View
214
Download
0
Embed Size (px)
Citation preview
© 2010 IBM Corporation
Christopher EnseyIBM Federal, Principal Security Strategist Assoc. Director, IBM Institute for Advanced [email protected]@IBMFedCyber
Security and Cloud Computing
© 2010 IBM Corporation2
Security and Cloud Computing
Outline
Security: Grand Challenge for the Adoption of Cloud Computing IBM Capabilities for Cloud Security IBM USAF MOCA
© 2010 IBM Corporation8
Security and Cloud Computing
Security – Grand Challenge for the Adoption of Cloud Computing
© 2010 IBM Corporation9
Security and Cloud Computing
What is Cloud Security?
There is nothing new under the sunbut there are lots of old things we don't know.Ambrose Bierce, The Devil's Dictionary
Software as a Service
Utility Computing
Grid Computing
Cloud Computing
Confidentiality, integrity, availabilityof mission-critical IT assetsStored or processed on a cloud computing platform
© 2010 IBM Corporation10
Security and Cloud Computing
Where is the Data? – Moving from Private to PublicLeads to a Real or Perceived Loss of Control
We Have ControlIt’s located at X.We have backups.Our admins control access.Our uptime is sufficient.The auditors are happy.Our security team is engaged.
Who Has Control?Where is it located?Who backs it up?Who has access?How resilient is it?How do auditors observe?How does our security team engage?
Of enterprises consider security #1 inhibitor to cloud adoptions
80%
Of enterprises are concerned about the reliability of clouds48%
Of respondents are concerned with cloud interfering with their ability to comply with regulations
33%
Source: Driving Profitable Growth Through Cloud Computing, IBM Study, 2008 (conducted by Oliver Wyman)
© 2010 IBM Corporation11
Security and Cloud Computing
Specific Customer Concerns Related to Security
Protection of intellectual property and data
Ability to enforce regulatory or contractual obligations
Unauthorized use of data
Confidentiality of data
Availability of data
Integrity of data
Ability to test or audit a provider’s environment
Other
30%21%15%12% 9% 8% 6% 3%
Source: Deloitte Enterprise@Risk: Privacy and Data Protection Survey, 2007
© 2010 IBM Corporation12
Security and Cloud Computing
Workloads may be at Different Levels of Cloud Readiness
May not yet beready for migration ...
SensitiveData
HighlyCustomized
Not yet virtualized3rd party SW
Complexprocesses &transactions
Regulationsensitive
Readyfor Cloud
New workloadsmade possible by
clouds ...Collaborative Care
Medical Imaging
Financial Risk
Energy Management
AnalyticsInfrastructure Storage
Industry Applications
Collaboration
Workplace, Desktop& Devices
Business Processes
Disaster Recovery
Development& Test
InfrastructureCompute
Informationintensive
Isolatedworkloads
Matureworkloads
Pre-production
systems
BatchprocessingMarket bias:
Private cloud
Public cloud
© 2010 IBM Corporation13
Security and Cloud Computing
Low-risk Mid-risk High-risk
Mission-critical workloads, personal
information
Mission Risk
Need for Security Assurance
Low
High
Training, testing with non-sensitive
data
Today’s clouds are primarily here:
Lower risk workloadsOne-size-fits-all
approach to data protection
No significant assurance
Price is key
Tomorrow’s high value / high risk workloads need:
Quality of protection adapted to risk
Direct visibility and control
Significant level of assurance
Analysis & simulation with
public data
One-size does not fit-all:Different cloud workloads have different risk profiles
© 2010 IBM Corporation14
Security and Cloud Computing
IBM and Cloud Security
© 2010 IBM Corporation15
Security and Cloud Computing
IBM's Strategy for Cloud Security
IBM Security Framework:Risk management-based
approach to security
Provider ofCloud-based Security Services
Provider ofSecure Clouds
Provider ofSecurity Products for Clouds
© 2010 IBM Corporation16
Security and Cloud Computing
IBM as Provider of Security Products for Clouds, andIBM as Provider of Cloud-based Security Services
= Professional Services
= Products
Identity and Access Management
Identity and Access Management
Mainframe SecurityMainframe Security
Virtual System SecurityVirtual System Security
Database Monitoring and Protection
Database Monitoring and Protection
Encryption and Key Lifecycle ManagementEncryption and Key
Lifecycle Management
App Vulnerability ScanningApp Vulnerability Scanning
Access and Entitlement Management
Access and Entitlement Management
Web Application FirewallWeb Application Firewall
Data Loss PreventionData Loss Prevention
App Source Code ScanningApp Source Code Scanning
SOA SecuritySOA Security
Intrusion Prevention System
Intrusion Prevention System
Messaging SecurityMessaging Security
Data MaskingData Masking
Infrastructure SecurityInfrastructure Security
E-mail SecurityE-mail Security
Application SecurityApplication Security
Web/URL Filtering Web/URL Filtering
Vulnerability Assessment
Vulnerability Assessment
Firewall, IDS/IPS, MFS Mgmt.
