Defining Identity Management Systems and Maturity Models. Despite the potential that Cloud Computing has for revolutionizing every aspect of the software industry, there are significant shortcomings in the area of security and risk assessment and mitigation. The basic value proposition of Cloud Computing is that by leasing applications online, companies have the potential to significantly reduce their operating costs. What is not often pointed out however is the fact that identity management on Cloud Computing platforms is still in its nascent or very embryonic stages. Often identity management systems fail to fully protect all assets of a given Cloud Computing platform as role-based access has yet to be defined and implemented. Lacking is a protocol stack of Cloud Computing Identity Management and a maturity model to assist organizations in assessing their relative levels of risk. The intent of this analysis is to provide the frameworks for both the protocol stack and maturity model for Cloud Computing platforms.
Trang 1Assessing the Risks and Opportunities of Cloud Computing – Defining Identity Management Systems
and Maturity Models
R.PalsonKennedy Research Scholar, A.P, RREC
Anna University, Chennai-95, India
palsonkemmedy@yahoo.co.in
T.V.Gopal Dept of CSE CEG,Anna University, Chennai-25, India
Abstract— Despite the potential that Cloud Computing has for
revolutionizing every aspect of the software industry, there are
significant shortcomings in the area of security and risk
assessment and mitigation The basic value proposition of
Cloud Computing is that by leasing applications online,
companies have the potential to significantly reduce their
operating costs What is not often pointed out however is the
fact that identity management on Cloud Computing platforms
is still in its nascent or very embryonic stages Often identity
management systems fail to fully protect all assets of a given
Cloud Computing platform as role-based access has yet to be
defined and implemented Lacking is a protocol stack of Cloud
Computing Identity Management and a maturity model to
assist organizations in assessing their relative levels of risk The
intent of this analysis is to provide the frameworks for both the
protocol stack and maturity model for Cloud Computing
platforms
Keywords- Cloud computing,Risk,Security,IMS
I INTRODUCTION
A Assessing Cloud Computing
The collection of technologies that comprise the Cloud
Computing platforms being sold as services today have been
in existence for decades as the basis of enterprise systems
and platform deployments Specifically including
integration platforms including Enterprise Application
Integration (EAI), networking platforms and products and
servers, and strong reliance on TCP/IP, with the inclusion of
data center virtualization algorithms to ensure their
scalability, Cloud Computing platforms are an outgrowth of
enterprise-wide networks that had been created in previous
decades
Despite how time-tested these core components are, the
relatively recent developments in Web-based application
development have created security vulnerabilities at the
application and also at the service provider level Given how
cloud providers must integrate disparate, often conflicting
database together to create a multi-tenancy platform the
tendency to cut corners and do AJAX-based scripting that
exposes an entire application online has been known to
occur The underlying technologies are fundamentally sound
yet the cloud providers in many cases are not taking all necessary
Precautions in creating multi-tenancy and secured client locations on their servers Often organizations contracting with cloud providers may be attracted to the very low prices offered for hosting yet have no idea of the risks and potential security lapses that could result due to the providers’ unwillingness to invest in adequate Web-based security Studies indicate the plummeting prices of Cloud storage and application hosting are partially driven by the cost reductions made possible by cutting corners on security To have an appreciation of the trade-offs being made from a security standpoint, it is imperative to understand the levels or fundamental structure of Cloud Computing Fig 1 presents the structure with Infrastructure-as-a-Service (IaaS) at the bottom of the protocol stack, as this is the foundation on which Cloud-based platforms are built IaaS is comprised of those technologies which have the greatest number of years
in use and as a result many of them have advanced security and encryption algorithms associated with them Servers, networking, data centers and storage including storage area networks (SANs) have advanced authentication and verification technologies associated with them, many in single-instance installation
Figure 1: Fundamental Structure of Cloud Computing
Trang 2The use in multi-instance or multi-tenant architectures is
still being defined through the rapid maturation of the Cloud
Computing industry The build-out of Cloud Computing
platforms from Infrastructure as a Service (IaaS) to Platform
as a Service (PaaS) is based more on scalable databases,
middleware, Web 2.0 applications and Java runtime
applications in addition to AJAX programming techniques
and applications This is the layer that has security
