Documente Academic
Documente Profesional
Documente Cultură
About Me
Pete Lindstrom, CISSP Research Di R h Director COO, ISSA
Over 20 years in Finance, IT, Security Independent analyst performing reading, writing, rithmetic on security matters Former Marine (veteran), Big Six IT Auditor, Internal A dit Security Architect A dit I t l Auditor, S it A hit t & Manager BBA Finance, University of Notre Dame Fi U i it f N t D
2
2011 Spire Security. All rights reserved.
Oh, Yes!
THE CLOUD IS MORE SECURE! WEB 2.0 IS MORE SECURE! VIRTUALIZATION IS MORE SECURE! RISKS ARE INSIGNIFICANT!
4
2011 Spire Security. All rights reserved.
EVERYWHERE!
5
2011 Spire Security. All rights reserved.
The cloud is more secure! Web 2.0 is more secure! Virtualization is more secure!
6
2011 Spire Security. All rights reserved.
Threat piece:
o you lower the cost to attack
Increased popularity of software platform
Consequences piece:
o you increase the value of the resources
9
2011 Spire Security. All rights reserved.
Threat piece:
o you increase the cost to attack o you restrict the access to the system
Consequences piece:
o you reduce the value of the resources
But we dont want to do this, right?
10
2011 Spire Security. All rights reserved.
Involves reviewing administrative procedures and technical architecture Take basic principles and apply to p g cloud computing
11
2011 Spire Security. All rights reserved.
Control Objectives
Data/Informatio on
Resources s
Applied to Technology
Inbound (In-Transit) Stored (At-Rest) Outbound (In-Transit)
Data/Informatio on
Resources s
Compromises
Stored (At-Rest) Outbound (In-Transit)
Confidentiality
Data/Informatio on
Sniff
Copy (steal) ( steal ) Integrity Modify Delete Productivity Distract propriety Abuse Ab se (illegal)
Availability Overload
Resources s
Change in Consequences
A Control Objective Approach
o Information centric Compromise Information-centric
Modified data (Integrity) Deleted data (Availability - Data) Copied data (Confidentiality)
o System/App-centric Compromise
Resource Availability (Use Control) R Resource Mi Misuse (A (Accountability) t bilit )
This exercise is highly variable and left up to the responsible parties (well hold consequences (we ll constant)
16
2011 Spire Security. All rights reserved.
Cloud Architecture
18
2011 Spire Security. All rights reserved.
Traditional Network
cloudy
DB App Server DB App Server DB App Server
DATA CENTER
DB App DB App Server DB App Server
Server
Switch
Switch
Switch
Switch
Router
Router
Servers Users
Router Switch Client App User Client App User Router Switch Client App User
PUBLIC ACCESS
2011 Spire Security. All rights reserved.
BRANCH OFFICE
INTERNAL NETWORK
19
Server Cloud
SOMEBODY ELSE
DB App Server DB App Server DB App Server
DATA CENTER
DB App Server DB App Server DB App Server
Switch
Switch
Switch
Switch
Servers Users
Router
Router
PUBLIC ACCESS
2011 Spire Security. All rights reserved.
BRANCH OFFICE
INTERNAL NETWORK
20
DB App Server
App Client App Client
DB App Server
DB App Server
Switch
Switch
Switch
Switch
Router
Servers Users
Router
PUBLIC ACCESS
2011 Spire Security. All rights reserved.
BRANCH OFFICE
INTERNAL NETWORK
21
The CLOUD
may incorporate or leverage Web 2.0, SaaS, virtualization, grid, etc will provide p p platforms but ( yp (typically) not y) people can eliminate the need for redundant can services in multiple data centers can host data and/or applications can can be client- or server-oriented
22
2011 Spire Security. All rights reserved.
Cloud computing
aggregates resources of multiple parties (multi-tenancy) requires a new level of administrator q
o super-superuser
changes connection/integration points changes makes every user external minimizes the notion of network-based security
23
2011 Spire Security. All rights reserved.
Change in Threat
Value to attacker increases
o Potential gain from shared resources
New attacks
o Side-channel attacks direct from bad guys or via more risk tolerant risk-tolerant, compromised neighbors
28
2011 Spire Security. All rights reserved.
29
2011 Spire Security. All rights reserved.
Change in Vulnerability
Change in technical architecture g
o These are attack points g g o E.g. virtualizing non-virtualized assets o Cant ignore your neighbors resources
In Other Words
32
2011 Spire Security. All rights reserved.
M More attack points with more tt k i t ith opportunities to connect, all other things equal thi l
34
2011 Spire Security. All rights reserved.
1 Threat Mgt: Monitoring activities and events Vuln. Mgt: Hardening the systems
37
2011 Spire Security. All rights reserved.
Threat M Th t Management t
Identifying attacks and compromises Blocking attacks and fixing compromises Responding to incidents Conducting forensic analyses C d ti f i l
Trust M T t Management t
Training users Testing users Defining policies and technical baselines Applying li i A l i policies and t h i l b d technical baselines li Audits and assessments
38
2011 Spire Security. All rights reserved.
39
2011 Spire Security. All rights reserved.
Responsibilities vary significantly Application/Host layer focus (bye, y y) bye network security)
40
2011 Spire Security. All rights reserved.
41
2011 Spire Security. All rights reserved.
42
2011 Spire Security. All rights reserved.
Recommendations
Threat
Typically increases due to attacker attractiveness and availability of resources Typically increases due to complexity of architecture; but may decrease based on application of stronger controls Up to you to decide
Vulnerability
Consequences
Small to midsize companies business units, and companies, units departments that are performing non-core functions are prime candidates for cloud computing. ti
44
2011 Spire Security. All rights reserved.
Recommendations
Move special-purpose (and non-core) functions with mobile users in the cloud first
o o o o o Its probably already there ;-) Customize everything! CPU cycles Network bandwidth You should assume you are on your own
Recommendations
Think positive (as in default deny)
o I Increased need f authentication d d for th ti ti o Increased need for defined data/program paths with verified integrity o I Increased need f encryption d d for i
Rethink perimeters / zones Fortify the integration points Encryption is your friend
o There isnt really an encrypt/monitor tension here
46
2011 Spire Security. All rights reserved.
o NIST
Guidelines on Security and Privacy in Public Cloud Computing
47
2011 Spire Security. All rights reserved.
Yourfeedbackisessential!
Pete Lindstrom petelind@spiresecurity.com li d@ i i www.spiresecurity.com Im a Twit! @SpireSec
2011 Spire Security. All rights reserved.