Advanced Cloud Security

Some of Lecture Materials belongs to CCSP Presentation

Content

• Domain 1: Architectural Concepts and Design Requirements

• Domain 2: Cloud Data Security

• Domain 3: Cloud Platform and Infrastructure

• Domain 4: Cloud Application Security

• Domain 5: Operations

• Domain 6: Legal and Compliance

Domain 1
Architectural Concepts and Design Requirements
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cloud Cryptography
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
The NIST Definition of Cloud Computing
NIST: National Institute of Standards and Technology

• “Cloud Computing is a model for enabling ubiquitous, convenient

on-demand network access to a shared pool of configurable
computing resources (e.g., networks, server, storage, applications,
and services) that can be rapidly provisioned and released with
minimal management effort or service provider interaction.”
Managed Service Providers

• A managed service provider (MSP) is a company that remotely manages

a customer's IT infrastructure and/or end-user systems, typically on a
proactive basis and under a subscription model.

• Client maintains control over the technology and operating

procedures.

• Smaller companies may not have budget to support Full-time IT.

• Larger companies may supplement their existing staff.

• Offers a predictable monthly cost for IT services.

Cloud Computing Definitions

• Anything as a Service: Services provided over the internet as opposed to being

provided locally.

• Business Continuity: The capability of the organization to continue delivery of

products or services at acceptable predefined levels following a disruptive incident.

• Cloud Applications: a software application never installed on a local application, but

is accessed over the internet.

• CAMP (Cloud Application Management for Platforms) Providing service of

management applications including packaging and deployment across public and
private cloud computing.
Cloud Computing Definitions

• Cloud Backup: Allows backup to a remote cloud-based server.

• Cloud Migration: The process of transitioning all or part of a company’s data or

infrastructure to the cloud.

• Cloud Portability: The ability to move applications and their data between one
cloud provider and another or from public/private cloud.

• Cloud Provisioning: The deployment of a company’s cloud computing strategy.

Provisioning entails developing the processes for interfacing with the cloud’s
applications and services as well as auditing and monitoring who accesses and
utilizes the resources.
Cloud Computing Definitions

• Desktop as a Service: An implementation of virtual desktop infrastructure

(VDI). Often delivered with the applications needed for use on the virtual
desktop.

• Infrastructure as a Service: Computer infrastructure such as servers,

virtualization and storage.

• Platform as a Service: Deploying onto the cloud infrastructure customer

created or acquired applications that are created programming libraries,
languages, services and tools supported by the provider.

• Software as a Service: A software delivery method that provides access to

software and its functions remotely as a web-based service
Cloud Computing Definitions

• Vertical Cloud Computing: Describes the use of cloud computing and

services for a particular vertical (Specific industry or specific-use)
application.

• Public Cloud: Cloud storage where the enterprise is separated from

the service provider and the data is stored and accessed across the
internet.

• Private Cloud: Cloud storage where the data/storage resources

reside within the enterprise’s datacenter.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Network Security and Perimeter
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Cloud Computing Roles

• Cloud Customer: Individual or entity that utilizes or subscribes to cloud-based services or

resources.

• Cloud Provider: The company that provides the cloud-based platform or services.

• Cloud Backup Service provider: Third-party entity that manages and provides
operational services for cloud-based backups.

• Cloud Services Broker: A third-party entity that looks to extend or enhance value to
multiple customers of cloud-based services through relationships with multiple cloud
service providers. It acts as a liaison between customers and providers ideally selecting the
best provider for each customer. The CSB acts as a middleman to broker the best deal and
customize services.
Cloud Computing Roles

• Cloud Service Auditor: Third-party organization that verifies attainment of

SLAs

• Cloud Administrator: Responsible for implementation, monitoring and

maintenance of the cloud within the organization or on behalf of an
organization.