vulnerabilities inherent within it from the standpoint of
development languages meant more for single-instance,
relatively light duty cycle applications instead of
multi-tenant, in-depth application development As a result it is
very common in security audits to finding scripting attacks
launched at servers in this area with attacks being successful
in impersonating administration and user accounts Java
runtime applications are often designed with the assumption
of open collaboration across groups and therefore default to
shared resources across networks This is potentially
disastrous in a Cloud Computing platform as it opens up all
the data in the hosted application and its databases
The top layer of the structure of Cloud Computing is the
Software-as-a-Service (SaaS) layer This is the layer that
includes business process management (BPM) extensive
collaboration and social networking applications including
Facebook, Twitter (Vijayan, et.al.) and others, and thousands
of industry and enterprise applications as well These are the
most susceptible areas to hackers as often developers, in the
rush to get social networking applications out and be the next
Facebook or Twitter, fail to ensure enough security
guidelines and safeguards are in place The many security
problems Twitter has had, from their internal servers being
hacked and celebrities’ username and passwords posted to
the Internet to their site being hijacked by hacker groups
loyal to the Iranian government all illustrate how porous this
level of the SaaS model Twitter has been a very vocal
proponent of free speech in Iran and has as a result been
attacked by loyalists to that nation and industry observers
suspect the government itself Facebook has often been
hacked as well, as have been many other social networking
sites Despite assurance to the contrary, SaaS-based
applications are easily hacked into and taken over as the case
of the Iranian loyalists gaining complete control over Twitter
for a full day before the start-up could regain control of their
site SaaS-based applications are fraught with risk due to the
use of development technologies originally meant for single
use, not multi-tenant platforms
B Protocol Stack
What is missing from Cloud Computing security
platforms today is a unified protocol stack that can integrate
access management, administration, provisioning, and Web
Services into a single, unified platform Integrating together
these concepts into single contiguous platform architecture
has the potential to deliver greater scalability and
performance for Cloud based applications and platforms
Fig.2, Protocol Stack for Cloud Computing Identity
Management shows how each of these components can be
integrated together for Based on analysis and interpretation
of the following sources: (Cuppens, Cuppens-Boulahia,
2008) (Das, Echambadi, McCardle, Luckett, 2003) (Gupta, Roth, 2007)(Ray, Stoica, Farkas, 2004) (Swart, Marshall, Harris, Forcht, Olsen, 2005) (Vijayan, 2007)
Using the Protocol Stack for Cloud Computing Identity Management to analyze the levels of maturity within Cloud services providers, analyzing existing research and best practices in identity and role-based management, the following Cloud Computing Identity Management Maturity Model has been designed (Table-1)
Figure 2: Protocol Stack for Cloud Computing Identity Management Systems
TABLE I C LOUD C OMPUTING IMMM
Trang 3The stages range from 0 that signify isolated silos, to Stage 1
for Central Administration, Stage 2 for user self-service,
stage 3 for role-based access control and stage 4 for
integrated user management Based on analysis of the
following sources: (Das, Echambadi, McCardle, Luckett,
2003) (Saltzman, 2006) (Swart, Marshall, Harris, Forcht,
Olsen, 2005) Characteristics and results are shown for each
of these specific stages of the maturity model Additional
studies suggest that the development of pilots for AJAX and
XML security integration in the Cloud coupled with support
for Web Services increases the pace of maturity in this
model
II MULTI-TENANCY ANALYSIS
A Paper Thin Walls of the SaaS Community
The concept of multi-tenancy states that an application is
used equally across a series of users, each receiving
comparable or equitable levels of responsiveness and
bandwidth through the use of the Tenant Load Balancer
Figure 3, Maturity Levels in Tenancy Design illustrates the
progression of the SaaS industry from single-tenant to full
multi-tenant Beginning with Level 1 which is fully
single-tenant, shows a one-for-one correspondence between the
application in use on the SaaS platform and the user
requesting it This does not scale well from a performance
or security standpoint, and is primarily the architecture that
led to the Application Service Provider (ASP) market
quickly transitioning to the OnDemand or Level 3 The
essence of Level 3 is that it is a configurable multi-tenant
architecture that has the functional ability to scale to
individual users’ needs without sacrificing speed Level 4 is
state-of-the-art today and uses constraint-based technologies
for ensuring optimal application performance over time As
can be seen from Fig 3, the use of a Tenant Load Balancer
can significantly increase the profitability of a service
