[email protected] | nectar.org.au NECTAR TRAINING Module 8 Security.

[email protected] | nectar.org.au

NECTAR TRAINING

Module 8

Security

Security

Is cloud computing safe?

What are the common security concerns, and how justified are they?• Introduction to key security issues, dangers and

consequences when running a virtual machine in the cloud.• Practical advise for making your machine secure.• Introduction to data encryption

• incl. worked examples.

Security concerns

• Common perception: cloud computing poses a whole lot of new risks.

• But in fact, security is often as good as or better than in traditional systems—the cloud infrastructure is professionally managed.

• More trust is needed in the administrators of cloud computing infrastructure!

Security concerns

• Perhaps the biggest security concern among cloud computing customers is data loss.

• However, figures show that internal security breaches are actually not among the main causes for data loss:

21% Hardware failure

19% Software failure

18% Human error / accident

15% Corruption

7% Theft

7% Internal security breach

6% External security breach

5% Natural disaster Source: The Databarracks 2014 Data Health report

Security concerns

• Let’s say you can trust your cloud provider in ensuring the best protection against software and hardware failures.

• This still leaves one very important factor in keeping your virtual machine and data safe: yourself!

• You also share responsibility for ensuring the security of your virtual machine and data.

• This module will talk about all important things you need to know to make your virtual machine secure.

Main threats

• Cyber attack.• Includes use of malware, DDoS attacks, phishing, fraud and

exploitation of software vulnerabilities.• Protection from the provider: Protection measures like firewalls,

Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or Network Access Control (NAC)

• Protection from you: Be careful which software you install, and only free up necessary ports in the firewall rules.

Main threats

• Access to your data• The cloud provider can potentially access the data that is on the

cloud at any time. • They can even be obliged to share information with third parties

if necessary for purposes of law and order, even without a warrant.

• Protection from you: Encrypt your sensitive data.

Main threats

• Data loss & leakage / Risks of multi-tenancy• data belonging to different customers can reside on the same server• Risks of multi-tenancy:

• “Noisy neighbours” take up resources• Data leakage between tenants• flaws in one client’s application could allow an attacker access to another

clients data.

• Protection from provider: good protection software and setting it up securely.

• Protection from you: Encrypt your sensitive data; keep off-line backups of your data; securely erase storage when releasing it.

Main threats

• Hardware failure and data loss• When hardware fails, the state of the VM and data may be lost.• Protection from the provider: Create separate backups of all

hard-drives. • NeCTAR uses RAID systems on most storage types, but: “all care

taken, no guarantees given”: you have to do your own backups.

• Protection from you: Backup your data and VM at regular intervals

Main threats

• Access security: Authentication, access control and data encryption: How secure are the services?• Protection from the provider: Data encryption and complete

deletion of resources which have been released.• Protection from you:

• Access your services via secure connections only. • Never share your private key with anyone!• Encrypt your sensitive data. • Request complete removal of your data.

Main threats

• Data ownership• Legal ownership of the data is widely considered a risk as well. • However NeCTAR never lays claims on ownership of your data.

• Malicious insiders• a current or former employee, contractor, or other business partner who

has or had authorized access and and intentionally misuses that access

• Availability / Lack of Internet: Service interruptions• Protection from the provider: Ensure service availability best as possible.• Protection from you: Choose a reliable Internet Provider.

Main threads

• Insufficient knowledge• Human error: knowledge about the potential issues and risks is

required to mitigate them.• Protection by you: Pay attention in this Module and you will have

the required knowledge to protect your resources adequately.

VM-specific vulnerabilities

Most VM specific vulnerabilities stem from the hypervisor. Fortunately, these security concerns can be addressed effectively in a well-managed cloud like NeCTAR.• Hyperjacking

• modifying the hypervisor to be malicious, or inserting a malicious hypervisor (a “rogue” hypervisor)

• VM Escape• A malicious program manages to “escape” out of a virtual machine and

compromising the hypervisor.

• VM Theft• Theft of a virtual machine file electronically

VM-specific vulnerabilities

• What you can do to ensure protection:• Install an Anti-Virus protection software• Regularly update your VM’s operating system

Security benefits of the Cloud

• Abstraction• hardware abstraction and isolation of the VM makes unauthorized access on the

physical machine (and manipulating it) more difficult.

• State restore• It is easy to restore the state of a virtual machine, and return to a state prior to an

attack or data loss.

• External monitoring• The hypervisors runs outside the virtual machine and may also monitor for

malware (in addition to the anti-virus on the VM).

• Transience• An advantage of a VM is that it may be started remotely only when they are

needed, decreasing time window for an attack.

Security benefits of the Cloud

• Simplicity of Hypervisors• Hypervisors are much simpler than traditional operating systems, and are

therefore much easier to secure. • This makes it easier for software developers to minimize bugs and

vulnerabilities.

• Off-premise data storage• Storing your data off-premise makes it harder for someone to steal it: they

would have to break into the data center and identify the physical hard-drive.

• Data availability• Object storage has great performance and data integrity.

Summary of your responsibilities

• Install an Anti Virus Protection on your instance.• Regularly update your VMs operating system to get

the newest security updates.• Only free up necessary ports in the firewall rules.• Do not install potentially harmful software on your VM.• Encrypt sensitive data on the cloud storage to prevent

unauthorized access.• Regularly back up your data (see Module 9).

