Jul 5, 2010 - Global Foundation Services, Microsoft Corporation ...... In the case of protected blobs, access must come
SECURE USE OF CLOUD STORAGE BLACKHAT BRIEFINGS USA 2010
AUTHOR Grant Bugher Lead Security Program Manager, Online Services Security and Compliance Global Foundation Services, Microsoft Corporation
JULY 2010 VERSION 1.0 (FINAL)
i
Secure Use of Cloud Storage
July 2010
Table of Contents TABLE OF CONTENTS ........................................................................................................................................................................................ II EXECUTIVE SUMMARY ....................................................................................................................................................................................... 1 INTRODUCTION .................................................................................................................................................................................................... 1 CLOUD STORAGE SYSTEMS ............................................................................................................................................................................... 1 MICROSOFT WINDOWS AZURE STORAGE ....................................................................................................................................................................................... 1 Blob Service .........................................................................................................................................................................................................................................2 Table Service ......................................................................................................................................................................................................................................2 Queue Service .....................................................................................................................................................................................................................................2 SQL Azure .............................................................................................................................................................................................................................................3 REST API...............................................................................................................................................................................................................................................3 .NET API ................................................................................................................................................................................................................................................7 AMAZON SIMPLE STORAGE SERVICE ............................................................................................................................................................................................... 8 Simple Storage Service (S3).........................................................................................................................................................................................................8 SimpleDB ..............................................................................................................................................................................................................................................8 Relational encoding="utf-8" standalone="yes"?> 06232010 12521249962450735715_5c2dbee9-66d4-4e51-92ce-b8100055b635 2010-06-23T21:49:15.35328Z Test This is a message http://myaccount.blob.core.windows.net/guestbookpics/image_65fa49ae-1a73-4882-a15b1b46389b855d.jpg http://myaccount.blob.core.windows.net/guestbookpics/image_65fa49ae-1a73-4882-a15b1b46389b855d.jpg
5
Secure Use of Cloud Storage
July 2010
0
The above example is a respoinse for a query that matched a single entity of type GuestBookEntry. The yellow text identifies the PartitionKey and RowKey of the matching entity, while the green text shows the entity’s properties. These correspond to the primary key and columns in a traditional relational table. The encoding="utf-8" standalone="yes"?>