provider, as their investment in a single application can be
scaled across many different users concurrently with no
degradation in performance Multi-tenancy gets much
mention as the core of the SaaS architecture yet as with
many areas of Cloud Computing, definitions vary by who is
giving them
For hardware vendors the virtualization aspects of Cloud Computing as it relates to running a full 128-bit multithreaded Tenant Load Balancer complete with algorithms for virtualizing servers and minimizing disk and memory latency times through caching
Conversely software-based definitions of Cloud Computing concentrate on the multi-tenancy aspects as it relates to speed improvements using AJAX, J2EE- and RISC-based programming languages that can be optimized for use over XML networks (Formica, et.al.) A third group concentrates their definition of Cloud Computing on the services and interprocess communication that is possible using these applications and the underlying XML networks Inherent in their definition is the assumption that Service-Oriented Architectures (SOA) (English, 16) will eventually dominate on Cloud-based platforms (Young, Madans, 147) The assumption of scalability from the infrastructure through application to presentation layer of the Cloud Computing model is made in this definition of the concept The use of XML as a scalable network for ensuring integration across these platforms has proven to be highly effective from a performance and cost standpoint as well (Formica, 241, 242) Unifying all of these definitions is the common thread of Cloud Computing being a platform that comprises a series of dynamically scalable shared resources that can be metered
by use or computing resources taken per task What each of them lacks however is a unified definition of a security model that is consistent with each other The hardware security model is purely based on virtualization algorithms being developed to allow for 128-bit to 512-bit encryption; it
is very hardware centric The software security model is based more on authentication and validation of identities including attempts to impersonate and gain access as administrator or power user than on locking down the hardware or even the XML network Finally the services definition of Cloud Computing is more focused on the business process integration areas of the architecture than anything else In short there is no unified, single security model for Cloud Computing that unifies these attributes and that presents a significant risk
III RISK IMPLICATIONS
A RI of Public, Private and Hybrid Cloud Computing Platforms
In conjunction with the lack of a single security model across the hardware, software and services aspects of Cloud Computing there are also a corresponding lack of security guidelines and consistency in the area of authentication, security and encryption across the emerging areas of Private Clouds, Public Clouds and a Hybrid Cloud Fig 4 compares these different infrastructures at a definitional level The lack of a consistent security models across all of these Cloud types is also leading to confusion and the very high risk of one customer being able to see another’s data in a Private or Hybrid Cloud for example The Amazon Web Services platform, designed with application tools predicated on social networking design objectives of being purely collaborative and egalitarian by default share every data
Figure 3: Maturity Levels In Tenancy Design
Trang 4element in an Amazon Web Services account This has led
to users being able to see other user’s information and the
ability to even run reports in other’s Amazon Web Services
Accounts (Siegel, et.al.) Clearly there is significant room
for improvement in how individualized user accounts are
managed
Amazon is one of the largest and most well-respected cloud
services providers globally as well With their financial
support from Amazon.com one wonders how other smaller
cloud services providers are managing these costs and the
tradeoffs for security
IV CLOUD SECURITY &RISK
A Strategies To Mitigate Cloud Security Risk And Ensure
Security
There have been admittedly few security models that
span the entire breadth of the Cloud Computing
Infrastructure stack The one that has been most consistently
evaluated and applied of the new is the Confidentiality,
Integrity and Availability (CIA) Model (Brynko, et.al 3)
The essence of this model is a focus on balancing the triad
objectives of confidentiality, integrity and availability
(Ashford, 3) The definitions of each of these components
are as follows Confidentiality is defined as the ensuring that
information is not disclosed to unauthorized persons
Integrity is defined within this model as ensuring that
information held in a system is an accurate and proper
representation of the data intended and that it has not been
modified or changed by anyone unauthorized to edit or copy
it (Ashford, 3) Third, Availability is defined through the
ensuring that information processing resources are
immediately cut off and discontinued for malicious attacks
underway on a SaaS or Cloud Computing platform (Ashford,
3) These three form the triad of the model with
non-repudiation being the ensuring that agreements made
electronically be audited and proven over time (Ashford, 3)
(Brynko, et.al.)