• Cloud Application Architect: Responsible for adapting, porting or

deploying applications to a target cloud environment

• Cloud Data Architect: makes sure that storage and mechanisms within the
clouds meet and conform to the relevant SLAs.
Cloud Computing Roles

• Cloud Architect: will determine when and how a private cloud meets
the policies and needs of the organization

• Cloud Service Manager: Typically responsible for policy design,

business agreements, pricing models and some elements of the
SLA. The role works with cloud management and customers to
reach agreement.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Network Security and Perimeter
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Cloud Service Categories

• IaaS

• PaaS

• SaaS
IaaS

• Infrastructure as a Service

• According to “The NIST Definition of Cloud Computing” in IaaS:

“The Capability provided to the consumer is to provision processing, storage,

networks, and other fundamental computing resources where the consumer is able to
deploy and run arbitrary software, which can include OSs and applications.

The consumer does not manage or control the underlying cloud infrastructure but
has control over OSs, storage, and deployed applications; and possibly limited
control of select networking components (e.g., host firewalls).”
IaaS Offers:
TCO: Total Cost Of Ownership

• Usage metered and priced on the basis of units consumed

• Upwards or Downwards scalability as needed

• Reduced TCO: No need to buy any assets, as day-to-day efforts are

provided within the cloud. Reduced cost of maintenance and support,
and no loss of asset value

• Reduced energy and cooling costs along with green IT environment

• Reduced in-house IT staff

PaaS

• Platform as a Service: provides the customer the capability to

deploy onto the cloud infrastructure consumer-created or acquired
application created using programming languages, libraries,
services and tools supported by the provider.
PaaS Offers:

• Support for multiple languages and frameworks allowing developers to code in

whichever programming language they prefer

• Multiple hosting environments: the ability to offer a wide variety and choice for
the underlying hosting environments

• Flexibility: Focus on open standards and allowing relevant plugins to be quickly

introduced to the platform. The goal is to reduce “lock-in” that comes with
proprietary source code

• Automatic scalability: The application to seamlessly scale up and down as

required by the platform.
SaaS

• Software as a Services provides the consumer the ability to use the provider’s
applications running on a cloud infrastructure. The applications are accessible
from various client devices through an interface like a web browser or a program
interface

• Can be delivered either as:

• Hosted Application Management (AM): The provider hosts commercially available

software for customers and delivers it over the web

• Software on Demand: The cloud provider gives customers network-based access to

a single copy of an application created specifically for SaaS distribution
SaaS Offers

• Users can access their applications and data from anywhere anytime

• Reduced TCO—reduced the need for advanced hardware. Redundancy and storage are
provided

• Rather than purchasing licenses, software is leased

• Pay-per-use

• Elasticity

• Updates and Patch management is the responsibility of the provider

• Standardization—all users have the same version of software

Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Network Security and Perimeter
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Cloud Deployment Models

• Public

• Private

• Hybrid

• Community
Public Cloud Benefits

• Easy and inexpensive—hardware, application and bandwidth are

the responsibility of the provider

• Easy to provision resources

• Scalability

• Pay as you go
Private Cloud Model

• Provisioned for exclusive use by a single organization comprising multiple business units

• It may be owned managed and operated by the organization, a third party, or a combination

• May be on or off premises

• Provides much greater control over date, underlying systems and applications

• Greater control over security

• Assurance over data location, removal of multiple jurisdiction legal and compliance
requirements
Hybrid Cloud Model

• The hybrid is a composition of two or more distinct cloud infrastructures (private, community, or public)

• Provides organizations with the ability to retain control of their IT environments, but gives them the
convenience of using public cloud service for non-mission-critical efforts

• Utilized if there is a need to retain ownership and oversight of critical tasks and processes related to
technology

• Re-use previous investments in technology within the organization

• Control the most critical business components/systems

• “Cloud bursting” allows for public cloud resources to be utilized when private cloud workload has reached
capacity
Community Cloud Model

• Provisioned for exclusive use by a specific community of

consumers from organizations that have shared objectives and
requirements

• May be operated by one of more of the organizations in the

community or a third party

• Community clouds should give the benefits of a public cloud while

providing heightened privacy security and regulatory compliance.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Network Security and Perimeter
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Key Principles of an Enterprise Architecture

1. Define protections that enable trust in the cloud.

2. Develop cross-platform capabilities and patterns for proprietary and open

source providers.

