Email confirmation after registration
• Transport Security
• proprietary client/server communication
• no SSL / TLS
• no detailed Information
• Convergent file encryption
Wuala - Convergent Encryption I
Client
khash
encrypt
file
enck(file)
fname’hash
Server
filename on server hash(enck(file))
file content enck(file)
key for decryption encs(k)
filename on user’s disk encs(fname’)
• Symmetric root key r derived from user password• Random key s, can be accessed via r
Wuala - Convergent Encryption II
• Properties
• Identical clear texts are identical crypto texts (user independent)
• server can not decrypt crypto texts without copy of clear texts
• Drawbacks
• Check for a file possible
• Disclosure of connection between users
Mozy• Free 2 GB
• No specific drive
• Transport security: TLS and HTTPS
• File encryption:
• Encrypted on client
• 448-bit Blowfish (key provided by Mozy)
• 256-bit AES (personal key)
• Filenames and paths stored unencrypted
• Cross-user vs. single user deduplication
Dropbox
• Up to 2GB free space (but Spacerace, ...)
• Clients available for almost all OS
• Powerful versioning of files (free account 30 days)
• Sync based on 4MB chunks
Dropbox Security• Server-side AES-256 (their key)
• Server-side per user de-duplication (see later)
• Transfer: SSL (HTTPS)
• Account-lockdown: to many login attempts
• Registration: Email not verified
• Sharing: predictable URL’s for non registered (after some URLs)
De-duplication sharing
• earlier versions of DB:
• Client side de-duplication
• Based on hash of chunks
• Exploited to download illegal content (Dropship, ...)
De-duplication sharing
OpenSSL
Dropbox Client
Dropbox Server
. . .
File-Pool
User-Storage User-Storage
== ilinkreplace hash
De-duplication sharing
• thepiratebay.org top 100 torrents
• Downloaded copyright free content (.sfv, .nfo, ...)
• 97 % (n=368) retrievable
• 20% not older than 24 hours
Ubuntu 1
• 5GB free (Amazon EC2)
• Clients for Linux/Windows/Android/iOS
• Supports music streaming and contact synchronization
• Transfer: SSL (HTTPS)
• De-duplication on file base (not chunks) on server
• No encryption at all
iCloud
• 5GB for free
• Used for Contacts, Calendars, Bookmarks, Reminder, Mails, Photos, Documents, Backups, ...
• No Security Enhancement Tools
iCloud Security
• Server-side encryption (their key) - “At minimum AES-128”
• Transfer: SSL
• Backup-Keybag like in iTunes backups (ECC-class keys: Background backup)
• “One account to rule them all”
iCloud Security
Source: http://support.apple.com/kb/HT4865
Spideroak
• 2GB for free
• Clients for Mac/Linux/Windows
• Web-Access (security!!)
• “Zero Knowledge” Principle
• Versioning
Spideroak Security
• Client-Side AES-256 + Server-Side RSA-2048
• Key password derived:
• PBDF2 - 16384 rounds - sha256
• 32 Bytes salt
• Web-Access: Key stored in encrypted memory area, wiped afterwards
PaaS / IaaS
• AWS
• (Microsoft Azure)
Amazon Web Services (AWS)
• Flexible, scalable, low-cost cloud IaaS
• Several certifications and accreditations regarding security
AWS Architecture
Source: http://d36cz9buwru1tt.cloudfront.net/AWS_Cloud_Best_Practices.pdf
AWS Cloud Security ICertifications and Accreditations • SOC 2 Type II Security• ISO 27001 Certification• PCI DSS Level I Compliance• MIPAA compliant• MPAA compliant architecture• DIACAP MAC III-Sensitive• Audit, supporting SOX compliance• Aligned to CSA’S control matrix
Physical Security• Multi-level, multi-factor controlled access environment• Controlled, need-based access for AWS employees (least privilege)
Management Plane Administrative Access• Multi-factor, controlled access to administrative host• All access logged, monitored, and reviewed• AWS administrators DO NOT have logical access inside customers VM (including applications and data)
VM Security
• Multi-factor access to Amazon account• Instance Isolation
• Customer-controlled firewall at the hypervisor level
• Neighboring instances prevented access• Virtualized disk management layer ensure only
account owners can access storage disks• Support for SSL end point encryption for all API calls
Network Security
• Instance firewalls can be configured in security groups• The traffic may be restricted by protocol, by service port, as well as by source IP address (individual or CIDR)• Virtual Private Cloud (VPC) provides IPSec VPN
AWS Cloud Security II
• Network security
• DDoS attacks
• MITM attacks
• Port scanning
• Account security features
• Service specific security features
Identity and Access Management (IAM)
• Who?, What actions? Which resources?