Firewall, IDS/IPS, MFS Mgmt.
Identity ManagementIdentity Management
Data SecurityData
Security
Access ManagementAccess Management
GRCGRCGRCGRC
Physical SecurityPhysical Security
= Cloud-based & Managed Services
Security Governance, Risk and Compliance
Security Governance, Risk and Compliance SIEM and Log ManagementSIEM and Log Management
Web / URL Filtering
Web / URL Filtering
Security Event Management
Security Event Management
Threat Assessment Threat Assessment
© 2010 IBM Corporation17
Security and Cloud Computing
Cloud Security = SOA Security + Secure Virtualized Runtime
Service-oriented Architecture• SOA Security model and protocols apply• Technical challenges: multi-tenancy, across trust domain,
REST-based, new protocols (e.g., OpenID)• Definitional challenges: profiles and security SLAs for cloud
Virtualized Runtime
Process/VM Isolation, data segregation, multi-tenancyMalicious insiders (co-tenants, cloud provider)Management (incl. self-service) interface compromiseInsecure interfaces and APIsUncertainty over data locationData protection and securityData recovery, resiliencyInsecure or incomplete data deletionAccount or service hijackingAbuse of cloud services (extrusion)Compliance risks
Source: CSA (2010), ENISA (2009), Gartner (2008), IBM X-Force (2010)
Top Threats and Risks in Cloud Computing
© 2010 IBM Corporation18
Security and Cloud Computing
Example for SOA-style Security applied to Cloud:IBM Tivoli Federated Identity Manager
TFIM = Tivoli Federated Identity Manager TFIM BG = TFIM Business Gateway for SMB deploymentTSPM = Tivoli Security Policy Manager for data entitlement management
Centralized user access management to on- and off-premise apps and services
Tools for user enrollment, WS-Trust based security token services, web access management
TFIM &
TSPM
TFIM
BG
TFIM
SAML 1.0 / 1.1 / 2.0WS-FederationLiberty ID-FF 1.1/ 1.2 Information Card Profile 1.0 OpenID
© 2010 IBM Corporation19
Security and Cloud Computing
Example for Securing the Virtualized Runtime:IBM Security Virtual Server Protection for VMware vSphere 4
VMsafe Integration
Firewall and Intrusion Prevention
Rootkit Detection / Prevention
Inter-VM Traffic Analysis
Automated Protection for Mobile VMs (VMotion)
Virtual Network Segment Protection
Virtual Network-Level Protection
Virtual Infrastructure Auditing (Privileged User)
Virtual Network Access Control
This is an example where virtualization enables an approach to security that would not be
possible in a non-virtualized infrastructure!
