Ffirs.indd Ii 6/24/2010 2:47:19 PM - WordPress

2y ago
15 Views
2 Downloads
5.44 MB
388 Pages
Last View : 15d ago
Last Download : 2m ago
Upload by : Farrah Jaffe
Transcription

ffirs.indd ii6/24/2010 2:47:19 PM

Contents at a GlanceForewordxxiIntroductionxxiiiChapter 1Cloud Computing Fundamentals1Chapter 2Cloud Computing Architecture33Chapter 3Cloud Computing Software Security Fundamentals61Chapter 4Cloud Computing Risk Issues125Chapter 5Cloud Computing Security Challenges153Chapter 6Cloud Computing Security Architecture177Chapter 7Cloud Computing Life Cycle Issues217Chapter 8Useful Next Steps and Approaches259Glossary of Terms and Acronyms279References345Index349iffirs.indd i6/24/2010 2:47:18 PM

ffirs.indd ii6/24/2010 2:47:19 PM

Cloud Securityffirs.indd iii6/24/2010 2:47:19 PM

ffirs.indd iv6/24/2010 2:47:19 PM

Cloud SecurityA Comprehensive Guide to SecureCloud ComputingRonald L. KrutzRussell Dean Vinesffirs.indd v6/24/2010 2:47:19 PM

Cloud Security: A Comprehensive Guide to Secure Cloud ComputingPublished byWiley Publishing, Inc.10475 Crosspoint BoulevardIndianapolis, IN 46256www.wiley.comCopyright 2010 by Wiley Publishing, Inc., Indianapolis, IndianaPublished simultaneously in CanadaISBN: 978-0-470-58987-8Manufactured in the United States of America10 9 8 7 6 5 4 3 2 1No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means,electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive,Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressedto the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201)748-6008, or online at http://www.wiley.com/go/permissions.Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties withrespect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, includingwithout limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales orpromotional materials. The advice and strategies contained herein may not be suitable for every situation. This workis sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professionalservices. If professional assistance is required, the services of a competent professional person should be sought.Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization orWeb site is referred to in this work as a citation and/or a potential source of further information does not mean thatthe author or the publisher endorses the information the organization or Web site may provide or recommendationsit may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.For general information on our other products and services please contact our Customer Care Department within theUnited States at (877) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.Library of Congress Control Number: 2010930374Trademarks: Wiley, the Wiley logo, Wrox, the Wrox logo, Programmer to Programmer, and related trade dress aretrademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affi liates, in the United States and othercountries, and may not be used without written permission. All other trademarks are the property of their respectiveowners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.ffirs.indd vi6/24/2010 2:47:19 PM

I thank God for His greatest gift of all—my family.— Ronald L. KrutzDedicated to Elzy, for now and forever.— Russell Dean Vinesffirs.indd vii6/24/2010 2:47:19 PM

ffirs.indd ii6/24/2010 2:47:19 PM

ffirs.indd viii6/24/2010 2:47:19 PM

About the AuthorsRonald L. Krutz is a senior information system security consultant.He has over 30 years of experience in distributed computing systems,computer architectures, real-time systems, information assurancemethodologies, and information security training. He holds B.S.,M.S., and Ph.D. degrees in Electrical and Computer Engineeringand is the author of best selling texts in the area of information system security.He co-authored the CISSP Prep Guide for John Wiley and Sons and isco-author of the Wiley Advanced CISSP Prep Guide, the CISSP Prep Guide, GoldEdition, the Security Certification Guide, the CISM Prep Guide, the CISSP Prep Guide,2nd Edition: Mastering CISSP and ISSEP, the Network Security Bible, the CISSP andCAP Prep Guide, Platinum Edition: Mastering CISSP and CAP, the Certified EthicalHacker (CEH) Prep Guide, and the Certified Secure Software Lifecycle Prep Guide.He is also the author of Securing SCADA Systems and of three textbooks in theareas of microcomputer system design, computer interfacing, and computerarchitecture. Dr. Krutz has seven patents in the area of digital systems and haspublished over 40 technical papers.Dr. Krutz also serves as consulting Editor for John Wiley and Sons InformationSecurity Certification Series, is a Distinguished Visiting Lecturer in the Universityof New Haven Henry C. Lee College of Criminal Justice and Forensic Sciences,and is an Adjunct Professor in Midway College, Kentucky.Dr. Krutz is a Registered Professional Engineer in Pennsylvania.ixffirs.indd ix6/24/2010 2:47:19 PM