Given the dearth of models specifically focused on Cloud
Computing security this one has been adopted and used as
the foundation of system and entire cloud provider audits
(Ashford, 3) in addition to fall-back planning in the event of
a malicious attack on a Cloud Computing services provider (Zimski, et.al 34.) In addition the use of the triad model has also been used as part of Service Level Agreements (SLAs) that service providers use as their primary contracts with customers In fact given the magnitude of the recent security gaffe at Amazon Web Services (Siegel, et.al 26,27.) the focus is more than ever on applying services metrics of performance to the attainment of high security levels for Cloud-based applications (Zielinski, et.al 33.) Cloud computing has in fact entered an entirely new era where contract management and the use of SLAs to guarantee security and define stiff penalties and fines if data and applications are not kept safe has arrived (Burge, et.al.) In fact CIOs are now being advised to get their legal team involved in the very beginning negotiations with Cloud Computing vendors to ensure that data and applications are protected under contract as well (Nash, 34) Clearly litigation will be an issue if data and applications are compromised on the Cloud Computing platform in the coming years Organizations are in fact taking the necessary steps to protect their information assets online despite claims
of perfect security on Cloud Computing providers’ platforms
Another significant factor in the adoption of the Confidentiality, Integrity and Availability (CIA) Model (Brynko, et.al.) is the decision by Cloud Computing early adopters to move their legacy applications online (Brodkin, et.al 2.) The decision to move legacy applications to the Cloud is one that has inherent cost advantages yet very significant risks due to the many integration links to legacy data, some in an organizations’ databases requiring open access to cloud providers’ via XML (Garakanidze, 19) The integration aspects of legacy applications being moved to the cloud is one of the riskiest from a security standpoint there is (Lamont, et.al.) CIOS who are given the task of deciding which applications will move to a Cloud Platform and when are often first to point to security concerns and the need for continual auditing of the chosen provider’s site (Creeger, 6)
B Information Security
Security related to the information exchanged between different hosts or between hosts and users This issues
pertaining to secure communication, authentication, and issues concerning single sign on and delegation Secure
communication issues include those security concerns that arise during the communication between two entities These include confidentiality and integrity issues Confidentiality indicates that all data sent by users should be accessible to only “legitimate” receivers, and integrity indicates that all data received should only be sent/modified by “legitimate” senders
Solution: public key encryption, X.509 certificates, and the
Secure Sockets Layer (SSL) enables secure authentication and communication over computer networks
V CONCLUSION
Cloud computing has a significant cost advantage over
Figure 4 : Comparing Public, Private and Cloud Computing Platforms
Trang 5traditional enterprise software yet is fraught with risks
(Golden, 13) The intent of this analysis has been to present
the fundamentals of cloud computing, how they are changing
quickly into public, private an hybrid clouds and the
implications on organizations over time Foremost among
all of these trends is the fact there is not a single unified
security model that can in depth define each aspect of a
cloud for security level validation The role of the CIO is
then becoming more of a validator of what cloud computing
vendors claim to have in terms of security versus what they
actually do (Creeger, 6)
REFERENCES [1] Ashford, W "Cloud presents security fix, not failure " Computer
Weekly 3
[2] Brodkin, J "Moving legacy applications to the Amazon cloud "
Network World 21 Sep 2009:
[3] Brynko, B "Cloud Computing: Knowing the Ground Rules "
Information Today 1 Nov 2008