• Additional granularity: When?, Where?, How?
• Distributed roles between instances (EC2)
Multi-Factor Authentication
• Two-factor authentication
• AWS MFA device
• Virtual MFA device (smartphone)
• Hardware MFA device ($12.99)
Amazon S3
• Online web storage service
• REST, SOAP, and BitTorrent
• Objects (files) are organized in buckets
• Free limited usage tier
• Afterwards pricing per storage, request, and datatransfer
Amazon S3 - Security
• HMAC-SHA1 signature
• Access Control List (ACL) of bucket and object
• Versioning
S3 - Server Side Encryption
Amazon Elastic Compute Cloud (EC2)
• Amazon Machine Image (Linux, Windows)
• Manually creating and terminated additional servers instances (elastic)
• Paying by the hour for active servers
• Control of geographic location
Amazon EC2 - Security I• Multiple Levels of Security:
• Host operating system
• Guest operating system
• Firewall
• Fully controlledby customer
Source: http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Amazon EC2 - Security II
• Hypervisor (Xen)
• Instance Isolation
Source: http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
Windows Azure Platform
• Microsoft's application platform for the public cloud.
• Base for Microsoft Online Services
Windows Azure PlatformArchitecture
Fabric
Computation Storage
Web RoleInstance
Worker RoleInstance
Virtual MachineVirtual Machine
BLOBS Tables
Queries Drives
Fabric Controller
Windows Azure Platform Security
• Subscription via Windows LiveID grants full control to virtual machine and storage
• Programmatically through SMAPI
• Windows Azure storage is governed through an storage access key
• no SSE
Virtualization SecurityIsolation please !
Full Virtualization
Hardware
Host OS or Bootstrap
Hypervisor or Virtual Machine Manager
VMOS
App
VMOS
App
VMOS
App
Virtualization Security Threats
• Communication blind spots
• Inter-VM attacks and hypervisor compromises
• Mixed trust level VMs
• Instant-on gaps
ReactivatedOut of Date
Cloned
Imagesource: http://la.trendmicro.com/media/misc/virtualization-cloud-computing-threat-report-en.pdf
Virtualization - Security
• Guest OS isolation
• Mitigation of side-channel attacks
• Guest OS Monitoring
• Full auditing capabilities
• Image and Snapshot Management
• Forensic
Future Cloud CryptographyDue to the suspicious nature of crypto users I have a feeling DES will be with us forever, we will just keep adding keys and cycles...”Colin Dooley”
New Crypto Schemas for the Cloud
• Encrypted data is vulnerable while processing time
• Process encrypted data without encryption
• Searchable encryption
• Homomorphic encryption
• Proxy re-encryption
Searchable Encryption (SE)
• Server executes queries without decrypting data.
• Cryptographic primitives and trapdoors
• SE issues
• Data owner ship
• Trapdoor revocation
• Query type: single keywords, multiple keywords, conjunctive and ranked queries
query + trapdoor
query results
SE Schemes• Symmetric SE
• SSE assume that the data is encrypted with the same master key that will be used during searching and that the owner of the data is the one who triggers the queries.
• Multiple parties are able to search over data of a single user.
• Asymmetric SE
• Any party that knows the public key is able to encrypt and add data to the server, but only the party in possession of the private key can generate trapdoors.
Homomorphic Encryption (HE)
• Encrypted data is processes
• Limited operations available (yet)
Proxy Re-Encryption (PRE)
• Allows Bob to decrypt data from Alice without her secret key
• Use of semi-trusted server
• Bidirectional vs. unidirectional
• Single hop vs. multi hop
• Used in Digital Rights Management
Alice Proxy BobEA(M) EB(M)
rA-B
Thanks! Q&A