Skip to main content

Cloud Security

1. Confidentiality

If you back up your data to the cloud, your Cloud Service Provider (CSP) shouldn’t be able to see the data you store. “They can’t guarantee that!” you say. “I have to encrypt the data before it leaves my machine.” That’s all well and good, until you are relying on your CSP for this service, like Server Side Encryption available in AWS S3 where they manage your keys. How does one ensure the management of these keys to prevent an administrator from decrypting your data?

2. Integrity

How do you know that your CSP didn’t log into your machines when you weren’t looking? Well, unfortunately in most cases, you don’t. Sure, you can check your logs, but the really good hackers (and even the script kiddies with good tools) can remove log entries and modify timestamps. You need a way to verify that you’re the only one logging into your machines. To expand on this, customers typically have the ability to manage their images and snapshots they run in the cloud. How does one ensure that no one has tampered with those images when they were made? Take the marketplace where companies buy and sell images to other users -- how can the buyer ensure the image they are purchasing does not contain any malware, viruses, or other malevolent software with or without the seller knowing?

3. Availability

This can be a plague on any CSP, as AWS has seen with a misconfigured application file -- it takes out an entire availability zone, as it did on April 20, 2011 for EBS. The solution is to have multiple availability zones. When one zone fails, there’s no security risk because another is ready to take over.

4. Mutual Auditability

This is the holy grail of cloud security, and it’s one that many providers are not aware of. What this means is that as an administrator, you can verify to the user that their actions are their actions, and that you didn’t complete any actions yourself. And as user, I can verify that my actions are my actions -- I can see that I’m the one that did them. More importantly, an auditor (or other 3rd party) can go in and determine which actions were completed by which parties.
For many people, these concerns aren't at the forefront of their minds -- but there are all kinds of advantages to this level of insight. 

Comments

Post a Comment

Popular posts from this blog

How to construct a File System that lives in Shared Memory.

Shared Memory File System Goals 1. MOUNTED IN SHARED MEMORY The result is a very fast, real time file system. We use Shared Memory so that the file system is public and not private. 2. PERSISTS TO DISK When the file system is unmounted, what happens to it? We need to be able to save the file system so that a system reboot does not destroy it. A great way to achieve this is to save the file system to disk. 3. EXTENSIBLE IN PLACE We want to be able to grow the file system in place. 4. SUPPORTS CONCURRENCY We want multiple users to be able to access the file system at the same time. In fact, we want multiple users to be able to access the same file at the same time. With the goals now in mind we can now talk about the major design issues: FAT File System & Design Issues The  FAT File System  has been around for quite some time. Basically it provides a pretty good file structure. But I have two problems with it: 1. FAT IS NOT EXTENSIBLE IN PLAC...
Post a Comment
Read more

Common Sense Identification of the Security Problems

Organizations make key information security mistakes, which leads to inefficient and ineffective control environment. High profile data breaches and cyber-attacks drive the industry to look for more comprehensive protection measures since many organizations feel that their capability to withstand persistent targeted attacks is minimal. But at the same time, these organizations make some key information security mistakes, that jeopardize their efforts towards control robustness. Although many firms invest in security technologies and people, no one has the confidence that the measures taken are good enough to protect their data from compromises. Below are the 10 worst mistakes which are common to find, and important to address in the path of mature information security posture. If you analyze the cyber security scenarios, and organizational capabilities, the prevailing trend is a vendor-driven approach. In many cases, security professionals adopt the attitude of procuring...
Post a Comment
Read more

Design of Large-Scale Services on Cloud Services PART 2

Decompose the Application by Workload Applications are typically composed of multiple workloads. Different workloads can, and often do, have different requirements, different levels of criticality to the business, and different levels of financial consideration associated with them. By decomposing an application into workloads, an organization provides itself with valuable flexibility. A workload-centric approach provides better controls over costs, more flexibility in choosing technologies best suited to the workload, workload specific approaches to availability and security, flexibility and agility in adding and deploying new capabilities, etc. Scenarios When thinking about resiliency, it’s sometimes helpful to do so in the context of scenarios. The following are examples of typical scenarios: Scenario 1 – Sports Data Service  A customer provides a data service that provides sports information. The service has two primary workloads. The first provides statistics for th...
Post a Comment
Read more