xAbout the AuthorsRussell Dean Vines has been in the information systems industryfor over 20 years, and has a unique ability to disseminate complexsecurity issues to a wider audience, from CEOs to home Internetsurfers.He is also the author or co-author of 10 previous books, including theCISSP Prep Guide, which reached #25 on Amazon’s best-sellerslist. He co-authored the Advanced CISSP Prep Guide, the CISSP Prep Guide, GoldEdition, the Security Certification Guide, the CISM Prep Guide, the CISSP PrepGuide, 2nd Edition: Mastering CISSP and ISSEP, the CISSP and CAP Prep Guide,Platinum Edition: Mastering CISSP and CAP, and the Certified Ethical Hacker (CEH)Prep Guide. He is also the author of Wireless Security Essentials, and ComposingDigital Music for Dummies.In addition to being a Certified Information Systems Security Professional(CISSP), Mr. Vines is a Certified Information Systems Manager (CISM), aCertified Ethical Hacker (CEH), certified in CompTIA’s Security program,and is a Payment Card Industry (PCI) Qualified Security Assessor (QSA). Russalso has vendor security certifications from RSA, Websense, McAfee, Citrix,VMware, Microsoft, and Novell, and has been trained in the NSA’s InformationAssurance Methodology (IAM).Mr. Vines is a frequent contributor to Web and trade publications; discusses Information Security Threats and Countermeasures as a member ofSearchSecurityChannel.com’s Ask the Experts panel, frequently speaks at industryevents such as Comdex and Networld Interop, and teaches CISSP, CEH, andWebsense classes.ffirs.indd x6/24/2010 2:47:19 PM

CreditsExecutive EditorCarol LongProject EditorEd ConnorTechnical EditorDavid ChapaProduction EditorDaniel ScribnerEditorial DirectorRobyn B. SieskyEditorial ManagerMary Beth WakefieldMarketing ManagerDavid MayhewProduction ManagerTim TateVice President and ExecutivePublisherBarry PruettAssociate PublisherJim MinatelProject Coordinator,CoverLynsey StanfordProofreaderNancy BellIndexerRobert SwansonCover DesignerRyan SneedCover Image istockphoto.com/GodfriedEdelmanVice President and ExecutiveGroup PublisherRichard Swadleyxiffirs.indd xi6/24/2010 2:47:20 PM

AcknowledgmentsI want to thank my wife, Hilda, for her support and encouragement during thewriting of this text.— Ronald L. KrutzI’d like to give a big shout-out to the gang at Gotham Technology Group, inparticular Ken Phelan, Joe Jessen, and Nancy Rand, for their assistance duringthis project. I’d also like to thank doctors Paul M. Pellicci and Lawrence Levinfor the rare gift of health. But my greatest thanks is reserved for my wife, Elzy,for her continuous and unwavering support throughout my life.— Russell Dean VinesBoth authors would like to express their gratitude to Carol Long and Ed Connorof John Wiley and Sons for their support and assistance in developing this text.xiiffirs.indd xii6/24/2010 2:47:20 PM

ContentsForewordxxiIntroductionChapter 1xxiiiCloud Computing FundamentalsWhat Cloud Computing Isn’tAlternative ViewsEssential CharacteristicsOn-Demand Self-ServiceBroadNetwork AccessLocation-Independent Resource PoolingRapid ElasticityMeasured ServiceArchitectural InfluencesHigh-Performance ComputingUtility and Enterprise Grid ComputingAutonomic ComputingService ConsolidationHorizontal ScalingWeb ServicesHigh-Scalability ical Influences18Universal ConnectivityCommoditizationExcess CapacityOpen-Source SoftwareVirtualization1819202122Operational InfluencesConsolidation2323xiiiffirs.indd xiii6/24/2010 8:00:45 AM