[4] Burge, D "The legal risks of cloud computing " Computer Weekly 1
Sep 2009:
[5] Chowdhury, N., and R Boutaba "A survey of network virtualization
" Computer Networks 54.5 (2010): 862
[6] Creeger, M "CTO Roundtable: Cloud Computing " Association for
Computing Machinery Communications of the ACM 52.8 (2009): 50
[7] Cuppens, F., and N Cuppens-Boulahia 2008 Modeling contextual
security policies International Journal of Information Security 7, no
4, (August 1): 285-305
[8] Samar Das, Raj Echambadi, Michael McCardle, Michael Luckett
2003 The Effect of Interpersonal Trust, Need for Cognition, and
Social Loneliness on Shopping, Information Seeking and Surfing on
the Web Marketing Letters 14, no 3 (October 1): 185-202
[9] English, J "The Future of Cloud Computing Is the Recent Past of
SOA for the Software Life Cycle " Database Trends and Applications
[10] Formica, "Similarity of XML-Schema Elements: A Structural and
Information Content Approach " The Computer Journal
51.2(2008):240-254
[11] Forte, D "Application delivery: pros and cons both virtual and real "
Network Security 2009.12 (2009): 18
[12] Avtandil Garakanidze "Moving Data to Enterprise Clouds :Data
clouds reduce cost and complexity of storing data, but introduce
latency and migration challenges; virtualization can help ensure
continuous interoperability " Information Management: 7a 19.(2009)
[13] Golden, B "Cloud Computing: "Be Prepared" " EDUCAUSE
Review 44.4 (2009): 64
[14] Sushil Gupta, and Aleda V Roth 2007 Martin K Starr: A Visionary
Proponent for System Integration, Modular Production, and
Catastrophe Avoidance Production and Operations Management 16,
no 1, (January 1): 1-12
[15] John Harney 2006 SOA tools-virtually bridging the legacy divide Part 2 KM World, March 1, 18,20-21
[16] Katzan, H., and W Dowling "Software-As-A-Service Economics " The Review of Business Information Systems 14.1 (2010): 27-37
[17] Kroeker, K "The Evolution of Virtualization " Association for Computing Machinery Communications of the ACM 52.3 (2009): 18 [18] Lamont, J "SaaS: integration in the cloud " KM World 1 Jan 2010: [19] Messmer, E "Is virtualization safe? Views within IT differ " Network World 22 Dec 2008:
[20] Kim S Nash "Legal Quandaries in the Cloud :Cloud computing offers tempting affordability, but legal quandaries abound surrounding e-discovery Experts advise CIOs to ask questions of their vendors up front "
[21] Pinnow, A., and S Osterburg "A Capacity Supply Model for Virtualized Servers " Informatica Economica 13.3 (2009): 96-105 [22] Rai, S., and P Chukwuma "Security in a Cloud " The Internal Auditor 66.4 (2009): 21
[23] Matthew Saltzman 2006 How Safe is Web Security? OR-MS Today 33, no 4, (August 1): 8
[24] Siegel , Jonathan "User Ignorance Causes Cloud Security Leak; Accounts, Passwords Revealed " Read Write Web Read Write Web ,
31 March 2010 Web 31 March 2010
<http://www.readwriteweb.com/cloud/2010/03/user-ignorance-causes-cloud-security-leak-accounts-passwords-revealed.php>
[25] Soghoian, C "Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era " SSRN Working Paper Series 1 June 2009
[26] Andrei Stoica, and Csilla Farkas 2004 Ontology Guided XML Security Engine Journal of Intelligent Information Systems 23, no 3, (November 1): 209-223
[27] Richard S Swart, Bryan A Marshall, Matthew E Harris, Karen A Forcht, and David Olsen 2005 Dimensions of Network Security Planning For Web Services Journal of Information Privacy & Security 1, no 1, (January 1): 49-66
[28] Jaikumar Vijayan 2007 Researchers Warn of AJAX Security Risks Computerworld, August 6, 12
[29] Vijayan, J "Twitter Breach Revives Cloud Security Fears "Computerworld 3 Aug 2009:
[30] Walsh, P "The brightening future of cloud security " Network Security 2009.10 (2009): 7
[31] Winans, T., and J Brown "Moving Information Technology Platforms
To The Clouds: Insights Into IT Platform Architecture Transformation " Journal of Service Science 2.2 (2009): 23-33
[32] Young, D., and P Madans "XML: Why Bother? " Publishing Research Quarterly 25.3 (2009): 147
[33] Zielinski, D "Be Clear on Cloud Computing Contracts " HRMagazine 1 Nov 2009:
[34] Zimski, P "A storm is brewing for cloud security " Computer Weekly27Oct.2009: