Security Requirements Specification Framework for Cloud Users

Security Requirements Specification Framework for Cloud Users Rida Naveed1 and Haider Abbas1,2 1

Department of Information Security, Military College of Signals, National University of Sciences & Technology (NUST), Islamabad, Pakistan [email protected] 2 Centre of Excellence in Information Assurance (COEIA), King Saud University, Riyadh, Saudi Arabia [email protected], [email protected]

Abstract. Cloud computing has gained significance due to its accessibility and highly scalable computing resources in today’s emerging IT technologies. These cloud resources are shared among all cloud entities at different levels of operation. And due to its complex architecture it is prone to a number of security threats. These security and privacy challenges must be taken into consideration by organizations when they have to outsource their data, infrastructure and applications into a cloud environment. The objective of this paper is twofold i.e. it highlights critical security challenges introduced in cloud environment, specific security requirements are analyzed for cloud users and a framework for engineering these security requirements is also presented. The paper proposes a cloud security assurance framework that helps users by providing a methodology for identifying security requirements of their assets at early stages of the cloud deployment process. It also provides mechanism to specify cloud system’s deployment requirements. Keywords: Cloud Security Requirements Engineering, Cloud Computing Security Requirements, Cloud Security Assurance Framework.

1

Introduction

Cloud computing has emerged as outsourced resource sharing computing technology that provide on-demand storage, software, computational power, infrastructure and network access to its users over the internet [6]. With the implementation of virtualization, service orientation and grid computing technologies, has increased trend of organizations and business entities towards its adaption. Because of various benefits like rapid resource sharing, location independence and elasticity, it has overcome a long awaited vision of separating users from their physical hardware needs thus providing them more flexible and scalable IT services [2][4][5]. James J. (Jong Hyuk) Park et al. (eds.), Future Information Technology, Lecture Notes in Electrical Engineering 276, DOI: 10.1007/978-3-642-40861-8_43, © Springer-Verlag Berlin Heidelberg 2014

297

298

R. Naveed, and H. Abbas

Cloud computing, despite of its tremendous benefits, does not comes without its pitfalls [1]. The amalgamation of different computing technologies in cloud computing gives rises to various security and privacy concerns. These concerns, if not taken into consideration can become security threats for the organizations adapting cloud model. This paper intends to focus on several critical security challenges introduced in a cloud environment [5]. Specific security requirements with respect to cloud users for each of cloud’s service model are investigated and a framework for engineering these security requirements is also documented. The paper proposes a cloud security assurance framework, which helps users from security burden [5], by providing them a methodology of identifying security requirements of their assets from the early stages of the cloud deployment process alongside cloud system’s deployment requirements [3]. Cloud computing security requirements [10] and challenges for adopting it for US government [11] has been discussed in previous work related to this topic, but an idea of a comprehensive framework for cloud security assurance has not been considered so far. This work will help in the emergence of computer system with security enforcement mechanisms incorporated at the time system’s functional requirements are been met thus eliminating security challenges within a system. The structure of a paper proceeds as follows: Section 2 presents the cloud security challenges. Section 3 presents the security requirements of cloud service Models. Section 4 describes in detail the cloud security assurance framework model for governmental organization. In section 5 discussion and finally the conclusion is presented in section 6.

2

Security Challenges in Cloud Environment

Cloud computing has gained immense popularity among individual home users with small enterprises to local and foreign government businesses. Depending on an organization’s need different deployment and service models with diverse technologies can be configured [12]. There are a number of ways in which cloud computing can be deployed either privately, public cloud, community cloud, or a combination of two or more public, private or community clouds i.e., hybrid cloud [12][13]. Moving towards cloud; need a paradigm shift in the way people think about security, users must understand that the Cloud Service Providers, CSPs are separate administrative entities and moving to cloud will deprive them of direct control over the systems that manage their data and applications [4]. Following are several critical security challenges that are faced to cloud users: 1. Due to clouds greater flexibility and cost-effectiveness, users tend to store more and more data onto it. And their confidentiality and integrity are at risk, as users no longer physically possess their data. 2. Cloud lack transparency of its operations from its users especially if their outsourced computational workloads contain sensitive information. Returning of incorrect results, software bugs, hardware failure, cross user data de-duplication [4], data deletion and attack on cloud servers can cause the cloud to behave deceitfully.

