2013 International Conference on Machine Intelligence Research and Advancement
IaaS Cloud Security Pragati Chavan1, Pradeep Patil2 1,2 Lecturer in Computer Dept. Marathwada Mitra Mandal’s Polytechnic, Pune-411033
[email protected]
Gurudatt Kulkarni3, Ramesh Sutar 4 3,4 Lecturer in Electronics & Telecommunication Dept. Marathwada Mitra Mandal’s Polytechnic, Pune-411033
Abstract-In the last few years, cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. Now, recession-hit companies are increasingly realizing that simply by tapping into the cloud they can gain fast access to best-of-breed business applications or drastically boost their infrastructure resources, all at negligible cost. Securing our digital assets has become increasingly challenging as our reliance on rapidly evolving technologies continues to grow. The security perimeter in computing has changed from a well-defined boundary that was relatively easy to identify and defend, to an elastic boundary that is constantly changing and for which the threats are constantly evolving. This paper investigates the complex security challenges that are introduced by the trend towards Infrastructure as a Service (IaaS)-based cloud computing. Availability, Authenticity, and Privacy are essential concerns for both Cloud providers and consumers as well. Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models, i.e., PaaS, and SaaS that are built upon IaaS layer. This paper presents an elaborated study of IaaS components' security and determines vulnerabilities and countermeasures. Finally, as a result of this research, we propose a Security Model for IaaS (SMI) to guide security assessment and enhancement in IaaS layer.
Shrikant Belsare5 5 Lecture in Mechanical Dept. Marathwada Mitra Mandal’s Polytechnic, Pune-411033
concepts, and best practices that have already been established. From another perspective, everything is new because cloud computing changes how we invent, develop, deploy, scale, update, maintain, and pay for applications and the infrastructure on which they run. Cloud computing is a technology that uses the internet and central remote servers to maintain data and applications. Cloud computing allows consumers and businesses to use applications without installation and access their personal files at any computer with internet access. This technology allows for much more efficient computing by centralizing storage, memory, processing and bandwidth.
Keywords- Computing, Cloud Computing Security, Service Level Agreement (SLA), Infrastructure as a Service (IaaS)
I. INTRODUCTION Clouds are large pools of easily usable and accessible virtualized resources. These resources can be dynamically reconfigured to adjust to a variable load (scale), allowing optimum resource utilization. It’s a pay-per-use model in which the Infrastructure Provider by means of customized Service Level Agreements (SLAs) offers guarantees typically exploiting a pool of resources. Organizations and individuals can benefit from mass computing and storage centers, provided by large companies with stable and strong cloud architectures. Cloud computing incorporates virtualization, on-demand deployment, Internet delivery of services, and open source software. From one perspective, cloud computing is nothing new because it uses approaches, 978-0-7695-5013-8/13 $31.00 © 2013 IEEE DOI 10.1109/ICMIRA.2013.115
Figure 1 Cloud Computing models
I. CLOUD COMPUTNG SERVICES A. Infrastructure-as-a-Service The Infrastructure as a Service is a provision model in which an organization outsourcers the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis. Characteristics and components of IaaS include: o Utility computing service and billing model. o Automation of administrative tasks. o Dynamic scaling. 549
o Desktop virtualization. o Policy-based services. o Internet connective Infrastructure-as-a-Service like Amazon Web Services provides virtual server instances with unique IP addresses and blocks of storage on demand. Customers use the provider's application program interface (API) to start, stop, access and configure their virtual servers and storage. In the enterprise, cloud computing allows a company to pay for only as much capacity as is needed, and bring more online as soon as required. Because this pay-for-what-you-use model resembles the way electricity, fuel and water are consumed it's sometimes referred to as utility computing. Infrastructure as a Service is sometimes referred to as Hardware as a Service (HaaS).
