Professional Documents
Culture Documents
ECS781P 8 Security
ECS781P 8 Security
CLOUD COMPUTING
Cloud Security
▪Network layer:
▪ Networking
▪Application layer:
▪ Client/server, RPC, Web Services
▪ REST
▪Performance:
▪ SLA
▪ Management
▪Security
▪Trends
▪ Monolithic applications → microservices
▪ Serverless: “hide complexity”
Contents
▪ Security concepts
▪ Attacks
▪ Security mechanisms
Information security
https://xkcd.com/844/
Cloud security is challenging
▪ Security concepts
▪ Attacks
▪ Security mechanisms
Examples of (Cloud-related) Attacks
▪ Traffic Eavesdropping
▪ Virtualisation Attack
Traffic Eavesdropping Attack
▪ Attack when data traversing to, from or within the cloud is “passively” viewed
illegitimately, compromising confidentiality
Malicious Intermediary or Man-In-The-Middle Attack (MITM)
DoS: where a computer is used to flood a server with TCP and UDP packets.
DDoS: where multiple systems target a single system with a DoS attack. The targeted network is then bombarded with packets from multiple locations
Virtualisation Attack (VM Escape)
▪ The services running in a Virtual Machine gain direct access and manipulate the
underlying physical resources using vulnerabilities in the virtualization
platform (compromising confidentiality, integrity or availability)
20
Contents
▪ Security concepts
▪ Attacks
▪ Security mechanisms
▪ Hashing
▪ Encryption
▪ Public Key Infrastructure (PKI)
▪ Other mechanisms
Security Controls
http://www.sans.org/critical-security-controls
Contents
▪ Security concepts
▪ Attacks
▪ Security mechanisms
▪ Hashing
▪ Encryption
▪ Other mechanisms
Hashing
000e793db
70c59309fa
cloud 6f0f36d004
SHA1 6d110f3be3
c
Hashing, characteristics
▪ Preimage resistance:
▪ For any given z, it is difficult (computationally infeasible) to find an x such that h(x) = z
▪ Second Preimage resistance:
▪ For any given x & h(x), it is difficult (computationally infeasible) to find y ≠ x such that h(y) =
h(x) ---- weak collision resistant
▪ Collision-resistance:
▪ It is difficult (computationally infeasible) to find any pair (x, y), x ≠ y such that h(x) = h(y) ---
Strong collision resistant
Notable examples of hash functions
▪ MD-5 (Merkle-Damgard-5)
▪ output length = 128 bits
▪ Broken: no collision resistance
▪ SHA-1 (SHA: Secure Hash Algorithm)
▪ Output length = 160 bits
▪ Broken: no collision resistance (Google researchers)
▪ 110 years on a GPU, 4 days on a grid of 10,000 GPUs
▪ SHA-2
▪ Group including SHA-224, SHA-256, SHA-384, SHA-512
▪ The number specifies the length of the output in bits
▪ Current standard
▪ SHA-3
▪ Output length: can be set arbitrary
▪ expected to replace SHA-2 as the standard
Hash is broadly used (beyond security)
▪ Hash-tables:
▪ extensive use in database systems
▪ the hash immediately gives the index where something is stored
▪ Image hashing:
▪ Used for image recognition
▪ A database of hashed images (e.g., illegal content) is used to identify matches against a
stream of images (e.g., in Facebook)
Hashing for Password Storage Protection
▪ Security concepts
▪ Attacks
▪ Security mechanisms
▪ Hashing
▪ Encryption
▪ Other mechanisms
Encryption
▪ “symmetric key”:
▪ Plain-text + key → cipher-text
▪ Plain-text cipher-text + + key
▪ Both parties need to know the secret key
Symmetric Encryption
▪ Block-Cipher:
▪ data is divided into “blocks” (fixed-length chunks, i.e., n-bits)
▪ encryption/decryption on blocks independent of each other
using the shared “key” for each block
▪ Stream-Cipher:
▪ 2 streams:
▪ stream of input text: encryption of 1 byte of plaintext at a time
▪ stream of key data: key data stream is generated by a function whose seed is
the encryption key
▪ Encryption: a byte from the input stream and a byte from the key stream
and combining them using some function
Classes of symmetric key ciphers
▪Block-Cipher:
▪Stream-Cipher:
Symmetric key encryption, pros and cons
▪Advantages
▪ Simple and efficient algorithms
▪ Can even be implemented directly in the hardware (e.g. using
electronic circuits such as XOR gates)
▪Disadvantages
▪ Requires a mechanism to “securely” establish the shared key
▪ In a multi-party setting, it is impossible to establish the
identity of each party (everyone has the same key)
▪ Non-repudiation is impossible: same key is used for
encryption and decryption, the recipient can fraudulently
claim a message is encrypted and sent by the sender
Asymmetric encryption: public key cryptography
B A
B B
A B
A A
B A
B B
A B
A A
▪ Protocols, data formats, roles, rules, practices and policies that enable a large-
scale system to reliably use public key cryptography
▪ Key-pairs’ creation, access control, back-up, monitoring, revocation/expiration,
archival/destruction
▪ Establishes trust and of public key identification through digital certificates
issued by Certificate Authorities (e.g., Verisign, COMODO, Thwate)
▪ Alternatives to Cas: “block-chain-based PKI”
Contents
▪ Security concepts
▪ Attacks
▪ Security mechanisms
▪ Hashing
▪ Encryption
▪ Other mechanisms
IAM (Identity and Access Management)
▪ Advantages:
▪ greater efficiency & ease of use
▪ Disadvantages:
▪ Single point of failure: security broker
▪ Mismanagement of tokens can compromise security
▪ If a malicious agent steals a token, it can assume the identity of its user without having to know
its credentials
▪ If tokens are not destroyed sensitive information of the users might be inferred
Cloud-Based Security Groups
▪ A VM image that has been subjected to a hardening process (and saved in the
VM images repository)
▪ Hardening: stripping unnecessary software from a system to limit potential vulnerabilities
that can be exploited by attackers (i.e., reducing its attack surface)
▪ This results in a VM template that is significantly more secure than the original standard
image
58
Cloud Computing: roadmap for this module
▪Network layer:
▪ Networking
▪Application layer:
▪ Client/server, RPC, Web Services
▪ REST
▪Performance:
▪ SLA
▪ Management
▪Security
▪Trends
▪ Monolithic applications → microservices
▪ Serverless: “hide complexity”
Ignacio Castro| Cloud Computing 60