1 / 42

Adaptive Model-based Cloud Computing Security Management

Center for Computing and Engineering Software Systems Swinburne University of Technology. Adaptive Model-based Cloud Computing Security Management. 25 May 2012. Mohamed Almorsy Supervisors Prof. John Grundy Prof. Jun Han. Agenda. Cloud Computing Security. Research Gaps.

dorcas
Télécharger la présentation

Adaptive Model-based Cloud Computing Security Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Center for Computing and Engineering Software Systems Swinburne University of Technology Adaptive Model-based Cloud Computing Security Management 25May2012 Mohamed Almorsy SupervisorsProf. John Grundy Prof. Jun Han

  2. Agenda Cloud Computing Security Research Gaps Adaptive Cloud Security Management

  3. Motivating Scenario SWIN SOFT • GREEN CLOUD Get Currency-Now Build Workflow • BLUE CLOUD Batch processing <<include>> <<include>> <<include>> SWIN SOFT Galactic CPs : GREEN CLOUD – BLUE CLOUD SPs : SWINSOFT - GREEN CLOUD – BLUE CLOUD CCs : Swinburne University- Auckland University

  4. Why Security is different inCloud Computing ? Resources Virtualization - Multi-tenancy - Elasticity Cloud Characteristics Long Dependency Stack Cloud Computing Model Different Stakeholders Hypervisor - VMs - Platforms - Apps CPs - SPs - CCs Different Possible Deployments Service Delivery Models Public - Private - Hybrid IaaS - PaaS - SaaS

  5. http://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-for-it-pros.aspxhttp://blogs.technet.com/b/yungchou/archive/2010/11/15/cloud-computing-primer-for-it-pros.aspx

  6. New Cloud Security Problems Security Isolation Loss-of-Control Lack-of-Trust Security Federation ..... Why • Tenants have no control on outsourced assets. • CPs do not know the hosted service business value. • Services are developed with built-in security functions. • Services are developed with security from the service provider perspective.

  7. NIST - http://www.kurzweilai.net/nist-issues-government-cloud-computing-roadmap-and-architecture

  8. Research Problem • Cloud computing model lacks a strong security management frameworkthat can handle: • Loss-of-control and lack-of-trust. • Multi-tenancy. • Different stakeholders. • Constantly changing security. • Huge number of services and security solutions. CCs involved in securing their assets tenant-oriented security collaboration-based adaptive security standard security interface

  9. Current Trends NIST CSA

  10. Current Trends NIST CSA FedRAMP Limitations • Security customization is limited. • Security adaptation is not possible. • Cloud provider is the service provider. • Limits the ROI of the cloud platforms. • A cloud provider claims supported security level. • A certifying authority audits the claimed level. • A cloud consumer specifies expected security level. • The certifying authority matches consumers requirements and providers capabilities and assures it.

  11. Current Trends NIST CSA Security Registry Limitations • Assessment and awareness do not mean real security. • Loss-of-Control nor Lack-of-Trust are mitigated. • CSA Focus on assessing a cloud provider security level. • List security controls to be provided by a cloud provider. • Checklist to guide consumers assess a cloud platform security.

  12. Research Objective • To extend the cloud model with an abstract, dynamic, and multi-tenant security management framework. CC Security Management Process CC Security Management Process

  13. ISMSs (including NIST-FISMA and ISO27000) provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving the protection of information assets. Information Security Management Systems

  14. Rethinking in Security Management under Cloud Computing Model CCs involved in securing their assets tenant-oriented security collaboration-based adaptive security standard security interface

  15. Research Gaps

  16. General Approach Service Provider Stakeholder Security Engineers Cloud Provider Security Model Service Model Cloud Platform Model Secure System model Feedback Enforcement Security Mgmt plan Security Controls Cloud Services Cloud Platform Model-based Security Management for the Cloud Computing Model

  17. General Framework Management Component Tenant Security Modeller Service & Platform Modeller Analysis Component Enforcement Component Service-security Integrator Threat and Vulnerability Analyzer Sn Security Interface S1 S2 Measurements Analyzer Security Services Monitoring Component Measurements Collector Security Probes Generator