efforts. On the downside, PaaS involves some risk of "lockin" if offerings require proprietary service interfaces or development languages. Another potential pitfall is that the flexibility of offerings may not meet the needs of some users whose requirements rapidly evolve. C. Software as a Service (SaaS): In this model, a complete application is offered to the customer, as a service on demand. A single instance of the service runs on the cloud & multiple end users are serviced. On the customers side, there is no need for upfront investment in servers or software licenses, while for the provider, the costs are lowered, since only a single application needs to be hosted & maintained. Today SaaS is offered by companies such as Google, Salesforce, Microsoft, Zoho, etc. II. UNDERSTANDING INFRASTRUCTURES AS A SERVICE (IAAS) Infrastructure as a Service is a form of hosting. It includes network access, routing services and storage. The IaaS provider will generally provide the hardware and administrative services needed to store applications and a platform for running applications. Scaling of bandwidth, memory and storage are generally included, and vendors compete on the performance and pricing offered on their dynamic services. The service provider owns the equipment and is responsible for housing, running and maintaining it. IaaS can be purchased with either a contract or on a pay-asyou-go basis. However, most buyers consider the key benefit of IaaS to be the flexibility of the pricing, since you should only need to pay for the resources that your application delivery requires. IaaS provides an environment for running user built virtualized systems in the cloud. Using this technique virtual machines are created on premise and loaded with all the software that will eventually run in the cloud. This includes custom built software as well as licensed software. After the virtual machine is built it is uploaded to the IaaS vendor’s hosting environment where it can be configured to use the IaaS vendor’s raw storage. Once configured, the virtual machine can be deployed and started via some form of automation which automatically finds available hardware to run the virtual machine. Once the virtual machine is started the IaaS vendor can ensure that the running virtual machine continues to look healthy as a whole. The computers needed to run the application and the raw storage that is needed by the application are owned and supported by the IaaS vendor. It is the responsibility of the customer to monitor all the custom built software and licensed software to insure that they are operating properly. IaaS is an option that is very flexible and is the best choice for moving applications to the cloud when there is no time to rework the application’s code for a cloud environment.
Figure 2 Cloud Layered Security aspects
B. Platform-As-A-Service Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones. Platform as a Service (PaaS) is an outgrowth of Software as a Service (SaaS), a software distribution model in which hosted software applications are made available to customers over the Internet. PaaS has several advantages for developers. With PaaS, operating system features can be changed and upgraded frequently. Geographically distributed development teams can work together on software development projects. Services can be obtained from diverse sources that cross international boundaries. Initial and ongoing costs can be reduced by the use of infrastructure services from a single vendor rather than maintaining multiple hardware facilities that often perform duplicate functions or suffer from incompatibility problems. Overall expenses can also be minimized by unification of programming development
III.
550
SECURITY MODEL FOR IAAS
As a result of this research, we also discuss a Security Model for IaaS (SMI) as a guide for assessing and enhancing security in each layer of IaaS delivery model as shown in Fig.4. SMI model consists of three sides: IaaS components, security model, and the restriction level. The front side of the cubic model is the components of IaaS which were discussed thoroughly in the previous sections. The security model side includes three vertical entities where each entity covers the entire IaaS components. The first entity is Secure Configuration Policy (SCP) to guarantee a secure configuration for each layer in IaaS Hardware, Software, or SLA configurations; usually, miss-configuration incidents could jeopardize the entire security of the system. The second is a Secure Resources Management Policy (SRMP) that controls the management roles and privileges.
access to the decryption key, which would then also make the key, and consequently the data, available to the cloud resource provider). Of course, merely encrypting the data does not mean that information cannot be inferred from careful observation of the data stream, or of the storage devices under the cloud provider’s control.
Figure5.0 Authentication Process
B. Resource sharing In the current corporate computing model, resources such as storage and hosts tend to be used exclusively by a single corporate entity. However, in the cloud model it is entirely reasonable that a resource allocated to one corporation may be instantiated on some physical infrastructure that also hosts resources allocated to other corporate users. For example, a virtual machine may be instantiated on a physical server hosting several virtual machines, each allocated to a different corporation. In this case, it is quite possible that two competitors may be allocated resources on the same physical infrastructure. Security policies and procedures must consider the possibility that data may leak between competing corporations, or that the actions of one corporation could impact the ability of a competitor to conduct business. Some work has already demonstrated that this can occur. C. Data leakage protection and usage monitoring Data stored in an IaaS infrastructure in both public and private clouds needs to be closely monitored. This is especially true when you’re deploying IaaS in a public cloud. You need to know who is accessing the information, how the information was accessed (from what type of device), the location from which it was accessed (source IP address), and what happened to that information after it was accessed (was it forwarded to another user or copied to another site)?You can solve these problems by using modern Rights Management services and applying restrictions to all information that is considered business critical. Create policies for this information and then deploy those policies in a way that doesn’t require user intervention (don’t make it the user’s responsibility to decide which information is business
