Download Security and Privacy in Cloud Computing

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Transcript
CS573 Data privacy and security
in the cloud
Slide credits: Ragib Hasan, Johns Hopkins University
What is Cloud Computing?
Let’s hear from the “experts”
2
What is Cloud Computing?
The infinite wisdom of the crowds (via Google Suggest)
3
What is Cloud Computing?
We’ve redefined Cloud Computing
to include everything that we
already do. . . . I don’t understand
what we would do differently in the
light of Cloud Computing other than
change the wording of some of our
ads.
Larry Ellison,
founder of Oracle
4
What is Cloud Computing?
It’s stupidity. It’s worse
than stupidity: it’s a
marketing hype campaign
Richard Stallman
GNU
5
What is Cloud Computing?
Cloud Computing will
become a focal point of
our work in security. I’m
optimistic …
Ron Rivest
The R of RSA
6
So, What really is Cloud Computing?
Cloud computing is a new computing paradigm,
involving data and/or computation outsourcing,
with
– Infinite and elastic resource scalability
– On demand “just-in-time” provisioning
– No upfront cost … pay-as-you-go
That is, use as much or as less you need, use only when you
want, and pay only what you use,
7
The real story
“Computing Utility” – holy grail of computer
science in the 1960s. Code name: MULTICS
Why it failed?
•Ahead of time … lack of communication tech.
(In other words, there was NO (public) Internet)
•And personal computer became cheaper and
stronger
8
The real story
Mid to late ’90s,
Grid computing
was proposed to
link and share
computing
resources
9
The real story … continued
Post-dot-com bust, big
companies ended up with large
data centers, with low
utilization
Solution: Throw in virtualization technology, and sell
the excess computing power
And thus, Cloud Computing was born …
10
Cloud computing means selling “X as a
service”
IaaS: Infrastructure as a Service
– Selling virtualized hardware
PaaS: Platform as a service
– Access to a configurable platform/API
SaaS: Software as a service
– Software that runs on top of a cloud
11
Cloud computing architecture
e.g., Web browser
SaaS , e.g., Google Docs
PaaS, e.g., Google AppEngine
IaaS, e.g., Amazon EC2
12
So, if cloud computing is so great, why
aren’t everyone doing it?
Clouds are still subject to
traditional data confidentiality,
integrity, availability, and
privacy issues, plus some
additional attacks
13
Companies are still afraid to use clouds
[Chow09ccsw]
14
Anatomy of fear …
Confidentiality
– Will the sensitive data stored on a cloud remain
confidential? Will cloud compromises leak
confidential client data (i.e., fear of loss of control
over data)
– Will the cloud provider itself be honest and won’t
peek into the data?
15
Anatomy of fear …
Integrity
– How do I know that the cloud provider is doing
the computations correctly?
– How do I ensure that the cloud provider really
stored my data without tampering with it?
16
Anatomy of fear …
Availability
– Will critical systems go down at the client, if the
provider is attacked in a Denial of Service attack?
– What happens if cloud provider goes out of
business?
17
Anatomy of fear …
Privacy issues raised via massive data mining
– Cloud now stores data from a lot of clients, and
can run data mining algorithms to get large
amounts of information on clients
18
Anatomy of fear …
Increased attack surface
– Entity outside the organization now stores and
computes data, and so
– Attackers can now target the communication link
between cloud provider and client
– Cloud provider employees can be phished
19
Anatomy of fear …
Legal quagmire and transitive trust issues
– Who is responsible for complying with regulations
(e.g., SOX, HIPAA, GLBA)?
– If cloud provider subcontracts to third party
clouds, will the data still be secure?