© 2010 IBM Corporation20
Security and Cloud Computing
Hosted Security Event and Log Management
Hosted Vulnerability Management
Hosted Email and Web Security
Hosted X-Force® Threat Analysis
Service
To the Customer – Offloading Security Tasks on the Ground
Offsite management of logs and events from IPS’s, Firewalls and OSs
Proactive discovery and remediation of vulnerabilities
Protection against spam, worms, viruses, spyware, adware, and
offensive content
Subscription service
Monitoring and management
Cloud based
Customized security intelligence based on threat
information from X-Force research and development
team
11 22 33 44
Cloud Security Services: Smart Security Services delivered from the IBM Cloud
© 2010 IBM Corporation21
Security and Cloud Computing
Cloud Service Model Suggests Split ofResponsibilities between Provider and Subscriber
Platform-as-a-Service
Middleware
Database
Web 2.0 ApplicationRuntime
JavaRuntime
DevelopmentTooling
Infrastructure-as-a-Service
Servers Networking StorageData Center
Fabric
Shared virtualized, dynamic provisioning
Application-as-a-Service
Collaboration
Financials
CRM/ERP/HR
Industry Applications
Business Process-as-a-Service
Employee Benefits Mgmt.
Industry-specific Processes
Procurement
Business Travel
Who is responsible for security at the … level?Datacenter Infrastructure Middleware Application Process
Provider Subscriber
Provider Subscriber
Provider Subscriber
Provider Subscriber
Provider/Subscriber service agreementdetermines actual responsibilities.
© 2010 IBM Corporation22
Security and Cloud Computing
IBM Cloud Computing PlatformIBM Global Cloud Data Centers
IBM's Approach to Providing Secure Clouds
Base Services(Offered by IBM)
Client Services(Customized by Client)
• Client's responsibility• IBM does not touch client resources• IBM provides guidance for customization
and management of client services
• IBM's responsibility• IBM provides tested base services
• IBM's responsibility• Base operated and managed according to
IBM's internal technical and organizational security standards
• Extensive regular internal legal, geo-specific, data privacy, technical reviews
• Regular ethical hacking/security testing• Based on IBM's strategic outsourcing
practices and the IBM Common Cloud Reference Architecture
Hardened management interfaces and cloud service management
State-of-the-artdata center service management
Cloud subscriber management based on IBM Web Identity
State-of-the-art data-center security (physical, organizational, system, network)
Strict policies and extensive monitoring to control privileged users
© 2010 IBM Corporation23
Security and Cloud Computing
IBM Cloud Security in Action – IBM LotusLiveSecurity through the entire lifecycle and stack
© 2010 IBM Corporation24
Security and Cloud Computing
IBM Cloud Security in Action – IBM Compute Cloud
© 2010 IBM Corporation25
Security and Cloud Computing
IBM and US Air Force: MOCA
© 2010 IBM Corporation
MOCA Purpose – Address Hard engineering problems for cloud and cyber defense
MOCA = Mission Oriented Cloud Architecture
A combined effort between IBM and the US Air Force to explore feasibility of cloud architectures in a mission setting.
Main Areas of Investigation:
Network awareness
Situational awareness
Application and database vulnerability detection
Network defense
Cloud management
Security and Cloud Computing
26
© 2010 IBM Corporation
MOCA ScopeThe Mission Oriented Cloud Architecture (MOCA)
project expands on four areas in cloud computing:
Network Awareness
- Advanced Analytic processing coupled via sensors, monitors and other detection devices
Application and database vulnerability detection
- Innovative technology leveraging IBM research investments in trusted virtual datacenters
Network Defense
- Automated re-provisioning of the cloud to respond to Cyber events: isolation of compromised virtual machines, reconfiguration of security policies, etc.
- Policy based security compliance reporting and enforcement
Cloud Mangement
- Real-time situational awareness of the cloud environment, security posture and network
- Secure collaboration in support of the mission and during threat events
Security and Cloud Computing
27
© 2010 IBM Corporation
MOCA Investigates Scope through Seven Functional Areas
The MOCA research will explore the scope areas through AF directed research and development in the following functional areas:
Foundational Cloud Computing
Resilience
Compliance
Analytics
Deep Packet Inspection
Multi-tenancy
Secure Collaboration
Security and Cloud Computing
28
© 2010 IBM Corporation
Area #1, Foundational Cloud Computing - Establish the Infrastructure
Provides cloud computing foundation system functionality for
• Federated Identity Management Capability
• Process governance for approval purposes
• Automated and Request Driven Provisioning
Foundational Service Discovery
Operational Service Deployment
Service Delivery Monitoring
• Operational Monitoring
IBM Technology
• Tivoli Service Automation Manager
• IBM Tivoli Monitoring
• Tivoli Access Manager and Federated Identity Manager
• SOA Governance Process
Security and Cloud Computing
29
© 2010 IBM Corporation
Area #2, Resilience - Keeping core capability militarily relevant
1. Protect: the network, systems, services and data.
2. Rebuild:
Reconstruction of damaged cloud resources
Rapid restoration from gold copies
3. Relocate:
Relocation of virtualized resources
Rapid relocation to a new VLAN
IBM Technology
• ISS Site Protector
• ISS Proventia IPS
• Guardium
Security and Cloud Computing
30
© 2010 IBM Corporation
Area #3, Compliance – Adherence to Security Policy
Compliance provides distribution, revocation, and integrity services for security policies
Security policy resides in the policy engine
The policies are distributed by the distribution engine and checked cyclically by the compliance engine
Security policies for the network perimeter, DMZ, applications, hosts and network devices are included.
IBM Technologies
• Tivoli End Point Manager
• Tivoli Compliance Manager
Security and Cloud Computing
31
© 2010 IBM Corporation
Area #4, Analytics – Know It Now; Respond Now
Analytics provide real-time autonomic policy responses based on a network attack detection
Sensors across the enterprise provide input to the ingest engine
The Ingest engine filters inputs and provides clean sensor data to the analytics engine for classification and correlation
The response engine provides the autonomic security policy actions based on the correlated event decision logic
IBM Technologies
• Infosphere Streams
• Tivoli End Point Manager
Security and Cloud Computing
32
© 2010 IBM Corporation
Area #5, Deep Packet Inspection – Is It Safe?Provide behavior-based, near real time detection and response to network level threats
All network traffic traversing the cloud is inspected for behavior based attacks
IP level inspection detects malformed messages, illegal content, and previously detected classes of attacks in the Network Threat Analyzer
Detected threats cause autonomic security policy changes to be implemented
IBM Technologies
• ISS Intrusion Prevention Systems
• Tivoli Endpoint Manager
• Tivoli Compliance Manager
Security and Cloud Computing
33
© 2010 IBM Corporation
Area #6, Multi-Tenancy – Peaceful, Secure Co-existence
Validate VM Isolation Management
Prove that data confidentiality exists between images
Prove ability to detect and correct image provisioning anomalies
Test that deployed VM images are correctly configured
Show that corrective actions for mis-configured VM images can be applied
Prove rapid provisioning capabilities
Rapid deployment of new VM images
Rapid provisioning of new images
Rapid access by new users
IBM Technologies
ISS Site Protector
Tivoli Service Automation Manager
Tivoli Endpoint Manager
Tivoli Compliance Manager
ISS Virtual Service Protection
Security and Cloud Computing
34
© 2010 IBM Corporation
Area #7, Secure Collaboration – Sharing Information Securely
Prove that documents can be shared securely. Functionality includes:
1.Validate that tagging and protecting portions of an XML document reflect security classification
2.Prove that label based access controls can be applied allowing group or community access
3.Test that check in/check out of document capabilities are present.
4.Provide meta-data based search capabilities across multiple documents
IBM Technologies
• IBM FileNet Content Manager
• Tivoli Access Manager
• Tivoli Identity Manager
• Lotus Live
• Lotus Symphony
Security and Cloud Computing
35
© 2010 IBM Corporation
Situational Awareness – Getting the Big picture
Security and Cloud Computing
36
© 2010 IBM Corporation
Questions?
06/23/10
© 2010 IBM Corporation38
Security and Cloud Computing
Thank you!
For more information, please visit:ibm.com/federalIbm.com/federal/securityFollow me on Twitter: @IBMFedCyberOr send me an email: [email protected]