Study of Security Mechanisms Implemented in Cloud Computing * ** * ** Abobaker Elhouni , ElBahlul EIFgee , Mohamed A Isak and Khaled Ben Ammer ** *
Yafren High Instute of Vocational Studies, Yafren-Libya
Electrical and Computer Engineering Department, Libyan Academy, Tripoli-Libya Email
[email protected]
Abstract
-
The purpose of this paper is to provide an overall
security perspective of
Cloud computing with the aim to
highlight the problem from the cloud stakeholders' perspective, and the cloud service delivery models perspective. The paper aims also to introduce the mechanisms used to secure cloud computing applications as well as to compare some providers of cloud computing field with each other in general and security aspects. A descriptive method and comparative way is conducted to identify studies focusing on information security threats and solutions in the cloud computing. Based on the sections of this paper, security threats and the most effective security mechanisms used in the cloud are identified. Cloud computing often faces similar threats as traditional computing or less. The paper also ensured that the providers are able to devote resources to solve those security threats that many clients cannot do. It explains how an emphasis on collaboration between clients and provider is essential for successful method to secure cloud computing. Index Terms- Cloud computing, Cloud computing security, security threats.
1.
DEFINITION OF CLOUD COMPUTING
The definition of cloud computing has been subject of debate in the scientific community. Similar to the commercial press, there are different opinions about what Cloud Computing is and which features distinguish a cloud. The European Network and Information Security Agency (ENISA) defined cloud computing as: "On-demand service model for IT provision often based on virtualization and distributed computing technologies " [1]. Simply, client requests from the service provider server instance and enters most settings and choose the operating system. Then clients determine the size and other settings needed that allows them accessing the cloud and using the applications they requested. After a period of time if they needed more space, they enter the accounts in the cloud and increase swab time in seconds to get over a larger space area. Therefore clients could benefit from using cloud computing by paying per their use, on line support, storage management and etc as shown in Figure (1) . Therefore different users can access and run the same application and the same time without wondering about licence and technical support which offered by the cloud management.
Figure (1) Cloud Computing Benefits Cloud Computing has the following service models:• Software as a Service (SaaS) - Capability for clients to use the provider's applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser, or a program interface. • Platform as a Service (PaaS) - Capability for clients to deploy their applications (created or acquired) onto the cloud infrastructure, using programming languages, libraries, services, and tools supported by the provider. • Infrastructure as a Service (IaaS) - Capability for clients to utilize the provider's processing, storage, networks, and other fundamental computing resources to deploy and run operating systems, applications and other software on a cloud infrastructure. 5aas The c1ienl may have limiled conlrol of user·specWIC application configuration settings.
�---"Paa5 The c1ienl has control over Ihe deployed applications and possibly configuration settings for Ihe application·hosting environment ___-----... laa5 The c1ienl has control over operating syslems, slorage, deployed ap�icalions, and possibly limiled control of select networking componenls (e.g., host firewalls). Level of controUresponsibifity for c lient and
across different service models
C5P
Figure (2) Cloud Computing Service Models
978-1-4799-3351-8/14/$31.00 ©2014 IEEE
[t is clear that all definitions clarifies that cloud computing the delivery of computing as a service, whereby shared resources, software, and information are provided to computers and other devices as a metered service over the Internet [2].
idea of computing as a utility computing and grid computing developed. The Pre-cloud Phase: this started around 1999 and lasted till 2006. In this phase internet as the mechanism to provide Application as Service got developed. The Cloud Phase: this phase started in 2007 when the term cloud computing became popular and the sub classification of [aaS, PaaS & SaaS got formalized.
IS
2.
EVOLUTION OF CLOUD COMPUTING
3.
J.C.R. Licklider is considered by many to be the person who brought the idea of cloud computing to the forefront in [960s [3]. [t may be noted in this context that the term "cloud" dates back to the 90s clearly. An analyses performed by Appnor in 2010 [4] on Cloud Computing phenomenon shows that usage of the three most cloud computing models (Infrastructure as a Service, Platform-as-a service and Software as a Service) has increased in the latest years and will become more popular so that the income of cloud computing services increased and also expectations of the future clarifies that well (Figure 3). Cloud Computing Services Revenue, 2008-201 5 50 45 40 35 30
�
�
� ID
20
..,
1:> 10
I
:> 0
2008
2.