3. Facilitate trusted and efficient access, administration and resiliency to the

customer.

4. Provide direction to secure information that is protected by regulations.

5. Facilitate proper and efficient identification, authentication, authorization,

administration and auditability.
Key Principles of an Enterprise Architecture

6. Centralize security policy maintenance operation, and oversight functions.

7. Access to information must be secure yet still easy to obtain

8. Delegate or federate access control where appropriate

9. Must be easy to adopt and consume, supporting the design of security patterns

10. The architecture must be elastic, flexible and resilient, supporting multi-tenant,
multi-landlord platforms

11. Architecture must address and support multiple levels of protection, including
network, operating system, and application security needs
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Cryptography in the Cloud

• Data in Motion

• Cloud architect is usually responsible for reviewing how data in

transit will be protected

• SSL/TLS create and encrypted tunnel.

• IP Sec tunnel mode is also a good solution.

Cryptography in the Cloud

• Data at Rest

• Though data is stored in the cloud best practices dictate key management be
handled by the client

• RKMS (Remote Key Management Service): Customer owns KMS on premise

but it is managed remotely by the service provider allowing customer to
control the confidentiality while the provider provides support remotely

• Client Side Key Management: Similar to RKMS the client side approach puts
the customer in control of encryption/decryption keys. KMS resides on
customer’s premises.
Cryptography in the Cloud
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Identity and Access Management and Access
Control

• Includes the people, processes and systems that are used to manage
access to enterprise resources. This ensures:

•Correct level of access is granted based on asset, services and

protected resources being accessed

•Multifactor Authentication is preferred

Phases of IAM
IAM: Identity and Access Management
• Provisioning and de-provisioning

• Centralized directory services

• Privileged user management

• Authentication and access management

Provisioning and De-Provisioning

• The goal of provisioning is to standardize, streamline, and create an

efficient account creation process, while creating a consistent, measurable,
traceable and auditable framework for providing access to end users.

• De-Provisioning is the process whereby a user account is disabled when

the user no longer requires access to the cloud-based services and
resources. Includes users leaving the organization, as well as changing
roles or functions or departments
Centralized Directory Services
LDAP: Lightweight Directory Access Protocol

• Most common protocol is LDAP, which stores, processes and

facilitates a structured repository of information stored, coupled
with unique identifiers and locations

• LDAP Is the communications protocol used to interact with Active

Director
Privileged User Management

• Focuses on process and ongoing requirements to manage the

lifecycle of user accounts with the highest privileges

• These accounts carry the highest risk and impact

• Should include the ability to: track usage, authentication successes

and failures, authorization times/dates, log successful and failed
events, enforce password management and contain sufficient levels
of auditing and reporting
Authorization And Access Management

• Regulates what a subject can do to an object

• Users require authorization and access management to access

required/appropriate resources.

• Should be functional, operational and trusted

• Should be based on sound security principles such as separation

of duties, privilege management, password management, etc.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Data And Media Sanitization

• When leaving or migrating from a cloud provider, considerations must be

made for export/import of data in standards-based formats

• “Vendor lock-in” describes situation where proprietary formats,

technology, etc. make it more difficult to move data out of the cloud or
from on provider or another

• How is media sanitized after removal?

