Platform as a Service (PaaS) in the cloud computing terminology. Different business models ... providers and operators, can get business benefits by using platform virtualization due to the possibility of increased resource utilization and ... analysis for this scenario and derive major security requirements from the different ...
Security Considerations for Virtual Platform Provisioning Mudassar Aslam, Christian Gehrmann Swedish Institute of Computer Science (SICS) Isafjordsgatan 22, SE-164 29 Kista, Sweden {mudassar.aslam, chrisg}@sics.se
Abstract—The concept of virtualization is not new but leveraging virtualization in different modes and at different layers has revolutionized its usage scenarios. Virtualization can be applied at application layer to create sandbox environment, operating system layer to virtualize shared system resources (e.g. memory, CPU), at platform level or in any other useful possible hybrid scheme. When virtualization is applied at platform level, the resulting virtualized platform can run multiple virtual machines as if they were physically separated real machines. Provisioning virtualized platforms in this way is often also referred to as Platform as a Service (PaaS) in the cloud computing terminology. Different business models, like datacenters or telecommunication providers and operators, can get business benefits by using platform virtualization due to the possibility of increased resource utilization and reduced upfront infrastructure setup expenditures. This opportunity comes together with new security issues. An organization that runs services in form of virtual machine images on an offered platform needs security guarantees. In short, it wants evidence that the platforms it utilizes are trustworthy and that sensitive information is protected. Even if this sounds natural and straight forward, few attempts have been made to analyze in details what these expectations means from a security technology perspective in a realistic deployment scenario. In this paper we present a telecommunication virtualized platform provisioning scenario with two major stakeholders, the operator who utilizes virtualized telecommunication platform resources and the service provider, who offers such resources to operators. We make threats analysis for this scenario and derive major security requirements from the different stakeholders’ perspectives. Through investigating a particular virtual machine provisioning use case, we take the first steps towards a better understanding of the major security obstacles with respect to platform service offerings. The last couple of years we have seen increased activities around security for clouds regarding different usage and business models. We contribute to this important area through a thorough security analysis of a concrete deployment scenario. ´Finally, we use the security requirements derived through the analysis to make a comparison with contemporary related research and to identify future research challenges in the area. Keywords – security; trust; virtualization; virtual private server; telecommunication networks
allows one to run legacy applications unmodified on new hardware platforms. This is realized through on-the-fly translation from one hardware instruction set to another with the assistance of a so called hypervisor or Virtual Machine Monitor (VMM). A hypervisor runs in the most privileged mode in a system and has full control over vital system resources. A hypervisor-based system not only allows instruction translation, but above all, increased system utilization as multiple Virtual Machines (VM) can run simultaneously on a single powerful hardware platform, opening for new business models and a new business landscape. This implies for example that existing services can rather easily be migrated into large computing clusters or what often is referred to as the cloud. The term cloud in general refers to offering a service of any category ranging from application to infrastructure. Commonly know broader categories are Software-as-a-Service (SaaS), Platform-as-aService (PaaS) and Infrastructure-as-a-Service (IaaS). There are many other possible cloud based services as well, like Application-as-a-Service, Database-as- a-Service, Storage-as-aService, etc. These all are usually referred to as Anything-as-aService or XaaS. This paper particularly focuses on platform virtualization which provides a way to offer PaaS or IaaS. The new flexibility offered by virtualization and cloud based models have a price: increased security risks. Systems previously physically isolated, might now run on the same machine and consequently opening up to new attacks between virtual machines running simultaneously on the same hardware. A recent survey shows that despite potential benefits, companies are reluctant to migrate their businesses from existing physical platforms to more flexible and cost effective virtual platforms “due to fear about security threats and loss of control of data and systems” [23]. This shows the importance of a revised security requirements analysis considering stakeholders’ concerns and most importantly propose ways to establish stakeholders trust in a business model which provisions virtual resources.
Past years we have seen a strong move in the market place towards usage of virtualization technologies1 . Virtualization
A telecommunication cloud presents such a use case in which the resource provider offers Infrastructure-as-a-Service using platform virtualization. Despite the scope of a telecommunication cloud as a future service model, few attempts have been made to do detailed security requirements analysis considering new dynamics of the proposed systems
1 The virtualization technology we discuss here is the approach when a complete software system (including OS) runs on top of a hypervisor. This
makes the illusion to the guest system of actually running directly upon the real hardware and it is often also referred to as system virtualization [16].
I.
INTRODUCTION
and required trust building mechanisms between stakeholders to make an acceptable business model. This paper focuses on these basic but important issues. We present a virtualized platform provisioning model thereby deriving a telecommunication cloud use case. Furthermore, we focus on security requirements by considering possible security threats in such a model. The aim of this paper is to identify security requirements which are important for establishing stakeholders’ trust in offering Infrastructure-as-a-Service to telecommunication operators. The main contributions of this paper are the following:
We have presented a telecommunication cloud use case where virtualized telecommunication nodes are offered to different operators.
We have identified, analyzed and consolidated security requirements of the stakeholders which forms the basis when creating a secure architecture for a telecommunication cloud.
Finally, we have recommended a set of security mechanisms needed to create trusted telecommunication clouds.
operators for the exact type and number of resources they need. This capability is inherited from the cloud computing model. Furthermore, provider can enforce strong licensing techniques restricting operators to use only provisioned resources. An overview diagram of the stated scenario is shown in Fig.1.
This paper is organized as follows. In Section II we describe the telecommunication cloud scenario. In Section III we present security threats and derive major security requirements. It also identifies recommended security mechanisms for a trusted telecommunication cloud. Section IV presents related work and we conclude in Section V. II.
SCENARIO – A TELECOMMUNICATION CLOUD USE CASE
In the preceding decade, focus of virtual resource provisioning had been on virtualizing data centers [1], [6] but with the rapid expansion of telecommunication networks, user base and services offered by the operators, there are strong reasons for operators and their resource providers to adopt more flexible business models to meet the changing and increasing demands of end-customers yet remaining within a manageable budget. A telecommunication cloud offers such a model. While defining a telecommunication cloud business model, we consider conventional business model which has two major stakeholders - the Provider who provides telecommunication platforms (physical resources), and the Operator who operates the telecommunication network utilizing the platforms offered by the provider hence offering services to its end-customers. A problem with physical platform provisioning is that the operators might have to pay for the capabilities and resources which are not intended or required. On the other hand, a telecom operator might get short of resources to meet the increasing demands of their end-users. However, using the recent advancements in virtualization technologies, the platform providers could provision virtual platforms as opposed to physical platforms to address these issues. We consider a scenario in which a provider offers virtual platforms thereby encouraging operators to use telecommunication services according to their requirements. The resulting array of virtual platforms makes a Telecommunication Cloud which allows providers to charge
Figure 1. Our Proposed Telecommunication Cloud Scenario
In the envisaged telecommunication cloud use case, the provider is required to offer complete platforms as a service which can then be used by different operators to launch their virtual machines. Considering the operators’ requirement of having full control over the provisioned platforms, a telecommunication cloud should offer Infrastructure-as-aService (IaaS) as opposed to offering Platform-as-a-Service (PaaS) where the consumer does not get complete freedom [25]. This means that the operator will be responsible to configure and maintain the provisioned (virtual) platform. The launching of virtual machine image and subsequently its management will be done by the operator using Operator Management Clients (OMCs) through a gateway entity. The gateway entity protects the provider internal network from unauthorized external accesses. Similarly, the provider manages the virtualized telecommunication platforms through a Provider Management Client (PMC). There are other possible business models, for example, a model with an intermediate entity which takes the responsibility of managing the telecommunication cloud. In such scenario, the provider outsources its virtual resources to the Cloud Management Entity (CME), which then provisions the available resources to the operators. The resulting infrastructure would allow a CME to offer virtual resources from different providers. This paper however focuses on two-role model involving only a provider and operator.
III.
THREAT AND SECURITY REQUIREMENTS
One of the most important hurdles for adopting a dynamic virtual telecommunication resource model is the security. The cloud provider and the operator both fear about new threats which arise due to simultaneously running virtual machines of different operators on same physical platforms. A successfully executed attack on the target platform could cause leak of confidential operator data which could lead to distrust in the offered services. Moreover, an attacker could use provider resources illegally if he or she could take control over the target platform. We have analyzed the scenario and identified major threats that are summarized in Table I. These threats have in turn been used to identify stakeholders’ security requirements, which we list in the subsequent sections together with some recommendations on security solutions meeting the requirements. TABLE I. Attacker
TELECOMMUNICATION CLOUD THREATS Threat
Target
T1
O, A
Malicious code installation
VMM, VMMGT, VMOPR
T2
P
Unintentional installation of hostile S/W
VMM,VMMGT
T3
A, O
Impersonate provider
Gateway, VM MGT
T4
A, O
Impersonate a legitimate operator
Gateway, VM MGT
T5
P
Access run-time or configuration data
VMOPR
T6
A
Denial of Service attack
Provider Network
T7
O
Repudiate VM launch
VM MGT
T8
O
Interfere other operators’ VM
VM OPR
T9
O
Get confidential data from other operators’ VM
VMOPR
O : Legitimate Operator | P : Legitimate Provider | A : Outside attacker | VMMGT : Management VM
A. Provider Network Authentication Authentication is the binding of an identity to a principal. It is a standard security service which must be performed for any secure distributed system. Commonly used authentication mechanisms include passwords, challenge-response, certificates etc. [24]. With respect to connecting Operator Management Clients (OMCs), there is a need for authentication on two different levels, mutual authentication towards the provider network at the gateway and authentication on management VM level. The latter also applies to connecting Provider Management Clients (PMCs) to reduce threat T3. Mutual authentication between OMCs and the gateway are needed to mitigate threats T3, T4 and T6. A state-of-the-art solution would be to use existing secure session establishment protocols wherever applicable, for example, using Internet Key Exchange (IKE) protocol [9] for mutual authentication and key exchange in combination with IPsec [10] for establishing virtual private network (VPN). Authentication by the management VM of connecting OMCs and PMCs could typically be done as part of the management protocol that applies (REST, Web Service, SMTP etc.) and would for example be certificate based (see also Section C below).