I I
2009
2010
20 11
I
2012
2013
20 1 4
2015
y"",
3.
To understand the security risks in cloud computing, the Cloud Security Alliance (CSA) has done a great job in the furthering awareness and creating a homogeneous understanding of the major security concerns in cloud computing. [t is best known for its security guidance for critical areas of focus in cloud computing, with its version 3.0 that is issued in Nov. 2011 [7]. Those issues are: security, reliability, privacy, legal issues, open standards, compliance, freedom, long term viability. The European Network and Information Security Agency (ENISA) report [8] on Cloud Security identified a number of places where risk elements were identified. The report acknowledged eight high risk items in the varied areas of policies & organizational risks, technical risks, legal risks, and cloud unspecific risks. Those challenges are as follows: Loss of governance, lock in, isolation failure, malicious insider, Insecure or incomplete data deletion, Data interception and management interface compromise. Security techniques and solutions will be analyzed in the following sections in deep.
Figure 3. Income from cloud computing services 2008-2015
4.
For 2008-2013 (Figure 4), Gartner [5] anticipates a major evolution of the cloud computing market. SaaS has won a large share of the cloud computing market (89%), but PaaS and IaaS have a bigger potential for growth. 28
20
6l
16
::>
B
in
-SaaS -laaS
12
PaaS 8
4 L_----� 0"1-2008
�
r-
2009
2010
2011
20 12
2013
Year
Figure 4 Evolution of market share for SaaS, laaS and PaaS
Generally, the evolution can be split into three phases [6]: I. The Idea Phase: this started in the 1960s and stretched to the pre-internet bubble era. The core
GENERAL TECHNIQUES USED TO DEAL WITH THREATS
Though cloud computing faces many issues mentioned in the previous sections. This paper tries to assure some of the mechanisms that can be used to deal with those threats, like how they can be organized first, then mentions some of guidelines that the client must be well known to secure public and also private cloud computing applications. A.
24
SECURITY ISSUES OF CLOUD COMPUTING
STRIDE model
A STRIDE model helps in analyzing a security problem, design mitigation strategies, evaluate solutions, and the techniques that will be used to deal with the typical threats. The following steps are [9]: 1. Identify attackers, assets, threats and other components, that systems must be protected from. 2. Rank the threats to prioritize and address the most significant threats first. These threats present the biggest risk. The rating process weighs the probability of the threat against damage that could result an attack occur. [t might tum out that certain threats do not warrant any action when compared to the risk posed by the threat with the resulting mitigation costs. 3. Choose mitigation strategies. 4. Build solutions based on the strategies.
Frank Swiderski and Window Snyder analysed how to organize the threats using STRIDE which is abbreviated from the following operations [10]. Spoofmg identity - Tampering with data - Repudiation Information disclosure - Denial of service - Elevation of privilege A threat model helps in designing appropriate defences against particular attackers, solutions and security counter measures depend on the particular threat model the client or the provider wants to address. B.
Guidelines to secure cloud computing
Since the issues which face cloud computing are not a few, it is necessary to be aware of those risks. Next few tips that the new client of cloud computing should take them into account to secure its private or public cloud before delving into the world of cloud computing. I. Strategically creating company cloud security: the client plans a road map of which security requirements need to be in place, based on the environment that will be implemented. 2. Selecting the company cloud provider wisely: it must be assure whether the provider has experience in both IT and security services. 3. Preventing corporate data in the cloud: Data at rest case must be stored securely and data in motion case must move securely from source to destination without interruption. 4. Formulating an identity management system: Every provider environment will likely have some sort of identity management system that controls user access to corporate data and computing resources [11]. 5. Establish cloud performance metrics and testing regularly: When choosing a cloud service provider, the client must check that the provider presents a solid service-level agreement that includes metrics like availability, outage notification, service back up and so on. 6. Learning from those who have gone before: The new client must learn from the previous customers' mistakes and adopt their solutions. Finally, client must trust provider because even if the client is not using the cloud, you already rely on and trust network service, hardware, software, service providers, data sources, etc. so, the cloud provider will be just one more entity on that list. 5.
