Skip to main content

Cloud Security

1. Confidentiality

If you back up your data to the cloud, your Cloud Service Provider (CSP) shouldn’t be able to see the data you store. “They can’t guarantee that!” you say. “I have to encrypt the data before it leaves my machine.” That’s all well and good, until you are relying on your CSP for this service, like Server Side Encryption available in AWS S3 where they manage your keys. How does one ensure the management of these keys to prevent an administrator from decrypting your data?

2. Integrity

How do you know that your CSP didn’t log into your machines when you weren’t looking? Well, unfortunately in most cases, you don’t. Sure, you can check your logs, but the really good hackers (and even the script kiddies with good tools) can remove log entries and modify timestamps. You need a way to verify that you’re the only one logging into your machines. To expand on this, customers typically have the ability to manage their images and snapshots they run in the cloud. How does one ensure that no one has tampered with those images when they were made? Take the marketplace where companies buy and sell images to other users -- how can the buyer ensure the image they are purchasing does not contain any malware, viruses, or other malevolent software with or without the seller knowing?

3. Availability

This can be a plague on any CSP, as AWS has seen with a misconfigured application file -- it takes out an entire availability zone, as it did on April 20, 2011 for EBS. The solution is to have multiple availability zones. When one zone fails, there’s no security risk because another is ready to take over.

4. Mutual Auditability

This is the holy grail of cloud security, and it’s one that many providers are not aware of. What this means is that as an administrator, you can verify to the user that their actions are their actions, and that you didn’t complete any actions yourself. And as user, I can verify that my actions are my actions -- I can see that I’m the one that did them. More importantly, an auditor (or other 3rd party) can go in and determine which actions were completed by which parties.
For many people, these concerns aren't at the forefront of their minds -- but there are all kinds of advantages to this level of insight. 

Comments

Post a Comment

Popular posts from this blog

Python and Parquet Performance

In Pandas, PyArrow, fastparquet, AWS Data Wrangler, PySpark and Dask. This post outlines how to use all common Python libraries to read and write Parquet format while taking advantage of  columnar storage ,  columnar compression  and  data partitioning . Used together, these three optimizations can dramatically accelerate I/O for your Python applications compared to CSV, JSON, HDF or other row-based formats. Parquet makes applications possible that are simply impossible using a text format like JSON or CSV. Introduction I have recently gotten more familiar with how to work with  Parquet  datasets across the six major tools used to read and write from Parquet in the Python ecosystem:  Pandas ,  PyArrow ,  fastparquet ,  AWS Data Wrangler ,  PySpark  and  Dask . My work of late in algorithmic trading involves switching between these tools a lot and as I said I often mix up the APIs. I use Pandas and PyArrow for in-RAM comput...
Post a Comment
Read more

Design of Large-Scale Services on Cloud Services PART 2

Decompose the Application by Workload Applications are typically composed of multiple workloads. Different workloads can, and often do, have different requirements, different levels of criticality to the business, and different levels of financial consideration associated with them. By decomposing an application into workloads, an organization provides itself with valuable flexibility. A workload-centric approach provides better controls over costs, more flexibility in choosing technologies best suited to the workload, workload specific approaches to availability and security, flexibility and agility in adding and deploying new capabilities, etc. Scenarios When thinking about resiliency, it’s sometimes helpful to do so in the context of scenarios. The following are examples of typical scenarios: Scenario 1 – Sports Data Service  A customer provides a data service that provides sports information. The service has two primary workloads. The first provides statistics for th...
Post a Comment
Read more

Design of Large-Scale Services on Cloud Services PART 1

Cloud computing is distributed computing; distributing computing requires thoughtful planning and delivery – regardless of the platform choice. The purpose of this document is to provide thoughtful guidance based on real-world customer scenarios for building scalable applications Fail-safe   noun . Something designed to work or function automatically to prevent breakdown of a mechanism, system, or the like. Individuals - whether in the context of employee, citizen, or consumer – demand instant access to application, compute and data services. The number of people connected and the devices they use to connect to these services are ever growing. In this world of always-on services, the systems that support them must be designed to be both available and resilient. The Fail-Safe initiative  is intended to deliver general guidance for building resilient cloud architectures, guidance for implementing those architectures  and recipes for implementing these architectures...
Post a Comment
Read more