Cloud: Security

From OnnoWiki
Jump to navigation Jump to search

Cloud computing security atau, lebih sederhananya, cloud security mengacu pada serangkaian luas kebijakan, teknologi, dan kontrol yang digunakan untuk melindungi data, aplikasi, dan infrastruktur terkait dari cloud computing. Ini adalah sub-domain dari computer security, network security, dan, lebih luas lagi, information security.


Masalah keamanan yang terkait dengan cloud

Cloud computing dan storage memberi pengguna kemampuan untuk menyimpan dan memproses data mereka di data center pihak ketiga. Organisasi menggunakan cloud dalam berbagai model layanan yang berbeda (dengan akronim seperti SaaS, PaaS, dan IaaS) dan model penerapan (pribadi, publik , hybrid, dan community). Masalah keamanan yang terkait dengan komputasi awan terbagi dalam dua kategori besar: masalah keamanan yang dihadapi oleh penyedia awan (organisasi yang menyediakan Software as a service, Platform as a service, atau Infrastructure as a service melalui cloud) dan masalah keamanan yang dihadapi oleh pelanggan mereka (perusahaan atau organisasi yang menghosting aplikasi atau menyimpan data di cloud). Namun, tanggung jawab dibagi. Penyedia harus memastikan bahwa infrastruktur mereka aman dan bahwa data dan aplikasi klien mereka terlindungi, sementara pengguna harus mengambil langkah-langkah untuk memperkuat aplikasi mereka dan menggunakan kata sandi yang kuat dan langkah-langkah autentikasi.

Saat organisasi memilih untuk menyimpan data atau menghosting aplikasi di cloud publik, organisasi tersebut kehilangan kemampuannya untuk memiliki akses fisik ke server yang menghosting informasinya. Akibatnya, data yang berpotensi sensitif berisiko terkena serangan orang dalam. Menurut laporan Cloud Security Alliance baru-baru ini, serangan orang dalam adalah ancaman terbesar keenam dalam cloud computing. Oleh karena itu, penyedia layanan cloud harus memastikan bahwa pemeriksaan latar belakang menyeluruh dilakukan untuk karyawan yang memiliki akses fisik ke server di data center. Selain itu, data center harus sering dipantau untuk aktivitas yang mencurigakan.

Untuk menghemat sumber daya, memangkas biaya, dan mempertahankan efisiensi, penyedia layanan cloud sering kali menyimpan lebih dari satu data pelanggan di server yang sama. Akibatnya, ada kemungkinan data pribadi satu pengguna dapat dilihat oleh pengguna lain (bahkan mungkin pesaing). Untuk menangani situasi sensitif seperti itu, penyedia layanan cloud harus memastikan isolasi data yang tepat dan pemisahan penyimpanan logis.

Penggunaan ekstensif virtualisasi dalam mengimplementasikan infrastruktur cloud menghadirkan masalah keamanan yang unik bagi pelanggan atau penyewa layanan cloud publik. Virtualisasi mengubah hubungan antara OS dan perangkat keras yang mendasarinya – baik itu komputasi, penyimpanan, atau bahkan jaringan. Ini memperkenalkan lapisan tambahan – virtualisasi – yang harus dikonfigurasi, dikelola, dan diamankan dengan benar. Kekhawatiran khusus termasuk potensi untuk mengkompromikan perangkat lunak virtualisasi, atau "hypervisor". Sementara keprihatinan ini sebagian besar bersifat teoretis, mereka memang ada. Misalnya, pelanggaran di workstation administrator dengan perangkat lunak manajemen perangkat lunak virtualisasi dapat menyebabkan seluruh data center mati atau dikonfigurasi ulang sesuai keinginan penyerang.

Cloud security control

Arsitektur keamanan cloud hanya efektif jika implementasi defensif yang benar diterapkan. Arsitektur keamanan cloud yang efisien harus mengenali masalah yang akan muncul dengan manajemen keamanan. Manajemen keamanan mengatasi masalah ini dengan kontrol keamanan. Kontrol ini diterapkan untuk melindungi setiap kelemahan dalam sistem dan mengurangi efek serangan. Meskipun ada banyak jenis kontrol di balik arsitektur keamanan cloud, biasanya kontrol tersebut dapat ditemukan di salah satu kategori berikut:

Deterrent control
Kontrol ini dimaksudkan untuk mengurangi serangan pada sistem cloud. Sama seperti tanda peringatan di pagar atau properti, kontrol pencegah biasanya mengurangi tingkat ancaman dengan memberi tahu penyerang potensial bahwa akan ada konsekuensi yang merugikan bagi mereka jika terus berlanjut. (Beberapa menganggapnya sebagai bagian dari kontrol preventif.)
Preventive control
Kontrol preventif memperkuat sistem terhadap insiden, umumnya dengan mengurangi jika tidak benar-benar menghilangkan kerentanan. Otentikasi yang kuat dari pengguna cloud, misalnya, memperkecil kemungkinan pengguna yang tidak sah dapat mengakses sistem cloud, dan lebih memungkinkan pengguna cloud teridentifikasi secara positif.
Detective control
Kontrol detektif dimaksudkan untuk mendeteksi dan bereaksi secara tepat terhadap setiap insiden yang terjadi. Jika terjadi serangan, kontrol detektif akan memberi sinyal kontrol pencegahan atau korektif untuk mengatasi masalah tersebut. Pemantauan keamanan sistem dan jaringan, termasuk pengaturan deteksi dan pencegahan intrusi, biasanya digunakan untuk mendeteksi serangan pada sistem cloud dan infrastruktur komunikasi pendukung.
Corrective control
Kontrol korektif mengurangi konsekuensi dari suatu insiden, biasanya dengan membatasi kerusakan. Mereka mulai berlaku selama atau setelah insiden. Memulihkan cadangan sistem untuk membangun kembali sistem yang disusupi adalah contoh kontrol korektif.

Dimensi dari cloud security

Umumnya direkomendasikan bahwa kontrol keamanan informasi dipilih dan diterapkan sesuai dan sebanding dengan risiko, biasanya dengan menilai ancaman, kerentanan, dan dampaknya. Masalah keamanan cloud dapat dikelompokkan dalam berbagai cara; Gartner menamai tujuh Cloud access security broker (CASB) adalah perangkat lunak yang berada di antara pengguna cloud dan aplikasi cloud untuk memberikan visibilitas ke dalam penggunaan aplikasi cloud, perlindungan data, dan tata kelola untuk memantau semua aktivitas dan menegakkan kebijakan keamanan.

Security and privacy

Identity management
Every enterprise will have its own identity management system to control access to information and computing resources. Cloud providers either integrate the customer’s identity management system into their own infrastructure, using federation or SSO technology, or a biometric-based identification system, or provide an identity management system of their own. CloudID, for instance, provides privacy-preserving cloud-based and cross-enterprise biometric identification. It links the confidential information of the users to their biometrics and stores it in an encrypted fashion. Making use of a searchable encryption technique, biometric identification is performed in encrypted domain to make sure that the cloud provider or potential attackers do not gain access to any sensitive data or even the contents of the individual queries.
Physical security
Cloud service providers physically secure the IT hardware (servers, routers, cables etc.) against unauthorized access, interference, theft, fires, floods etc. and ensure that essential supplies (such as electricity) are sufficiently robust to minimize the possibility of disruption. This is normally achieved by serving cloud applications from 'world-class' (i.e. professionally specified, designed, constructed, managed, monitored and maintained) data centers.
Personnel security
Various information security concerns relating to the IT and other professionals associated with cloud services are typically handled through pre-, para- and post-employment activities such as security screening potential recruits, security awareness and training programs, proactive.
Privacy
Providers ensure that all critical data (credit card numbers, for example) are masked or encrypted and that only authorized users have access to data in its entirety. Moreover, digital identities and credentials must be protected as should any data that the provider collects or produces about customer activity in the cloud.

Cloud Vulnerability and Penetration Testing

Scanning could from outside and inside using free or commercial products is very important because without a hardened environment your service is considered as a soft target. Virtual servers should be hardened like a physical server against data leakage, malware, and exploited vulnerabilities. "Data loss or leakage represents 24.6% and cloud related malware 3.4% of threats causing cloud outages”

Scanning and penetration testing from inside or outside the cloud require to be authorized by the cloud provider. Since the cloud is a shared environment with other tenants following penetration testing rules of engagement step-by-step is a mandatory requirement. Violation of acceptable use policy which can lead to termination of the service.

Data security

A number of security threats are associated with cloud data services: not only traditional security threats, such as network eavesdropping, illegal invasion, and denial of service attacks, but also specific cloud computing threats, such as side channel attacks, virtualization vulnerabilities, and abuse of cloud services. The following security requirements limit the threats.

Confidentiality

Data confidentiality is the property that data contents are not made available or disclosed to illegal users. Outsourced data is stored in a cloud and out of the owners' direct control. Only authorized users can access the sensitive data while others, including CSPs, should not gain any information of the data. Meanwhile, data owners expect to fully utilize cloud data services, e.g., data search, data computation, and data sharing, without the leakage of the data contents to CSPs or other adversaries.

Access controllability

Access controllability means that a data owner can perform the selective restriction of access to her or his data outsourced to cloud. Legal users can be authorized by the owner to access the data, while others can not access it without permissions. Further, it is desirable to enforce fine-grained access control to the outsourced data, i.e., different users should be granted different access privileges with regard to different data pieces. The access authorization must be controlled only by the owner in untrusted cloud environments.

Integrity

Data integrity demands maintaining and assuring the accuracy and completeness of data. A data owner always expects that her or his data in a cloud can be stored correctly and trustworthily. It means that the data should not be illegally tampered, improperly modified, deliberately deleted, or maliciously fabricated. If any undesirable operations corrupt or delete the data, the owner should be able to detect the corruption or loss. Further, when a portion of the outsourced data is corrupted or lost, it can still be retrieved by the data users.

Encryption

Some advanced encryption algorithms which have been applied into cloud computing increase the protection of privacy. In a practice called crypto-shredding, the keys can simply be deleted when there is no more use of the data.

Attribute-based encryption (ABE)

Attribute-based encryption is a type of public-key encryption in which the secret key of a user and the ciphertext are dependent upon attributes (e.g. the country in which he lives, or the kind of subscription he has). In such a system, the decryption of a ciphertext is possible only if the set of attributes of the user key matches the attributes of the ciphertext.

Ciphertext-policy ABE (CP-ABE)

In the CP-ABE, the encryptor controls access strategy. The main research work of CP-ABE is focused on the design of the access structure.

Key-policy ABE (KP-ABE)

In the KP-ABE, attribute sets are used to describe the encrypted texts and the private keys are associated to specified policy that users will have.


Fully homomorphic encryption (FHE)

Fully homomorphic encryption allows computations on encrypted data, and also allows computing sum and product for the encrypted data without decryption.

Searchable encryption (SE)

Searchable encryption is a cryptographic system which offer secure search functions over encrypted data. SE schemes can be classified into two categories: SE based on secret-key (or symmetric-key) cryptography, and SE based on public-key cryptography. In order to improve search efficiency, symmetric-key SE generally builds keyword indexes to answer user queries.

Compliance

Numerous laws and regulations pertain to the storage and use of data. In the US these include privacy or data protection laws, Payment Card Industry Data Security Standard (PCI DSS), the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley Act, the Federal Information Security Management Act of 2002 (FISMA), and Children's Online Privacy Protection Act of 1998, among others.

Similar laws may apply in different legal jurisdictions and may differ quite markedly from those enforced in the US. Cloud service users may often need to be aware of the legal and regulatory differences between the jurisdictions. For example, data stored by a cloud service provider may be located in, say, Singapore and mirrored in the US.

Many of these regulations mandate particular controls (such as strong access controls and audit trails) and require regular reporting. Cloud customers must ensure that their cloud providers adequately fulfil such requirements as appropriate, enabling them to comply with their obligations since, to a large extent, they remain accountable.

Business continuity and data recovery
Cloud providers have business continuity and data recovery plans in place to ensure that service can be maintained in case of a disaster or an emergency and that any data loss will be recovered. These plans may be shared with and reviewed by their customers, ideally dovetailing with the customers' own continuity arrangements. Joint continuity exercises may be appropriate, simulating a major Internet or electricity supply failure for instance.
Log and audit trail
In addition to producing logs and audit trails, cloud providers work with their customers to ensure that these logs and audit trails are properly secured, maintained for as long as the customer requires, and are accessible for the purposes of forensic investigation (e.g., eDiscovery).
Unique compliance requirements
In addition to the requirements to which customers are subject, the data centers used by cloud providers may also be subject to compliance requirements. Using a cloud service provider (CSP) can lead to additional security concerns around data jurisdiction since customer or tenant data may not remain on the same system, or in the same data center or even within the same provider's cloud.
The European Union’s GDPR regulation has introduced new compliance requirements for customer data.

Legal and contractual issues

Aside from the security and compliance issues enumerated above, cloud providers and their customers will negotiate terms around liability (stipulating how incidents involving data loss or compromise will be resolved, for example), intellectual property, and end-of-service (when data and applications are ultimately returned to the customer). In addition, there are considerations for acquiring data from the cloud that may be involved in litigation. These issues are discussed in service-level agreements (SLA).

Public records

Legal issues may also include records-keeping requirements in the public sector, where many agencies are required by law to retain and make available electronic records in a specific fashion. This may be determined by legislation, or law may require agencies to conform to the rules and practices set by a records-keeping agency. Public agencies using cloud computing and storage must take these concerns into account.


Further reading

  • BS ISO/IEC 27017: "Information technology. Security techniques. Code of practice for information security controls based on ISO/IEC 27002 for cloud services." (2015)
  • BS ISO/IEC 27018: "Information technology. Security techniques. Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors." (2014)
  • BS ISO/IEC 27036-4: "Information technology. Security techniques. Information security for supplier relationships. Guidelines for security of cloud services" (2016)

External links