IMPLEMENTED MECHANISMS
All of the solutions those are most likely interest consumers and security professionals will be explained in the following sections. Vendor Security Certification
Certification of trustees or identity trust or authentication trust [12] is another case where trust is needed in cloud computing. This is a scenario which requires the client to believe that the service provider is as it claims to be. It is
based on certification by third party of the trustworthiness of the trustee. There are different systems that derive trust based on identity such as PGP and X.509 [12]. External Audits
Many customers felt they were given insufficient information or guarantees by some cloud providers on how their information was handled internally. They found it is difficult to get answers to some basic questions such as: What security controls are in place to protect our data? Where the data is physically located (primarily concerned about country)? Who has access to the data? What is the nationality of people who have access to our data? For any deployment involving legally protected data respondents only considered providers that could give the clients clear answers to key audit questions. Further, they required that answers to these questions be explicit incorporated into Service Level Agreements. IdentifY Management
This type of security means that any service for applications or hardware components may be accessed only by authorized users or groups of users. It is about managing information concerning the identity of the users accessing the resources, applications, information and services and also strict control over the access rights. Access Control
Access control addresses to ensure that only those who are authorized to access the data can do so. Sensitive data must also be protected in storage and transfer, and encrypting the data can help to do this. To allow only valid users to access the outsourced data can be used a modified Diffie-Hellman key exchange protocol between cloud service provider and the user for secretly sharing a symmetric key for secure data access that alleviates the problem of key distribution and management at cloud service provider. Data Encryption
To guarantee the privacy of information hosted on servers in cloud, the information could be encrypted which can only be decrypted at the client level with a key. There are numerous data encrypting applications and techniques i. e. TrueCrypt, BoxCryptor, 7-Zip. In reality, even the leading service providers don't deliver by default high level of security so that the client must be aware of that and set the appropriate settings. For instance, Google services can be used using both http and https. Though by default the service runs using https, Secure Sockets Layer (SSL), is encrypted, however sometimes drops back to http which is unencrypted. This will allow attackers to monitor the network traffic and capture the credentials of a specific user and attack the cloud. Firewall
Firewall protects the internal network against the Internet; it is used to decrease the attack surface of virtualized servers in cloud computing environments.
Firewalls could be implemented as a virtual machine image running in its own processing compartment or at the hardware level at each gateway in "out of band" firewall management channels. The client can request from the cloud provider for firewall rules to be opened or closed after viewing them through provider's portal, meaning anything the client needs to block can be blocked.
mechanisms that Amazon, GoogleApps and WindowsAzure offer to secure their services. The table 1 presents comparative of number of service providers for cloud computing such as Amazon's web services, Google's Application Engine and Window's Azure, the comparison is based on the different parameters like maximum limit and platforms supported.
Intrusion detection and prevention systems
Monitoring of network activity and recording of unusual situations in most cases intrusion detection technologies must be implemented, also the cloud provider may allow the monitoring of activities inside its environment, an independent monitoring is also recommended. Most cloud computing providers implement infrastructure security through HIPS (host-based intrusion protection system) and NIPS (network-based intrusion protection system); these systems include elements like: monitoring systems' log files (there are software products those search these files for traces of possible attacks). Antivirus
Antivirus software protects individual computers against known viruses, antivirus scanning can be done on the cloud to reduce the risk of malicious activities. It is an expensive operation and doing it once ahead of time for benefit of many clouds. Using the power of cloud more anti-virus engines can be employed and used more efficiently. The cloud computing approach could also make antivirus software more effective in stopping malware and other attacks. Panda is the famous software company releases the cloud computing based antivirus. It is still in pre-Dominic stage and need a lot of work but it is still the first of its kind and would be great to see a fully developed version of it soon [13].
Table 1 Comparison between cloud providers Amazon AWS
Providers
Google App
Windows Azure
Engine Cloud
Paas , laas
service
Red Hat/ Linux
I-Java
Windows Server
Runtime
Oracle Enterprise
Platforms
Linux, Fedora
supported
Paas , Saas
Microsoft SQL
Environment 2-Python Runtime Environment
I Any
Languages Supported
I Amazon S3 - up to 5GB
I Amazon EC2 -
Maximum
ranging from 1GB
storage
to ITB
limits
� (20 TB/account limit while in beta)
I Java � Python
� Automatic scaling with App Engine
I No matter number of users-data store.
Paas , laas
Operating systems:Windows 7 Windows 2008 Windows Vista � VB.NET
I C# � PHP 64MB limit on individual blobs and also allows splitting a blob into blocks of 4MB each.
Backup and Recovery
All companies face major problems caused by the loss of data whether it is by accident or deliberate vandalism, so that backups ensure that the client's business can continue with minimal interruption, even if computer data has been lost. It is essential to have a robust back-up routine, including provision for off-site storage of client's data, as part of his IT security policy. Client should have regular checks in place to ensure that this is being carried out as prescribed, and that his recovery plan is viable and fully tested. The cloud should provide the facility to recover the data and the infrastructure if the cloud has undergone some unintended attacks which can render the system complete destruction; so the provider should offer facility to completely recover the data even after the destruction of the data. Since any offering that does not replicate the data and application infrastructure across multiple sites is vulnerable to a total failure. [14]
6.
COMPARISON OF THE PROVIDERS ASIDE OF DATA SECURITY
Each of the Cloud providers has its own set of security mechanisms generally. Here the author describes the
Training Kit
I Amazon Elastic Compute Cloud (EC2) � AWS GovCloud
Cloud services and tools
(US) �Amazon Relational
I Database Service (ROS)
� Google Search � Gmail
I Chrome browser
I Google Maps
Development Kit Microsoft Visual Studio 2008 Service Pack I AppFabric SDK V1.0 �Developer Training Kit
Amazon provider:
The Mechanisms that Amazon implements to secure its' apps [15]: l. It has certifications such as: ISO 27001, PCI-DSS Levell, etc. 2. It takes care of physical network security. 3. It provides Encryption mechanisms: SSL Endpoints, Encrypted FS. 4. It provides instance isolations for EC2.
5.
[t provides also tool called [AM which stands for identity access management, it allows the client to manage users, groups, control access to API, control access to specific resources, and the cost of lAM is zero.
5. 6. 7.
GoogleApps provider:
The initial release of App Engine focused on providing a platform for creating consumer web applications. To secure its services it has the following policies: [. Security Levels: Google App Engine secures all security levels of the service like Server access security, Internet access security, Database access security, Data privacy security, Program access Security. 2. Google App Engine supports SSL (HTTPS): Google App Engine allows client to serve SSL (HTTPS) traffic through client's appspot.com domain. 3. Received certifications: Google App Engine successfully completed the audit process for the SAS70 Type II, SSAE 16 Type II, and ISAE 3402 Type II standards. 4. DoS Protection Service: App Engine provides this Service that enables the user to blacklist IP addresses or subnets. 5. Control interface: To deploy a system on the App Engine cloud, developers use a custom upload tool provided by Google along with a Web-based control interface. 6. Third Party security Apps: Figure 3 shows some security Apps used to secure data of the clients.
�
@
••
S,
Slli!nning a!H.ku[!:
Clo�2..�d(
b
bockupify
�.Q�f.'
rE]
gPanel S;ecu!::!:nI:
�
Figure 5Third parties security apps cloud
Microsoft Windows Azure:
Microsoft Windows Azure is a cloud services operating system that serves as the development, service hosting and service management environment for the Windows Azure platform. Windows Azure provides developers with on-demand compute and storage to host, scale, and manages web applications on the Internet through Microsoft data centres. [t uses the following mechanisms to secure the services that it provides: I. Cryptographic Protection of Messages. 2. Physical Security. 3. Filtering Routers and Firewalls. 4. Software Security Patch Management.
8.
9.
7.
Centralized monitoring, correlation, and analysis systems. Network Segmentation and Service Administration Access. Limited number of Microsoft personnel may access customer information to respond to support requests and as part of incident response. Windows Azure compute provides optional sandboxing technology and mandatory sandboxing features that attempts to limit the harm to the infrastructure and all other customers from such bugs. [t provides virtual machines to customers, giving them access to most of the same security options available in Windows Server. Updates to the software and configuration are controlled by SSL client certificates and protected by 128 bit encryption [ [6] [17].
COMPARISON OF SOME CLOUD PROVIDERS ASIDE OF DATA BACKUP
Cloud computing providers should have an established plan of data back-up in the event of disaster situations. This may be accomplished by data replication across different locations and the plan must be addressed in the service level agreement. Every company has its policy of executing backups, so that the following points will stress how data backup is implemented in some of the most cloud computing providers. Data Backup in Amazon:
Amazon Relational Database Service automatically patches the database software and backs up the database, storing the backups for a user-defined retention period. Amazon AWS may delete, without liability of any kind, any of the Amazon SQS content that sits in a queue or any queue that remains inactive for more than the number of days specified in the user documentation. Amazon S3 versioning provides an additional layer of protection for your S3 objects. He can easily recover from unintended user errors or application failures. He can also use Versioning for data retention and archiving. Once he has enabled Versioning for a particular S3 bucket, any operation that would have overwritten an S3 object (PUT, POST, COPY, and DELETE) retains the old version of the object. Data Backup in GoogleApps:
The user is solely responsible for securing and backing up the application and any content. Google has no responsibility or liability for the deletion or failure to store any Content and other communications maintained or transmitted through use of the Service. Data Backup in Microsoft Windows Azure:
The user is solely responsible for securing and backing up the data.
8.
CONCLUSION
In this paper, the authors have taken an in-depth look at key security considerations, challenges which are currently faced in the cloud computing industry and he highlighted the current state of cloud computing. To advance security of cloud computing the authors explained some of the effective mechanisms that can be implemented to ensure security like the data encryption, identify management, vendor security certification, external audits and others. Finally the authors have taken a closer look at several cloud computing service offerings, such as Amazon, Google Services and Microsoft Platform. REFERENCES [I]
ENISA. "Benefits, Risks and Recommendations for Information Security". ENISA Quarterly Review.
[2]
AUDUN, J. , SANG, et al. (2007). "A survey of trust and reputation systems for online service provision". Decis. Support Syst., pp.61S-644.
[3]
Malis, A. (1993). "Routing over Large Clouds (ROLC) Charter", part of the 32nd IETF meeting minutes. http://www.ietf. org/proceedings/32/charters/rolc-charter.html. Accessed on 17 may, 2012
[4]
Wikipedia. "John McCarthy (computer scientist)". http://en.wikipedia.org/wiki/ John_McCarthL (computer_scientist). Accessed on 17 May, 2012.
[5]
Gartner. "SaaS Revenue Expected to Increase IS Percent". http://www.gartner.com/technology/ about/policies/correction_ 2009.jsp, 10 Nov, 2009. Accessed on 14 May, 2012.
[6]
SYSCON. "Cloud computing evolution". http://cloudcomputing.syscon. com/nodeI1744132. Accessed on 27 May,2012
[7]
Cloud security Alliance (Nov 2011). "Security guidance for critical areas of focus in cloud computing V3. 0. " Released date Nov 14.2011. http://www.cloudsecurityalliance. orglguidance/csaguide.v3.0. pdf Accessed on 2 October.2012.
[S]
ENISA (2009). "Cloud Computing Risk Assessment". http://www. enisa. europa.eu/activities/risk management/files/deliverables/cloud-computing-risk-assessment. Accessed on12 June.2012.
[9]
MSDN. 'Threat modeling". http://msdn.microsoft.comlen us/library/ff64S644.aspx. Accessed on 13 September, 2012.
[10] Frank Swiderski and Window Snyder , "Threat Modeling ", Microsoft Press, 2004. [II] AUDUN, 1, SANG, et al. (2007). "A survey of trust and reputation systems for online service provision". Decis. Support Syst., pp.6IS-644. [12] Boeyen, S. , Ellison, G. , et al. (2003). "Liberty Trust Models Guidelines". Liberty Alliance Project. [13] Hackiteasy. "Panda releases cloud computing antivirus for free". http://hackiteasy. blogspot. com/2009/04/panda-releases-cloud computing.html. Accessed on 10 August, 2012
[14] Gartner (200S). "Gartner Says Cloud Computing will be as Intluential As E-business". Gartner press release, 26 June 200S. http://www.gartner.com/it/page.jsp?id=70750S. Accessed on 3 May, 2012. [15] Janakiram, MSV. "Architecting for the Cloud: Demo and Best Practices". 2011 AWS Cloud Tour India.November 2011. http://www.youtube. com/watch?v=fUuOErosVFS. Accessed on 6 July 2012. [16] Microsoft. "Windows Azure Security Overview vl.01, Security Best Practices For Developing Windows Azure Applications". http://download. microsoft. comldownload/ 7/3/E/73E4EE93559F-4DOF-A6FC 7FEC5FI542D1ISecurityBestPractices WindowsAzureApps.docx. Accessed on 15 September, 2012. [17] SalesForce. "Sales Force platform". http://www.salesforce.com/platform/ Accessed on 24 August, 2012.