Summary of your responsibilities

• Securely erase all data when you release your storage resources (see Module 9)

• Always choose secure passwords! And never share your passwords or private ssh keys with anyone.

• Be aware of the risks: information given in this Module helps you to avoid potential security problems.

• [optional] Keep off-line backups of your important data – however only do this if you can store the backups at a safe place.

Cloud Deployment Models

• Private cloud• Owned by one organization (infrastructure on or off premises).

• Public cloud• Computing services are publicly accessible over the Internet.

• Hybrid cloud• employing both private and public infrastructures.• Using private infrastructure for sensitive data or processes only.

• Community cloud• Shared by multiple organizations with common concerns.

Cloud Deployment models

• Private clouds are regarded as more secure because they provide more control over the data and equipment. • However: setting up a private cloud infrastructure comes at a

significant expense.

• A public cloud is instead more flexible and is often a more affordable investment.• However: control of the cloud infrastructure is in the hands of the

cloud provider.• It is actually often safer to use cloud services which offer a well-

managed infrastructure!

File and Volume Encryption

• We can broadly distinguish two types of file encryption: 1. encrypting an entire volume and

2. encrypting individual files.

• Why encrypt the data?• While access to your Object Store is secured with your OpenStack

credentials, the transfer of your files via the network is not necessarily secure (unless you explicityl use a secure client).

• Use per-file encryption

• To protect your data on a Volume against data breaches• Use volume encryption

File encryption

• Some tools for per-file encryptions include• GnuPG• AESCrypt• Encrypted zip files

• Beware the standard zip encryption scheme which is not secure!

• On a Mac: Disk utility

• In this course we will learn how to use GnuPG.• The On-Line Documentation provides more information

about the other tools, incl. links to further documentation.

File encryption

• GnuPG:• GnuPG is an implementation of Pretty Good Privacy

(PGP). PGP has excellent security.• GnuPG is open-source and accessible through a variety

of different clients and tools.• You will have to generate a key pair to use GnuPG.

• You need to keep your private keys and passphrases secure!

File encryption

Exercise 1: Create a GnuPG key pair.

Windows:

Install GpgForWin www.gpg4win.org. Make sure Kleopatra is checked.

Kleopatra File New Certificate

Mac OSX:

Download & Install from www.gnupg.org

Open “GPG Keychain”, click on “New” to generate key.

Linux (Ubuntu):

$ sudo apt-get install gpnupg$ gpg --gen-key

File encryption

Exercise 2: Encrypt / decrypt a file with GnuPG.

Windows:

Right-click on file in the Windows explorer.

Select Sign and encrypt.

(Decrypt and Verify to decrypt)

Select your key and click “Add”, then “Encrypt”, and finally “Finish”.

Mac OSX:

Right-click on file in the Finder.

Select Services OpenPGP: Encrypt file

(OpenPGP:Decrypt to decrypt)

Select the key and click “Ok”.

Linux (Ubuntu):Encrypt: $ gpg --output <encr-file.gpg> --encrypt --recipient <user> <file-to-encrypt>Decrypt: $ gpg --output <decr-file.gpg> --decrypt <file-to-decrypt>

Volume encryption

• In Module 7, we have mounted our 2ndary ephemeral drive and a volume, so that we can access it from the instance.

• Disks which are mounted on the instance are suitable for Volume Encryption.

• You may encrypt the whole block of storage with all files on it.• You may think of volume encryption as happening in the

background: You unlock the drive once with the password, then use the drive as usual. • The OS takes care of automatic encryption and decryption in the

background.

Volume Encryption

• While security is added, be aware of new risks introduced:• If you ever forget your password, access to your data will be lost

forever.• It may also introduce difficulties with manual data recovery.• You can only unlock your drive using the same encryption

algorithm/tool.• Performance of reading and writing to your Volume will degrade

with the encryption.

Volume Encryption on Ubuntu

• The next exercise will go through the steps required to encrypt your Volume storage on your Ubuntu instance.

• We will use a standard procedure on Linux to encrypt drives with the Linux Unified Key Setup (LUKS).

• Doing the exercise will erase all data on the volume! If you have any files on it, make sure to back them up first.

Volume Encryption on Ubuntu

Exercise 3: Set up Volume Encryption.

$ sudo lsblk -l to find out your device name (say it is vdc)

$ mount | grep vdc and unmount the device if it is mounted:$ sudo umount /dev/vdc$ sudo apt-get install cryptsetup $ sudo modprobe dm-crypt$ sudo cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 -y /dev/vdc$ sudo cryptsetup luksOpen /dev/vdc MySecureDrive$ sudo mkfs.ext4 /dev/mapper/MySecureDrive$ sudo mkdir /MyMountedDrive$ sudo mount /dev/mapper/MySecureDrive /MyMountedDrive

Volume Encryption on Ubuntu

Exercise 4

Release the drive:

$ sudo umount /MyMountedDrive $ sudo cryptsetup luksClose MySecureDriveTo re-enable encryption:

$ sudo cryptsetup luksOpen /dev/vdc MySecureDrive $ sudo mount /dev/mapper/MySecureDrive /MyMountedDrive

Closing note

Well done!

You now • are aware of general security concerns in the cloud,• know how risks can be mitigated and• know how to encrypt your data

The next Module will show more practical steps involved for securing your resources:

• Backing up your data and VM, and • Cleaning up after releasing your resources.