B. Platform Integrity and Authentication In order to mitigate threats T1 and T2, there is a need to have close control of the software that is executed on the virtual platforms. When the operator wants to launch its virtual machine on the provider provisioned virtual platform, he or she should check the configuration and integrity status of the target platform prior to launching the service. This implies that every piece of code, right from the beginning of the boot process, is securely reported in some protected storage such that the status later can be verified by connecting OMCs. Most relevant methods to consider include the Trusted Computing Group trusted boot and remote attestation principles [17], [18]. With regard to platform authentication in a cloud scenario, the operator is actually not interested in identity of the target platform rather its integrity which is reported in remote attestation. Thus a virtual platform is authenticated if its verified configurations are trusted according to the policies that the operator applies. C. Authentication, Attestation and VM Launch Protocol There are two important steps before the launch of a VM. First, the operator require network authentication (section A) and then remote attestation (section B). From operator’s perspective, it is important that the VM launch should performed in the same session as these two steps ensure that the operator VM is launched on a platform which is previously attested. Similarly, the provider would be interested in protection against replay of VM launch command and protection against later repudiation by the operator which is listed as threat T7 in TABLE I. In order to meet these requirements, the designed protocol should cryptographically bind the authentication, attestation and VM launch sessions. Therefore, there should be a comprehensively analyzed security protocol for authentication, attestation and VM launch with focus on replay protection, session binding, nonrepudiation of VM launch by the operator and other protocol security requirements. D. VM Isolation VM isolation is an important security requirement for virtual resource provisioning scenarios. In the virtualized telecommunication cloud environment, the VMs of different operators run on the same physical machine thus opening room for interfering other operators’ VMs. In order to mitigate this threat (T8, T9) it is important to ensure that operator VMs must be isolated. This isolation is provided by the hypervisor layer [2], [12], [20]. Hence, the security of the whole system depends upon the correctness of hypervisor. Hypervisors are claimed to provide isolation which is as strong as physical isolation if not better. However, to ensure this proposition, the size of hypervisor itself and the code/libraries it is built upon must be kept as small as possible to minimize hierarchical trust dependencies as recommended in [3]. Furthermore, the hypervisor implementation must meet higher evaluation assurance level (EAL) to get common criteria certification [22]. This is an important requirement in order to establish operators’ trust in the behavior of the provisioned platform. The operator would only be required to verify that the provider platform runs the certified hypervisor.
E. Confidentiality Once the operator sends VM launch command to the trusted platform, the operator VM would be launched and VM handle is returned to the operator for VM management. Preferably, considering threat T5, the operator would like to cryptographically bind the VM including all its configurations like secure credentials to a trusted resource platform configuration. This can potential be partly be solved through usage of the sealing techniques as defined by the Trusted Computing Group [17] and specified in [19]. The actual data protection and isolation must be provided by the hypervisor though and sealing techniques will only help as long as there is a hypervisor layer that the operator can trust with respect to protecting and isolating VM security critical data (see Section D). F. Secure VM Migration VM migration is a process in which a running operator VM is migrated from one physical platform to another. The VM migration moves the active memory and execution state of the VM along with VM security credentials (e.g. keys). The provider must be able to support undetectable migration of operators’ VMs to allow uninterrupted access of the provisioned resources. VM migration is a resource administration tool which deals with situations like optimization of workload with in provider resource pools, performing platform hardware maintenance without scheduling downtimes and disrupting provisioned services. Where VM migration is a provider’s indispensable administrative requirement, the operator’s security concern is the threat T5. There must be a mechanism for secure migration of operator’s security credentials e.g. keys. VM migration is an active research topic which should also consider the protection of security credentials in transit. The TPM based migratable keys [19] could be considered in designing a secure VM migration solution. G. Summary Trust establishment between cloud stakeholders is one of the major challenges which can be met by fulfilling a set of security requirements presented in the preceding sections. Security mechanisms like secure boot, remote attestation, cryptographic bounding of operator VM to the provider platform and secure hypervisor are the main drivers for trust establishment. TABLE II. presents a summary of the threats identified in TABLE I, corresponding security requirements and recommended mechanisms which could be applied to mitigate those threats for designing a secure virtual resource provisioning architecture.
TABLE II. SUMMARY OF THREATS, REQUIREMENTS AND RECOMMENDED MECHANISMS FOR A SECURE VIRTUAL RESOURCE PROVISIONING ARCHITECTURE Threat
Security Requirement
Security Mechanism(s)
T1
Platform Integrity
Secure boot, Remote attestation
T2
Platform Integrity
Secure boot, Remote attestation
T3
Provider Authentication
Mutual Authentication (IPSec)
T4
Operator Authentication
Mutual Authentication (IPSec)
T5
Confidentiality
VM Sealing, Strong Isolation
T5
Secure VM Migration
Ongoing research, TPM based migratable keys
T6
Secure Provider Network
Firewall, Gateway
T7
Non-repudiation
Sign VM launch
T8
VM Isolation
Secure and certified hypervisor
T9
VM Isolation
Secure and certified hypervisor
IV.
RELATED WORK
In the past decade, considerable amount of work has been done in the domain of virtual resource provisioning with specific focus on the security of a virtualized data center [1], [6]. The building blocks of a data center are somehow similar to our perceived telecommunication cloud scenario, for example, both use hypervisors to compartmentalize strongly isolated Virtual Machines and both scenarios necessitate trust establishment in the provisioned platforms. However, there are few differences in terms of type of stakeholders and their security requirements. One such difference is the relationship between the resource user and resource provider. The nature of the telecommunication cloud probably defines a stronger, long and a static relationship between the user and the provider as opposed to the data center scenario with weak, short and dynamic relationships between its stakeholders. Due to such differences and consequently different security requirements, we could not find any substantial work in the data center domain which could be mapped to address the security requirements for a telecommunication cloud scenario. Even in the domain of data centers, we could not find any work which could specifically analyze all security requirements of the stakeholders which could be used as a basis for proposing future secure solutions. However, existing body of literature focuses on some security requirements for virtual data centers. For example, Trusted Virtual Datacenter (TVDc) [1], [6] focuses on solving security management challenges, which are compounded due to the complexity of a virtual data center. Similarly, the Terra [4] is a Trusted Virtual Machine Monitor (TVMM) which specifically focuses on VM isolation and gives the appearance of multiple boxes on a single hardware platform and run applications of varying assurance levels in the appropriate box. The Terra also supports certificate-based attestation to ensure platform integrity. Some other papers particularly address mechanisms for platform integrity [8], [15], [13], [7]. In [8] and [15] the authors
propose remote attestation which leverages TPM based cryptographic attestations by sending Integrity Measurement Log (IML) in combination with TPM_Quote which is securely computed by the TPM [19]. The verifier compares the quoted response with self computed hash value from the IML to check and decide about the integrity of the target platform. The OpenTC [17] focuses on trust establishment in virtual platforms by introducing property-based attestations instead of cryptographic attestations to make it a scalable solution for data centers. The authors in [7] also propose a similar remote attestation technique to fulfill platform integrity requirement. The architecture presented in [11] presents ways to protect the confidentiality of the user VM by leveraging sealing mechanism supported by TPM [19]. The authors in [5] propose a trusted channel which focuses on the integrity of the target platform in establishing a secure session. The trusted channels also features trusted computing mechanisms for establishing trust between end entities.
[5]
[6]
[7]
[8]
[9] [10] [11]
V.
CONCLUSION
In this paper we have presented a scenario in which virtualized telecommunication resources making up the telecommunication cloud, are provisioned to different telecommunication operators. We have performed a detailed security analysis of the addressed scenario taking both stakeholders’ concerns into account. We started with identifying major security threats followed by a detailed security requirements analysis with the focus on trust establishment between stakeholders. Our results present a summary of probable security threats, stakeholders’ security requirements and our recommended mechanisms to create trusted telecommunication clouds. Finally, we presented existing related work which on comparison with our security analysis, shows that this paper consolidates possible security requirements from all existing body of literature. Furthermore, there are many other security requirements identified in this paper which are not addressed so far. Hence, this paper identifies open research areas in the area of virtual platform provisioning, and therefore may serve the basis for identification of further research in this area.
[12] [13]
[14] [15]
[16] [17] [18] [19]
[20]
REFERENCES [1]
[2]
[3]
[4]
Berger, S., C´aceres, R., Pendarakis, D., Sailer, R., Valdez, E., Perez, R., Schildhauer, W., Srinivasan, D.: TVDc: Managing Security in the Trusted Virtual Datacenter. SIGOPS Oper. Syst. Rev. 42(1), 40–47 (2008) Chisnall, D.: The Definitive Guide to the Xen Hypervisor (Prentice Hall Open Source Software Development Series). Prentice Hall PTR, Upper Saddle River, NJ, USA (2007) van Doorn, L.: Trusted Computing Challenges. In: STC ’07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing. pp. 1–1. ACM, New York, NY, USA (2007) Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., Boneh, D.: Terra: a Virtual Machine-based Platform for Trusted Computing. pp. 193–206. ACM Press (2003)
[21]
[22] [23]
[24] [25]
Gasmi, Y., Sadeghi, A.R., Stewin, P., Unger, M., Asokan, N.: Beyond Secure Channels. In: STC ’07: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing. pp. 30–40. ACM, New York, NY, USA (2007) Griffin, J.L., Jaeger, T., Perez, R., Sailer, R., Doorn, L.V., Cceres, R.: Trusted Virtual Domains: Toward Secure Distributed Services. In: In Proc. of the First Workshop on Hot Topics in System Dependability (Hotdep05. IEEE Press (2005) Haldar, V., Chandra, D., Franz, M.: Semantic Remote Attestation -A Virtual Machine directed approach to Trusted Computing. In: USENIX Virtual Machine Research and Technology Symposium. pp. 29–41 (2004) Huang, X., Peng, Y.: An Effective Approach for Remote Attestation in Trusted Computing. In: WISA 2009 : Proceedings of the 2nd International Symposium on Web Information Systems and Applications. pp. 80–83. Academy Publisher, FIN-90571, OULU, FINLAND (2009) Internet Key Exchange (IKEv2) Protocol. Tech. Rep. RFC 4306, Internet Engineering Task Force (December 2005) Security Architecture for the Internet Protocol. Tech. Rep. RFC 4301, Internet Engineering Task Force (December 2005) Jansen, B., Ramasamy, H.V., Schunter, M.: Flexible Integrity Protection and Verification Architecture for Virtual Machine Monitors. In: The Second Workshop on Advances in Trusted Computing (WATC 06 Fall (2006) Kernel Based Virtual Machine. http://www.linuxkvm.org/page/Main_Page Landfermann, R., Kuhlmann, D., Kuhlmann, D., L, R., Ramasamy, H.V., Ramasamy, H.V., Schunter, M., Schunter, M., Ramunno, G., Ramunno, G., Vernizzi, D., Vernizzi, D.: D.: An Open Trusted Computing Architecture Secure Virtual Machines Enabling User-defined Policy Enforcement. www.opentc.net (2006) Ormandy, T.: An empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments. In: CanSecWest (2007) Sailer, R., Zhang, X., Jaeger, T., Doorn, L.V., Sailer, R., Zhang, X., Jaeger, T., Doorn, L.V.: Integrity Measurement Architecture. In: The Proceedings of the 13th USENIX Security Symposium (Sec 04). pp. 223–238 (August 2004) Smith, J.E., Nair, R.: Virtual machines: versatile platforms for systems and processes. Morgan Kaufmann Publishers (2005) Trusted Computing Group. http://www.trustedcomputinggroup.org/ TCG Specification Architecture Overview. http://www.trustedcomputinggroup. org/resources (August 2007) TPM Main Specification. http://www. trustedcomputinggroup.org/resources/tpm_main_specification (July 2007) VMware Inc., Virtualization Solutions. http://www.vmware.com/ virtualization/ Santos, N., Gummadi, K. P., and Rodrigues, R. 2009. Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (San Diego, California). USENIX Association, Berkeley, CA, 3-3. The Common Criteria. http://www.commoncriteriaportal.org/ Survey: Cloud Computing 'No Hype', But Fear of Security and Control Slowing Adoption. http://www.circleid.com/posts/20090226_cloud_computing_hype_securi ty/ Bishop, M. 2004 Introduction to Computer Security. Addison-Wesley Professional Cloud Computing Deep Dive, Sepcial Report, September 2009 http://www.InfoWorld.com