Security Requirements Specification Framework for Cloud Users

299

3. It is of critical importance for CSPs to have a trustworthy relationship with its customers on its service metering and usage charges. As cloud is a shared resourced network so its memory, network bandwidth, I/O and CPU cycles consumed per user cannot be isolated, nor can its charges per resource consumption is fairly computed. 4. Multi-tenancy and virtualization, increases risk of side channel attacks and privacy leaks, making reliable security difficult to achieve. 5. Data interception, impersonation, session hijacking, traffic flow analysis, infrastructure misuse, hardware theft, latency and natural disaster are possible security threats that can be introduced to a user when working in cloud environment.

3

Security Requirements of Cloud Service Models

The critical security challenges discussed above have gained significance and need to be addressed carefully. Cloud computing being an amalgamation of complex networked system is inherently affected by a great number of computer and network security issues. These security concerns arise by not considering the security requirements at the beginning of the system development process. As cloud is available to users in three service models, therefore, understanding and clearly documenting user specific security requirements is very critical in designing of vulnerability free computer systems. A detailed list of security requirements for cloud users in analyzed in Table 1 [5]. Table 1. Security Requirements for Cloud Users

Service Model

SaaS

Users

End Users /Organizations who needs to access its application resources on rent

Security Requirements - True server authentication - Application software testing - Scalability - Maintenance of infrastructure - Service uptime and security - Security of sensitive data - Abstract interaction dynamics issues - Browser-based Risks - Network dependence issues - Efficiency vs. cost tradeoffs - Privacy in multitenant environment - Access control - Communication protection ------------------------------------------- Service availability

Security Goals

-Confidentiality - Integrity - Availability - Accountability

300

R. Naveed, and H. Abbas Table 1. (continued)

PaaS

IaaS

4

Developers /Moderators who needs to construct high quality dynamic applications and requires more application level logic to perform

System administrators who needs to access computational infrastructure available over the internet such as virtual computers, network, storage, infrastructure components such as firewalls, and configuration services.

- Browser-based Risks - Network dependence issues - Efficiency vs. cost tradeoffs - Compatibility issues between PaaS clouds - Processor scheduling concerns - Application reuse security issues - Access control - Application security - Data security - Cloud management control security - Secure images

- Abstract interaction dynamics issues - Browser-based Risks - Network dependence issues - Efficiency vs. cost tradeoffs - Compatibility with legacy software vulnerabilities and Data erase practices -Virtual machine updating, checking and maintenance, VM-level isolation - Verifying legitimacy of web sites

- Confidentiality - Integrity - Availability - Accountability

- Confidentiality - Integrity - Availability - Accountability

Cloud Security Assurance Framework Model for Governmental Organization

This security requirements analysis must be done at the start of the cloud system development process so that the essential security enforcement mechanisms must be fitted in a system design process. This overcomes the common approach of including security within a system after the definition of a system [3]. This section presents a framework based on [14] for engineering security requirements for cloud environment. This cloud security assurance framework model, provides a methodology to


301

cloud users in general and government sector cloud users in specific, to identify security requirements of their assets at the time they decide to move their data towards cloud. It will help them to specify the level of security and privacy they required for their system that they would run on cloud infrastructure. Thus reducing security/functional requirements conflict by avoiding them from the very beginning of the development process. As a case study, a law enforcement department has been taken (as a governmental organization) who has to make decision of moving their data to cloud service provider. A framework described shows how to move step by step for achieving secure cloud services for their organization. The first step is to identify functional requirements, secondly identify security goals, thirdly identify security requirements, and finally forming a cloud security assurance framework model. 4.1

STEP 1: Identify Functional Requirements

By identifying functional requirements means to draw all systems context for the law enforcement department under consideration. It is done by identifying the necessary task, action or activity that must be accomplished by each of its department. A brief overview of task or actions each wing has to perform is shown in Table 2. Table 2. Functional Requirements of Law Enforcement Government Depertment

Law Enforcement Departments Anti-Corruption Wing Economic Crime Wing Technical Wing Immigration Wing

Anti-Trafficking Unit Legal Branch Intellectual Property Rights Branch Interpol Counter Terrorism Wing Academy

Functional Requirements Deals with organized crimes such as anti-corruption, spurious drugs, counterfeit currencies, PPC and other laws. Responsible for investigation of cases related to government revenue thefts. Provides scientific assistance to various units of federal government departments. Regulates flow of incoming and outgoing international passengers and prevents human smuggling via airports, land routes, sea ports and railway stations. Deals with the prevention and control of human trafficking. Provide legal guidance in all administrative and operational matters. Ensures that every system provides different types of warranty to ensure peaceful possession of property, tangible and intangible. Coordinate efforts relating to international police corporation. Responsible to identify, arrest and put to trial most wanted terrorists and to provide qualitative investigations for counter terrorism Responsible to prepare and train the newly hired officers of federal government

302

4.2


STEP 2: Identify Security Goals

According to Haley’s paper [14], security goals can be identified by three general steps i.e. i) Identification of Assets (Assets may include information/data asset, technology asset, human resource asset and service asset ) ii) Management Principles (These principles may include separation of roles and duties, separation of function, data protection and no connections from outside, requirement of audit trails etc.) and iii) Security Goals (Identifying and conducting a harm/risk analysis for the assets, it need to be analyzed if these assets are covered by the organizations policies). A list of security goals is then determined by applying management principles to these assets and keeping in mind the confidentiality, integrity, availability and accountability. 4.3

STEP 3: Identify Security Requirements

The paper focused on identifying security requirements that are constraints on functional requirements of a system [14]. Generalized security requirement checklists for the government departments that need to be considered are given below: • Pricing – The initial setup fee for cloud deployment, if the fees is charged according to bandwidth usage or the number of users and rate of increase in charges by the cloud must be taken into consideration by the cloud users. Infrastructure setup cost and cloud service usage cost comparison should also be made. • Service Provider’s Size – The actual size of the cloud service provider CSP, type of office it is housed in, size of its security team and if security a full-time job at the vender must be made sure by the cloud users. • Secure Area/ Physical Entry Control – The location where cloud service provider hosts its facilities must be in secure area. • Power Supplies – Protection of electronic equipment from power failures and other electrical anomalies must be ensured. • Cabling Security – All power and telecommunications cabling must be protected from interception or damage. • Separation of Development and Operational Facilities – Operational and development facilities must be separated to minimize the risk of unauthorized access or accidental changes to data or production software. • Environmental Monitoring – Monitoring of host computer environments must be done, including temperature, humidity, and power-supply quality. • Capacity Planning and Acceptance – Resource availability must be ensured by doing capacity planning and preparations in advance to meet customers growing demand. • Availability of provider – Availability of provider must be ensured by knowing the uptime guaranteed by the provider, how it is calculated, compensation for not satisfying the guaranteed uptime, cost per minute of user’s service downtime. • Sensitivity of Information Stored – The cloud users must make a risk profile of the sensitive data they want to move towards cloud. • Data Storage – Users must know the location of their data and data servers. Whether the data is hosted on dedicated, or shared, hardware.


303

• Data Accessibility – Cloud users must ensure that who has access to their data and applications and systems hosting them in cloud. What are the access controls in place according to roles and responsibilities of cloud users? • Authentication of Users – It is CSP’s responsibility to authenticate the users to avoid unauthorized user sign in and uses of cloud services. • Data Encryption – Cloud users must make sure that their data is properly encrypted, for example, using 256 bit AES or SSL for secure data transfer. • Controls – User must look for the controls in place to ensure confidentiality and integrity of their data. Controls like roles, permissions to file access, virus detection and prevention and user awareness procedures must be implemented. • Data Security Responsibility – Cloud users must know who is responsible for storing, processing and using their personal and sensitive information, personals responsible in case of any security breach, how they respond to it. • Network Monitoring – Network monitoring must be done 24hrx365days to make sure that the cloud infrastructure, networks and resources are safe and protected. • Firewalls and Patches – Cloud users should be concerned about the control of the influx and outflow of the traffic of their organization. Latest version of operating system and desktop applications should be used in conjunction with the cloud applications. • Data Backup – User’s data should be backed up, preferably off-site. • Policies and Procedures - Procedures and policies e.g. a clear desk policy, documented management authorization for the removal of property like equipment, data or software, management of all computer and networks, cloud provider’s security policies and standards, operating procedures documentation, incident management responsibilities and procedures, fault logs for recording reported faults by the users and for reporting and taking corrective action must exist. • Vulnerability Testing and Security Audits – Users must make sure that the test for all categories of vulnerability and security audits must be done regularly. • Termination Clauses – It must be known to the users that under what grounds cloud providers can dismiss their contract and how sooner will they get their data back from cloud after termination. This aforementioned framework can be depicted as follows in Fig. 1. Identify Functional Requirements Government Organization