Figure 4.0 IaaS Security Model
The last entity is the Security Policy Monitoring and Auditing (SPMA) which is significant to track the system life cycle. The restriction policy side specifies the level of restriction for security model entities. restriction starts from loose to tight depending on the provider, the client, and the service requirements. Nevertheless, we hope SMI model be a good start for the standardization of IaaS layers. This model indicates the relation between IaaS components and security requirements, and eases security improvement in individual layers to achieve a total secure IaaS system. IV. INFRASTRUCTURE AS SERVICE SECURITY ASPECT A. Encrypted communication channels to cloud storage If the cloud is used only to store data, well-established cryptographic algorithms allow a cloud storage consumer to encrypt the data prior to insertion in the cloud, and decrypt it after moving it back to her own systems. It should be noted, however, that such general purpose cryptographic algorithms are not effective if the data is intended for use within the cloud (as the computation device in the cloud would require
551
critical and should be rights-protected). In addition, you should create a transparent process that controls who can see that information and then create a “self-destruct” policy for sensitive information that does not need to live indefinitely outside of the confines of the corporate datacenter. D. Authentication and authorization Of course, in order to have an effective Data Loss Prevention (DLP) solution – you have to have robust authentication and authorization methods in place. We can all agree that user name and password is not the most secure authentication mechanism. Consider two factor or multi-factor authentication for all information that needs to be restricted. In addition, consider tiering your access policies based on the level of trust you have for each identity provider for your IaaS cloud solutions. The level of authorization you enable from an identity provide such as Google Mail is going be a lot lower than if the identity provider is your corporate Active Directory environment. Integrate this authorization tiring into your DLP solution. E. End to end logging and reporting The effective deployment of IaaS, both in the private and the public cloud, demands that you have comprehensive logging and reporting in place. As virtual machines are spun up automatically and moved between servers in an array dynamically over time, you never know where your information might live at any place in time (and this becomes even more interesting when we look at the issue of storage virtualization and dynamic migration). In order to keep track of where the information is, who accesses it, which machines are handing it, and which storage arrays are responsible for it, you need robust logging and reporting solutions. The logging and reporting solutions are important for service management and optimization, and they will become even more important in the event of a security breach. Logging is critical for incident response and forensics – and the reports and findings after the incident are going to depend heavily on your logging infrastructure. Make sure that all compute, network, memory and storage activity is logged and that the logs are stored in multiple, secure locations with extremely limited access. Ensure that the principle of least privilege drives your log creation and management activities. F. Infrastructure hardening You need to make sure that your “golden image” virtual machines and VM templates are hardened and clean. This can be done with initial system hardening when you create the images, and you can also take advantage of technologies that enable you to update the images offline with the latest service and security updates. Make sure that you have a process in place to test the security of these master images on a regular basis to confirm that there has been no drift from your desired configuration, either due to malicious or nonmalicious changes from the original configuration.
Figure 6.0 Cloud Hardening Review
G. End to end encryption IaaS as a service, both in public and private clouds, needs to take advantage of encryption from end-to-end. Make sure that you use whole disk encryption, which ensures that all data on the disk, not just user data files, are encrypted. This also prevents offline attacks. In addition to whole disk encryption, make sure that all communications to host operating systems and virtual machines in the IaaS infrastructure are encrypted. This can be done over SSL/TLS or IPsec. This includes not only communications from management stations, but also communications between the virtual machines themselves (assuming that you allow communications between the virtual machines). Also, when available, deploy mechanisms such as homomorphic encryption to keep end-user communications safe and secure. This is a form of encryption that allows complex calculations to be performed on the data even though it is encrypted. H. Hypervisor security In the past, services were typically hosted on individual servers, which created a physical demarcation that most of us trusted between these services. With private cloud, most or all of them will run in a virtualized environment and you can’t take the security model used by the hypervisor for granted – you’ll need to evaluate the security models and development of your hypervisors and consider whether you should tier your applications based on relative security of different hypervisors. I. Multi-tenancy Most of us understand that public clouds are going to be multitenant solutions, where you will be sharing a pooled resource infrastructure with other consumers of the cloud service. The same is likely going to be true of your private cloud IaaS deployment. Although all the tenants will be from the same company (this is by definition for private cloud), not all tenants may be comfortable sharing infrastructure with other orgs within the same company. For example, would
552
Research and Development and Human Resources feel comfortable having their services hosted on the same infrastructure as Test or Messaging? You’ll need to consider how you handle multi tenancy in private cloud environment.
