Security in the Cloud
The cloud offers instant access to compute resources in the cloud that are accessible from virtually anywhere. This introduces a paradigm shift from the traditional on-premise datacenter to virtual datacenters but with it also brings new challenges in secuity. Initially when making this shift, security is one aspect that is typically in the forefront of the move, often secondary only to cost. This is because there is no guarantee by the cloud providers of security at their service layer. This is becuse security is up to the customer to provide at this point. Security within their own datacenter, while not guarenteed is in theory more secure than companies traditonal datacenters.
Phycial security (https://gcn.com/articles/2009/11/30/5-steps-to-a-secure-data-center.aspx) is still paramount, but in most of the mega-datacenters built today, they are primarily automated and need little human workers. These facilities are typically secured in such a way that they almost follow a clean-room procedure. This includes physical controls like biometrics, zone based access (mantraps) and suvelance video. One of the key most prevelent threats to the datacenter is the personell that man it. Many of the cloud providers take into account that the hardware they run their software defined infrastructure on, is only just that, comodity hardware. Beyond the design if the physical plant and datacenter, they take into account geolocation, and the underlying hypervisors to manage shifting workload across differnt datacenters.
Now that the providers have delivered security at the physical layer, they all offer differing ways to make your personal workloads as safe as you define. This is where security architecture comes in. I would argue that in the next-gen of private and public investment in the clouds, security architecture will be more relevant in software and design, both built-in and bolt-on (concepts terms from TOGAF). This is due to the need to design applications with security in mind. Often deisgners of software rely on physical security or inherent security at the operating system layer. Cloud providers still offer that, however access and identity is not the only factor in play. Since the hypervisor is not secured (ie. hyper-v and xen) beyond the physical layer of infrastructure, then providers offer encryption through HSM (Hardware Security Modules), both on-prem and in the cloud. The also offer management of the data soverignty, limiting where that data can be run adn who owns it. Physical hypervisors can also be isolated, to eliminate sharing of data in the heap when in transit or at rest. Securing the data from prying eyes is also key to a safe footprint in the cloud.
Another imposition that a security architect can deliver through design is how the netwerok is set up. Logically, there are a number of ways to design the network supporting security. On-premise this type of design often had physical consequence, but in the cloud we are finding that this is not the case with software designed networks. In this case, there are usually services by the cloud provider that mimic statefull and stateless firewalls, load balancers and HSM units. These can be leveraged when desinging a network. For example, when desinging an n-tier network application, a series of tiered resources are secured by NACLs and Security Groups. These logical security constructs are combined to limit access to the functionality on each tier. This is a design consideration for controlling the access of things. Another design aspect the security architect needs to account for is the design against attacks such as a denial of service attack. In the news most recently, http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/ Netflix was attacked by one such attack. There are ways to offload the content into large content delivery networks and build into the system a layer of massive global redundancy. If one site is attacked, the ability to shift the “good traffic” to other less affected sites will allow the application to run uninterupted. At the same time intelligent systems are placed to understand adn signature the traffic being generated and concequently “blacklisting” those IPs.
Security architectre goes beyond technical architecture desinging in fault tolerance, physical and logical controls. In addition the practice leverages proactive, reactive and detective controls to keep a companies resources secure and used for their intended purpose. As we move into the cloud many of those controls and design considerations transfer directly as a “lift and shift” solution, but it is becoming apprent cloud also has some considerations that need to be throught through beyond those controls in a broader context. Software defined networks and fungible resources allow for new design considerations across the cloud footprint.
Views: 2