Identify Security Goals

Users Satisfaction in adapting Cloud Services

Identify Security Requirements Fig. 1. Cloud Security Assurance Framework Model

304

5


Discussion

Several security requirements engineering methodology exist [14] but engineering security requirements of a system into cloud security assurance framework has not been addressed so far. Based on an extensive study; the framework is presented that would help users to identify security requirements of their assets and specify the level of security and privacy they required for their systems that they would run on cloud infrastructure. The paper explains the possible critical security challenges that the user might face in adapting cloud environment. Cloud service models, their use and security requirements for each is discussed in detail so that they must select an appropriate service that fits well to their specific environment.

6

Conclusion

The paper presents security assurance framework for cloud users to help in the security enforcement mechanisms incorporated in system’s functional requirements and to counter security challenges. The framework emphasizes that security requirements must be considered at early stage before moving organization’s sensitive data to cloud environment. Security requirement engineering needs to be devised to test and validate for the development of real time secure cloud systems.

References 1. Andrei, T.: Cloud Computing Challenges and Related Security Issues, http://www.cse.wustl.edu/~jain/cse571-09/ ftp/cloud/index.html (last accessed on September 23, 2012) 2. Waqar, A., Raza, A., Abbas, H., Khan, M.K.: A framework for preservation of cloud users’ data privacy using dynamic reconstruction of metadata. Journal of Network and Computer Applications 36(1), 235–248 (2013), http://dx.doi.org/10.1016/j.jnca.2012.09.001 3. Dubois, E., Mouratidis, H.: Guest editorial: security requirements engi-neering: past, present and future. Requir. Eng. 15(1), 1–5 (2010) 4. Ren, K., Wang, C., Wang, Q.: Security Challenges for the Public Cloud. Internet Comput. IEEE 16(1), 69–73 (2012) 5. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012) 6. Venters, W., Whitley, E.A.: A critical review of cloud computing: researching desires and realities. J. Inf. Technol. 27(3), 179–197 (2012) 7. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On Technical Security Issues in Cloud Computing. In: IEEE Int. Conf. on Cloud Computing (CLOUD 2009), pp. 109–116 (2009) 8. Chen, Y., Paxson, V., Katz, R.H.: What’s New About Cloud Computing Secu-rity? EECS Department, University of California, Berkeley, USA, UCB/EECS-2010-5 (2010)


305

9. Yu, H., Powell, N., Stembridge, D., Yuan, X.: Cloud computing and security challenges. In: Proceedings of the 50th Annual Southeast Regional Conference, New York, NY, USA, pp. 298–302 (2012) 10. Iankoulova, I., Daneva, M.: Cloud computing security requirements: A systematic review. In: RCIS 2012, pp. 1–7 (2012) 11. NIST, Cloud Computing Security Working Group, Challenging Security Requirements for US Government Cloud Computing Adoption (Draft) (November 2011) 12. Badger, L., Grance, T., Patt-Corner, R., Voas, J.: Draft-NIST-SP800-146-NIST Draft Cloud Computing Synopsis and Recommendations. Recommendations of the National Institute of Standards and Technology, http://csrc.nist.gov/publications/drafts/800-146/ Draft-NIST-SP800-146.pdf (accessed on September 12, 2012) 13. Huth, A., Cebula, J.: The Basics of Cloud Computing. USCERT http://www.uscert.gov/sites/default/files/publications/CloudComputingHuth Cebula.pdf (accessed on December 12, 2012) 14. Haley, C.B., Laney, R., Moffett, J.D., Nuseibeh, B.: Security Requirements Engineering: A Framework for Representation and Analysis. IEEE Transactions on Software Engineering 34(1), 133–153 (2008) 15. Dubois, E., Mouratidis, H.: Guest editorial: security requirements engi-neering: past, present and future. Requir. Eng. 15(1), 1–5 (2010) 16. Cloud Security Alliance, Top Threats to Cloud Computing, V1.0 by Cloud Security Alliance (March 2010) 17. Rosado, D.G., Mellado, D.: Security Engineering for Cloud Computing: Approaches and Tools. IGI Global Snippet (2012)