on the Internet and even resources hosted in your public cloud. How will you set up an eventing and reporting infrastructure that will be aware of all of these devices as they are instantiated and then tore down? How will you collect and organize this information? How will you determine what information is “interesting” and how will you remove the noise? How will integrate the intelligence data you collect with your automation systems so that remediation takes place automatically? V. CONCLUSION Most of the enterprises IT organizations are planning to deploy cloud models in their daily IT operations to seek the benefits provided by cloud computing models. It is up to the enterprises to choose from the available cloud deployment and resource models. In this Paper we also discuss the Security holes associated with IaaS implementation. The security issues presented here concern the security of each IaaS component in addition to recent proposed solutions. Infrastructure as a Service (IaaS) serves as the foundation layer for the other delivery models, and a lack of security in this layer will certainly affect the other delivery models, i.e., PaaS, and SaaS that are built upon IaaS layer. This paper presents an elaborated study of IaaS components' security and determines vulnerabilities and countermeasures. Finally, as a result of this research, we propose a Security Model for IaaS (SMI) to guide security assessment and enhancement in IaaS layer. REFERENCE:
Figure7.0 IaaS Security viewpoint
J. Identity management and access control (idam) – In a traditional datacenter we were comfortable with the small handful of authentication repositories we had to work with – Active Directory being one of the most popular. But with private cloud, how will you handle authentication and authorization for the cloud infrastructure? How will you handle it for the tenants? How will you handle delegation of administration of various aspect of the cloud fabric in what is an increasingly consolidated environment? And how will you handle the evolution of your private cloud to a hybrid cloud, where you will use various methods of federation and external identity providers, all with various levels of trust? K. Network security – In the traditional datacenter we had sophisticated network IDS/IPS devices that enabled us to view and assess traffic over the wire. We also had internal firewalls or advanced switches that enabled variable levels of access control over the wired (or wireless) network. In our private cloud we are likely to have many components of a service communicate with each other over virtual network channels only. How are you going to assess that traffic? How are you going to employ the same powerful access controls you did with your physical networks? And how will you control quality of service, which is a key issue in the “Availability” aspect of the CIA (Confidentiality, Integrity and Availability) security model L. Eventing and reporting Private cloud, while enabling many of your business groups, is going to potentially significantly increase the complexity of your overall computing infrastructure. Teams will be firing up virtual machines using self-service portals, they’ll be installing operating systems and services, and many of these are going to be connected to other resources in the private cloud, to resources on your production network, to resources
[1] [2]
[3]
[3]
[4] [5]
[6]
[7]
[8]
553
P. Mell and T. Grance, “Cloud Computing Definition”, National Institute of Standards and Technology, Version 15, 10-7-09 P. Patel, A. Ranabahu, and A. Sheth, "Service Level Agreement in Cloud Computing," Cloud Workshops at OOPSLA09, 2009. [Online].Available: http://knoesis.wright.edu/aboutus/visitors/summer2009/PatelReport.pdf Z. Shu-Qing, and K. Jie-Bin. "The improvement of PaaS platforn," First International Conference on Networking and Distributed Computing. Los Alamitos CA: IEEE Computer Society Press, 2010, pp. 156-159. J. W. Rittinghouse, J. F. Ransome, "Cloud Computing: Implementation, Management and Security" CRC Press, ISBN: 978-1-4398-0680-7, 2009. M. Jensen, J. Schwenk, N. Gruschka, and L. Lo Iacono, On Technical Security Issues in Cloud Computing. IEEE, 2009. S. Berger, R. Caceres, D. Pendarakis, R. Sailer, E. Valdez, R. Perez, W. Schildhauer, and D. Srinivasan, “Security for the cloud infrastrcture: trusted virtual data center (TVDc).” [Online]. Available: www.kiskeya.net/ramon/work/pubs/ibmjrd09.pdf N. Santos, G. P. Krishna, and R. Rodrigues, "Towards Trusted Cloud Computing," HotCloud'09, 2009. [Online]. Available: http://www.usenix.org/ event/hotcloud09/tech/full papers/santos.pdf Zhang Yandong ; Zhang Yongsheng, “Cloud computing and cloud security challenges” Information Technology in Medicine and Education (ITME), 2012 International Symposium on Volume: 2 Pankaj Arora, Rubal Chaudhry Wadhawan, Er. Satinder Pal Ahuja “Cloud Computing Security Issues in Infrastructure as a Service” International Journal of Advanced Research in Computer Science and Software Engineering, Volume 2, Issue 1, January 2012, ISSN: 2277 128X.