xivContentsOutsourcingOutsourcing Legal IssuesBusiness Process Outsourcing (BPO) IssuesIT Service ManagementAutomationChapter 2Summary31Cloud Computing ArchitectureCloud Delivery Models3334The SPI FrameworkSPI EvolutionThe SPI Framework vs. the Traditional IT ModelCloud Software as a Service (SaaS)Benefits of the SaaS ModelCloud Platform as a Service (PaaS)Cloud Infrastructure as a Service (IaaS)Cloud Deployment ModelsPublic CloudsCommunity CloudsPrivate CloudsHybrid CloudsAlternative Deployment ModelsThe Linthicum ModelThe Jericho Cloud Cube ModelExpected BenefitsFlexibility and ResiliencyReduced CostsCentralization of Data StorageReduced Time to DeploymentScalabilityChapter 59Cloud Computing Software Security FundamentalsCloud Information Security Objectives6162Confidentiality, Integrity, and oud Security abilityRelevant Cloud Security Design PrinciplesLeast PrivilegeSeparation of Dutiesffirs.indd xiv26262830316363646464646465666667676/24/2010 8:00:45 AM

ContentsDefense in DepthFail SafeEconomy of MechanismComplete MediationOpen DesignLeast Common MechanismPsychological AcceptabilityWeakest LinkLeveraging Existing ComponentsSecure Cloud Software RequirementsSecure Development PracticesHandling DataCode PracticesLanguage OptionsInput Validation and Content InjectionPhysical Security of the SystemApproaches to Cloud Software Requirements EngineeringA Resource Perspective on Cloud Software SecurityRequirementsGoal-Oriented Software Security RequirementsMonitoring Internal and External RequirementsCloud Security Policy Implementationand DecompositionImplementation IssuesDecomposing Critical Security Issues into Secure CloudSoftware RequirementsNIST 33 Security PrinciplesSecure Cloud Software TestingTesting for Security Quality AssuranceConformance TestingFunctional TestingPerformance TestingSecurity TestingCloud Penetration TestingLegal and Ethical ImplicationsThe Three Pre-Test PhasesPenetration Testing Tools and TechniquesRegression 879818586878990929499100103105111Cloud Computing and Business Continuity Planning/DisasterRecovery113DefinitionsGeneral Principles and PracticesDisaster Recovery PlanningBusiness Continuity PlanningUsing the Cloud for BCP/DRPffirs.indd xv1131141141171196/24/2010 8:00:45 AM

xviContentsRedundancy Provided by the CloudSecure Remote AccessIntegration into Normal Business ProcessesChapter 4Summary120Cloud Computing Risk IssuesThe CIA er Important ConceptsPrivacy and Compliance RisksThe Payment Card Industry Data SecurityStandard (PCI DSS)Information Privacy and Privacy LawsThreats to Infrastructure, Data, and Access ControlCommon Threats and VulnerabilitiesLogon AbuseInappropriate System UseEavesdroppingNetwork IntrusionDenial-of-Service (DoS) AttacksSession Hijacking AttacksFragmentation AttacksCloud Access Control IssuesDatabase Integrity IssuesCloud Service Provider RisksBack-DoorSpoofingMan-in-the-MiddleReplayTCP HijackingSocial EngineeringDumpster DivingPassword GuessingTrojan Horses and MalwareChapter 45146147148148148148149149149150150Summary151Cloud Computing Security ChallengesSecurity Policy Implementation153154Policy TypesSenior Management Statement of PolicyRegulatory PoliciesAdvisory PoliciesInformative PoliciesComputer Security Incident Response Team (CSIRT)ffirs.indd xvi1191201201541551551551551566/24/2010 8:00:45 AM

ContentsChapter 6Virtualization Security Management157Virtual ThreatsHypervisor RisksIncreased Denial of Service RiskVM Security RecommendationsBest Practice Security TechniquesVM-Specific Security TechniquesHardening the Virtual MachineSecuring VM Remote Access158163164165165169169172Summary173Cloud Computing Security ArchitectureArchitectural Considerations177178General IssuesComplianceSecurity ManagementInformation ClassificationEmployee TerminationSecurity Awareness, Training, and EducationTrusted Cloud ComputingTrusted Computing CharacteristicsSecure Execution Environments and CommunicationsSecure Execution EnvironmentSecure CommunicationsMicroarchitecturesIdentity Management and Access ControlIdentity ManagementPasswordsTokensMemory CardsSmart CardsBiometricsImplementing Identity ManagementAccess ControlControlsModels for Controlling AccessSingle Sign-On (SSO)Autonomic SecurityAutonomic SystemsAutonomic ProtectionAutonomic Self-HealingChapter 7ffirs.indd oud Computing Life Cycle IssuesStandards217218Jericho Forumxvii2186/24/2010 8:00:46 AM