• Degaussing/physical destruction is rarely an option. Overwriting is

frequently used.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Virtualization Security

• Virtualization allows logical isolation on multi-tenant servers

• May also allow attackers to target relevant components and

functions to gain unauthorized access to data/systems/resources

• Relies upon the security of the Hypervisor

Hypervisor

• Allows multiple OS to share a single hardware host, with the

appearance of each host having exclusive use of resources

• Type I Hypervisor running directly on the hardware with VM

resources provided by the hypervisor. “Also referred to as “bare
metal.” VMware ESXI, Citrix Xen Server. Hardware based

• Type II Hypervisor runs on a host OS to provide virtualization

services. VMware workstation, and MS Virtual PC. Software-based.
Hypervisor Security

• Type I hypervisors significantly reduce the attack surface. Hypervisor

vendors has control over relevant software that comprises and forms the
hypervisor package, reducing the likelihood of malicious code being
introduced at the hypervisor foundation

• Type II hypervisors have greater vulnerability since they are OS based.

Numerous vulnerabilities exist within various OS opening up additional
opportunities.
Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Common Threats

• Data Breaches: Disclosure

• Data Loss: Loss of integrity or destruction

• Account of Service Hijacking: Attacker sniffing or MITM

• Insecure Interfaces/APIs: provided by vendors to access their networks

• DOS or DDOS

• Malicious insiders

• Abuse of cloud services: Inherent weakness of any internet service

Common Threats

• Insufficient Due Diligence/Due Care

• Due diligence investigating and understanding risks

• Due care: Developing policies and procedures to address risks

• Shared Technology Vulnerabilities: Multiple tenants brings in risks

Security For Different Cloud Categories

• IaaS requires focus and understanding of the layers of the architecture from
architecture to virtualization components. Concerns include VM Attacks, Virtual
Switches/Network, VM Based Rootkits/malicious hypervisor, single point of access

• PaaS requires addressing 4 main issues

• System/Resource isolation

• User-level permissions

• User Access Management

• Protection against malware

Security For Different Cloud Categories

• SaaS Involves 3 main areas

• Data Segregation

• Data Access and Policies

• Web Application Security

Domain 1: Architectural Concepts and Design
Requirements

1. Cloud Computing Definitions

2. Cloud Computing Roles
3. Cloud Service Categories (SaaS, PaaS, IaaS)
4. Deployment Models (Public, Private, Hybrid)
5. Key Principles of Enterprise Architecture
6. Cryptography in the Cloud
7. Identity and Access Management
8. Media Sanitization
9. Virtualization Security
10. Threats
11. Business Continuity
Business Continuity and Disaster Recover Planning

• Continuity Management is the process in which risks and threats to

the ongoing availability of services, business functions and the
organization are actively reviewed and managed at set intervals.

• Disaster recovery focuses on restoration of most critical business

functions in the event of large impact events

• Must address C-I-A triad

Restoration Plan

• Due Diligence requires review of plans of the Cloud Service

Provider and SLAs in relation to:

• RPO

• RTO

• Compensation for loss

• Definitions of Criticality of specific services

• Points of contact and escalation

Cost-Benefit Analysis

The key driver for the adoption of cloud computing

• Resource pooling

• Time and efficiencies

• No depreciation of resources

• Savings of utilities costs

• Software Licensing and maintenance costs

• Thin Clients

• Pay per usage

Standards-Based Approaches
ISMS: information security management system
SOC: Service Organization Controls
ISO : International Organization for Standardization
Few standards exist exclusively for cloud computing

• ISO 27001 looks to certify that the ISMS can address relevant risks and
elements that is appropriate based on risks

• ISO 27002 is the framework for best practice

• SOC I, II, III Service Organization Control defines a comprehensive

approach to auditing and assesses the provider’s controls and their
effectiveness
Standards-Based Approaches
NIST : International Organization for Standardization
FIPS 140: Federal Information Processing Standards
HIPPA: Healthcare Information Portability and Accountability Act
PCI-DSS: Payment Card Industry Data Security Standard

• NIST 800-53: Goal is ensure that appropriate security requirements

and security controls are applied to all US Federal government
information and information systems

• FIPS 140 addresses uses of encryption and cryptography

• PCI-DSS, HIPPA and other regulations