1/31/2011
en.600.412 Spring 2011
20
What we need is to …
• Adapt well known techniques for resolving
some cloud security issues
• Perform new research and innovate to make
clouds secure
1/31/2011
en.600.412 Spring 2011
21
Traditional systems security
vs
Cloud Computing Security
Securing a traditional
system
Securing a cloud
22
Traditional systems security
vs
Cloud Computing Security
Analogy
Securing a house
Owner and user are
often the same entity
Securing a motel
Owner and users are almost
invariably distinct entities
23
Traditional systems security
vs
Cloud Computing Security
Securing a house
Biggest user concerns
Securing perimeter
Checking for intruders
Securing assets
Securing a motel
Biggest user concern
Securing room against
(the bad guy in next
room | hotel owner)
24
Data Privacy and Security in Cloud:
Overview
•
•
•
•
•
•
•
•
Novel attacks
Trustworthy cloud architectures
Data integrity and availability
Computation integrity
Data and computation privacy
Data forensics
Misbehavior detection
Malicious use of clouds
25
Co-tenancy in clouds creates new
attack vectors
A cloud is shared by multiple users
Malicious users can now legally be in the
same infrastructure
Misusing co-tenancy, attackers can
launch side channel attacks on victims
Research question: How to prevent attackers
from exploiting co-tenancy in attacking the
infrastructure and/or other clients?
Example: the Topology attack on Amazon EC2 (“Hey You! Get
off of my Cloud …” CCS 2009)
26
Today’s cloud architectures act like
big black boxes
Clients have no idea of or control over what is
happening inside the cloud
Clients are forced to trust cloud providers completely
Research Question: How do we design cloud computing
architectures that are semi-transparent and provide clients
with control over security?
Existing Approaches: TCCP (uses TPM), CloudProof
27
Today’s clouds provide no guarantee
about outsourced data
Amazon’s Terms of services
28
Today’s clouds provide no guarantee
about outsourced data
Problem:
Dishonest cloud providers can throw data away or lose data.
Malicious intruders can delete or tamper with data.
Clients need reassurance that the outsourced data is available,
has not been tampered with, and remains confidential.
Research Question: How can clients get
assurance/proofs that the cloud provider is actually
storing data, is not tampering with data, and can
make the data available on-demand?
Example Approaches: Provable Data Possession (PDP), Proof of
Retrievability (PoR), HAIL
29
Ensuring confidentiality of data in
outsourced computation is difficult
Most type of computations require decrypting data before
any computations
If the cloud provider is not trusted, this may result in
breach of confidentiality
Research Question: How can we ensure confidentiality of
data and computations in a cloud?
Existing Approaches: Homomorphic encryption, TCCP
30
Clients have no way of verifying
computations outsourced to a Cloud
Scenario
User sends her data processing job to the cloud.
Clouds provide dataflow operation as a service (e.g., MapReduce, Hadoop etc.)
Problem: Users have no way of evaluating the correctness of results
Research question: How can we verify the accuracy of outsourced
computation?
Existing Approaches: Runtime Attestation, Majority voting, Redundant operations
31
Clouds can be used for malicious
purposes
Adversaries can rent clouds
temporarily to create a large scale
botnet very quickly
Clouds can be used for spamming,
Denial of service, brute force
password breaking, and other
attacks
Example: WPACracker.com – a password cracking service that claims
to test 300,000,000 words in 20 minutes for $17, using a cloud
Research question: How can we rapidly detect misbehavior
of clients in a cloud?
32
Final quote
[Cloud Computing] is a
security nightmare and it
can't be handled in
traditional ways.
John Chambers
CISCO CEO
33
Secure Data Outsourcing
34
Homomorphic encryption
• The ability to perform computations on the
ciphertext without decrypting it first
• A specific algebraic operation performed on
the plaintext is equivalent to another (possibly
different) algebraic operation performed on
the ciphertext
35
A Simple Example
• Rot-13 is homomorphic with respect to
concatenation
36
Homomorphic encryption schemes
• Multiplicative homomorphic – e.g. RSA
• Additive homomorphic, e.g. Paillier
• Fully homomorphic encryption (FHE) (Gentry,
2010)
37
Alternative techniques
•
•
•
•
Search encrypted data
Fragmentation
Aggregation
…
38