xviiiContentsThe Distributed Management Task Force (DMTF)The DMTF Open Virtualization Format (OVF)The DMTF Open Cloud Standards IncubatorThe International Organization for Standardization (ISO)ISO 27001ISO 27002ISO 27003ISO 27004ISO 27005ISO 27006International Organization for Standardization/International Electrotechnical Commission ISO/IEC 29361, ISO/IEC 29362, and ISO/IEC 29363 StandardsDistributed Application Platforms and ServicesThe European Telecommunications StandardsInstitute (ETSI)The Organization for the Advancement of StructuredInformation Standards (OASIS)Storage Networking Industry Association (SNIA)Open Grid Forum (OGF)The Open Web Application Security Project (OWASP)OWASP Top Ten ProjectOWASP Development GuideOWASP Code Review GuideOWASP Testing GuideIncident ResponseNIST Special Publication 800-61PreparationDetection and AnalysisContainment, Eradication, and RecoveryPost-Incident ActivityNIST Incident-Handling SummaryInternet Engineering Task Force Incident-Handling GuidelinesLayered Security and IDSIntrusion DetectionIDS IssuesComputer Security and Incident Response TeamsCERT/CCFedCIRCForum of Incident Response and Security TeamsSecurity Incident Notification ProcessAutomated Notice and Recovery Mechanismsffirs.indd 0241242242243243244Encryption and Key Management246VM ArchitectureKey Protection CountermeasuresHardware Protection2462472486/24/2010 8:00:46 AM

ContentsSoftware-Based ProtectionData DeduplicationHashingRetirementVM Life CycleOverwritingDegaussingDestructionRecord RetentionData RemanenceDue Care and Due DiligenceDocumentation ControlChapter 8252252253254254255255255256256Useful Next Steps and ApproachesGetting Answers259259Getting HelpCloud Security AllianceCloud Computing Google GroupsCloud Computing Interoperability ForumOpen Cloud ConsortiumGetting StartedTop Ten List1. Assess Your Data’s Sensitivity2. Analyze the Risks vs. Benefits of Cloud Computing3. Define Business Objectives4. Understand the Underlying Structure of Your Network5. Implement Traditional Best Practice Security Solutions6. Employ Virtualization Best Practices7. Prevent Data Loss with Backups8. Monitor and Audit9. Seek Out Advice10. Employ DeceptionParting Wordsffirs.indd xix249250251SummaryWhat Services Should Be Moved to the Cloud?What Questions Should You Ask Your Cloud Provider?When Should You Use a Public, Private, or Hybrid 3274274275275276277277Glossary of Terms and Acronyms279References345Index3496/24/2010 8:00:46 AM

ffirs.indd xx6/24/2010 8:00:46 AM

ForewordWhenever we come upon something new, we try to understand it. A good wayof understanding new things is to look for something from our experience thatcan serve as a metaphor. Sometimes this process works well, sometimes not.Computer security has long labored under the metaphor of physical security.It stands to reason that we would assume that millennia of experience withkeeping physical assets safe would serve us in keeping digital assets safe as well.Much of our thinking in computer security has therefore been concernedwith putting important things someplace “safe” and then controlling access toit. I distinctly recall a conversation with a security analyst at the beginning ofthe PC network era. When asked how to ensure the security of data on a PC,he said, “Simple. Put the data on the PC. Put the PC in a safe. Put the safe at thebottom of the ocean.”We have been challenged over the years with coming up with safe places thatallowed access. We have been challenged with even figuring out what “safe”might mean in a world where risks could come from anywhere, including insideour own organizations.In today’s world, the physical security metaphor continues to deteriorate. We’veall seen a movie or TV show where some critical piece of data becomes key tothe plot. The location of the next terrorist attack is kept on a single USB that issubject to theft, deterioration, or any other number of physical ills designed toincrease the drama. That is simply not the nature of data. Data is viral. Wheredid this data come from? It was never on a hard drive? No one ever emailedanybody about the attack? Can’t somebody plug the damn key in and make aYouTube video about it so that everyone can see it?As we move to this new era of cloud computing, the last vestiges of ourphysical world metaphors are swept way. We need to understand data accessxxiffirs.indd xxi6/24/2010 8:00:46 AM

xxiiForewordand validation in a new way — perhaps in the way they should have beenunderstood all along. Data security needs to be understood as something new,requiring new and innovative solutions.Security professionals are perhaps rightfully overwhelmed by this challenge.Despite increased spending, the average firm finds itself less secure than it wasfive years ago. Advancements in security tools and techniques have not keptpace with risks and attack vectors. How can the security community respond tothese ever-increasing threats when the additional requirements of virtualizationand agility drive data assets up into a nebulous “cloud”?One thing we do know for sure: Security will not drive or control this change.Any business requirement for lower costs and increased agility of cloud computing will eventually rule the day. Security professionals have attempted toslow the growth of several technology initiatives over the years in an attemptto control the risks. E-mail, instant messaging, and web browsing are somethat come to mind immediately. We know from past experience, however, thatimplementing appropriate controls generally works far better than attemptingto simply stop these initiatives.As security professionals, it is incumbent on us to generate innova

ffirs.indd iv 6/24/2010 2:47:19 PM. Cloud Security A Comprehensive Guide to Secure Cloud Computing Ronald L. Krutz Russell Dean Vines ffirs.indd v 6/24/2010 2:47:19 PM. Cloud Security: A Comprehensive Guide to Secure Cloud Computing Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard

Related Documents:

FFIRS.indd ii 6/2/11 12:34:44 PM. Corporate Governance FFIRS.indd i 6/2/11 12:34:44 PM. FFIRS.indd ii 6/2/11 12:34:44 PM. Corporate Governance Fifth Edition Robert A. G. Monks and Nell Minow FFIRS.indd iii 6/2/11 12:34:44 PM. This edition fi rst published in 2011

ffirs.indd i 11/12/12 12:25 PM. ffirs.indd ii 11/12/12 12:25 PM. LPIC-1 Linux Professional Institute Certification Study Guide Third Edition Roderick W. Smith John Wiley & Sons, Inc. ffirs.indd iii 11/12/12 12:25 PM. Senior Acquisitions Editor: Jeff Kellum Development Editor: Alexa Murphy

ffirs.indd i 11/12/12 12:25 PM. ffirs.indd ii 11/12/12 12:25 PM. LPIC-1 Linux Professional Institute Certification Study Guide Third Edition Roderick W. Smith John Wiley & Sons, Inc. ffirs.indd iii 11/12/12 12:25 PM. Senior Acquisitions Editor: Jeff Kellum Development Editor: Alexa Murphy

ffirs.indd ii 2/11/09 9:12:06 AM. SCJP Sun Certified Programmer . ffirs.indd vii 2/11/09 9:12:08 AM. ffirs.indd viii 2/11/09 9:12:08 AM. Contents at a Glance Introduction xvii Assessment Test xxiv Chapter 1 Fundamentals 1 Chapter 2 Declarations, Initialization, and Scoping 77

ffirs.indd ii 8/9/12 2:02 PM. . ffirs.indd xi 8/9/12 2:02 PM. ffirs.indd xii 8/9/12 2:02 PM. . Understanding the Structure of perldoc 11 Getting Started with perldoc 11 Using Tutorials and FAQs 12 Using the perldoc -f function 14 Using a Terminal Window 14 Using the Command Line 15 Creating a Work Directory 16

ffirs.indd ii 7/24/09 8:52:41 PM. ffirs.indd vi 7/24/09 8:52:44 PM. vii Contents . Chapter 11 Mr. Outside versus Mr. Inside versus the SEC 145 ftoc.indd vii 7/24/09 8:52:58 PM. viii CONTENTS Chapter 12 Life inside the Madoff Piggy Bank, Flashing the Plastic, and Losing the Farm 159 Chapter 13 A Family (and Sometimes an Offi ce) .

ffirs.indd ii 29/12/11 2:41 PM. Pass port to Profi ts fffirs.indd ifirs.indd i 119/01/12 2:38 PM9/01/12 2:38 PM. fffirs.indd iifirs.indd ii 119/01/12 2:38 PM9/01/12 2:38 PM. Passport to Profi ts Why the Next Investment Windfalls Will Be Found Abroad and How to Grab Your Share Revised and Updated .

ffirs.indd ii 1/6/11 10:36:33 AM. For my wife— a heroic woman whose patience and wisdom are without equal. ffirs.indd iii 1/6/11 10:36:34 AM. ffirs.indd iv 1/6/11 10:36:34 AM. v Contents Preface vii Experience Level Rating System (EL) ix Chapter 1 The Big Business of Penny Stocks 1