  18. Rethinking in Security Management under Cloud Computing Model

  19. Collaboration-based Cloud Computing Security Management Framework CCs All All • Aligning FISMA Security Management standard with the cloud model. • Improving the collaboration among cloud stakeholders. CPE CVE/CWE CCE All CCs CCs & CPs Adopted security standards Responsible stakeholder(s)

  20. Aligning NIST to the Cloud Model

  21. Aligning NIST to the Cloud Model (cont’d)

  22. Adopted Security Standards

  23. Collaboration-based Cloud Computing Security Management Framework Management Layer Security Metrics Manager Security Categorization Multi-Tenant Security Plan Risk Assessment Security Controls Manager Multi-Tenant Status Report Security Status Security Management Repository Security Reqs. Feedback Layer Enforcement Layer Planning Implementation Monitoring Analysis Measurements Cloud Platform Configurations Controls Logs Security Controls

  24. Prototype Snapshots A snapshot of the security controls base satisfaction status A cloud consumer registering for one of the GREEN CLOUD registered services Two different service security categorizations for two different customers A snapshot of a security control registration A sample of Swinburne security status report A snapshot of a given service threats retrieved from the NVD A snapshot of the security SLA between GREENCLOUD, SWINSOFT and Swinburne

  25. Limitations • Security monitoring depends on security controls’ log files “lagging metrics”. • Service-oriented security. • Integrating security controls within target services is done manually.

  26. Security Management Security Engineering Security Objectives Security Requirements Security Threats/Risks Security Architecture Security Controls Security Design Security Monitoring Security Enforcement • Tenants come and go at runtime. • Tenants’ security change at runtime. • Services shouldn’t go down for customization or maintenance. • Discovered vulnerabilities cannot wait too long for patches.

  27. Adaptive (Multi-tenant) Model-driven Security (Re)Engineering at Runtime Component Multi-tenant Security Engineering @ runtime TOSSMA Security Reengineering SMART MDSE@R Security Engineering @ runtime

  28. MDSE@R: Model-driven Security Engineering @ Runtime

  29. Galactic ERP System Description Model (SDM)

  30. UML Profile

  31. Swinburne Security Specification Model (SSM)

  32. SecDSVLMetamodel Security control

  33. Live system interceptors [1], security specification [2] documents

  34. TOSSMA: Tenant-Oriented SaaS Security Management Architecture

  35. Adaptive (Multi-tenant) Model-driven Security (Re)Engineering at runtime Component

  36. MDSE@RMT Evaluation Results

  37. Adaptive (Multi-tenant) Model-driven Security (Re)Engineering at Runtime Component Multi-tenant Security Engineering @ runtime TOSSMA Security Reengineering SMART MDSE@R Security Engineering @ runtime

  38. boolupdateCustomerBalance(string custID, decimal nBalance) { if(!AuthenitcateUser( username, password)) return false; if(!AuthorzUser(username, "updateCustBalance")) return false; LogTrx(username, dateTime.Now, "updateCustomerBalance"); Customer customer = Customers.getCustomerByID(custID); customer.Balance= nBalance; Customers.SaveChanges(); LogTrx(username, dateTime.Now, "updateCustBalance done"); } To be removed if( Request.Cookies["Loggedin"] != true ) { if( !AuthenticateUser(Request.Params["username"], Request.Params["password"] ) ) throw new Exception("Invalid user"); } DoAdministration(); To be modified if( !AuthenticateUser( Request.Params["username"], Request.Params["password"] ) ) throw new Exception("Invalid user"); if( !AuthorizeUser( Thread.CurrentPrincipal, (new StakeFrame()).GetMethod().Name, (new StakeFrame()).GetMethod().GetParameters() ) ) throw new Exception("User is not auhorized"); updateCustomerBalance(Request.QueryString["cID"], nBalance); To be injected Examples of code snippets that need to be Re-engineerd

  39. Re-engineering Aspects “Re-aspects” Grammar

  40. System Security Reengineering Architecture

  41. Mo Mohamed Almorsy malmorsy@swin.edu.au http://www.ict.swin.edu.au/ictstaff/malmorsy

More Related