Security Considerations for Cloud Computing (Part 2)

by [Published on 7 March 2012 / Last Updated on 7 March 2012]

In this article, we'll introduce the idea of thinking about private cloud security within the context of each of the five essential characteristics that define a cloud-based solution.

If you would like to read the other parts in this article series please go to:

Introduction

In the first part in this series on private cloud security, we went over what makes up a private cloud. Many people think of private cloud as something that is little different from what they already have, and others might think that cloud is just a virtualized datacenter. Both of these assumptions are false, and we covered the reasons for that in the first part of this series.

As a quick recap, a cloud (private or public) must enable the following five essential characteristics in order to be considered a cloud:

  • On demand self service
  • Broad network access
  • Sharing of pooled resources
  • Rapid elasticity
  • Metered services

While a traditional datacenter might contain some of these characteristic, it’s unlikely that it will contain all of them. And if the datacenter does support all five of these, it’s likely that some of the capabilities are siloed and therefore the entire system doesn’t benefit from tight integration of all five of these essential characteristics that make up the cloud definition.

Before we get to the meat of today’s discussion, which is about security considerations in the private cloud, I’d like to clear the air regarding the Microsoft private cloud. You might have been reading about the Microsoft private cloud and you might get the impression that the Microsoft private cloud is just about Hyper-V and System Center Virtual Machine Manager. Although these are important components in enabling the Microsoft private cloud, that is not the case. While I think Microsoft is trying to keep their message fairly simple, they also realize that the Microsoft Private cloud is a lot more complex than just Hyper-V and SCVMM. The details of the Microsoft private cloud are beyond the scope of today’s discussion, but if you want to get a better idea of how Microsoft does the private cloud and all the key characteristics of a Microsoft private cloud, check out the Reference Architecture for Private Cloud on the TechNet Wiki site.

Now, what about security? Security in the private cloud looks a lot like security in the traditional datacenter. You still need to worry about network security, authentication, authorization and auditing, you need to be concerned about identity management, and you need to consider the security issues at every layer of the network and computing stack. There’s nothing magical or revolutionary about private cloud security. Nevertheless, there are a few things unique to the private cloud that should lead you to refocus your security priorities in particular areas.

One way to think about the security issues that are more specific for the private cloud is to think about the security effects of the five essentials characteristics that define a cloud computing solution. How should you think about security in a world of self-service computing? What about the security issues related to broad network access? And what about the security issues related to sharing of abstracted, pooled resources? This is the approach we’ll take toward private cloud security in today’s discussion.

How Does On-Demand Self-Service Impact Private Cloud Security?

On-demand self-service allows consumers of a private cloud solution to obtain the compute, network, memory and storage resources they desire, based on their ability to pay for these resources. In addition, if you deploy PaaS (Platform as a Service) or SaaS (Software as a Service) in your private cloud, then consumers of the cloud service can also obtain development platform and finished services. What are the effects of self-service and how do they impact security?

The first thing that comes to mind is the fact that you no longer are in complete control of the workloads in your datacenter, or even of the operating systems that are running within your datacenter. Unlike the days of the traditional datacenter, where you racked and stacked and installed the operating system and then installed the workload software, with private cloud on-demand self-service, the consumers of your cloud services will spin up new operating systems, create new applications, and run your finished services, depending on the service models you want to make available to your customers.

This creates a situation where you no longer have the deep insight that you once had into what’s running in your datacenter. In the past, you had hands-on experience with most of the components, and you configured your monitoring systems so that they were pointed at known systems that you and your team instantiated. With the private cloud, you are, for the most part, completely unaware of what your customers are doing with the resources you provide them in your private cloud infrastructure.

This means you need to be much more proactive about your monitoring, alerting and reporting capabilities. The cloud infrastructure will need to be able to inform you about how your customers are using the infrastructure and must be able to alert you when there is misuse or some other out of policy activity taking place. In addition, you need comprehensive reporting on a daily or even more frequent basis so that you can perform detailed trend analysis in order to prevent exhaustion of your pooled resources due to overcommitment to your cloud service customers.

Monitoring, alerting and reporting tools are going to need to be updated and replaced to support an on-demand self-service private cloud infrastructure. Most of the tools that we use today are designed to work in a datacenter where IT has control over the hardware and software infrastructures, and work orders are created to request IT to enable whatever computing services are required. In the private cloud, the critical enabler of on-demand self-service is that there is no requirement for administrative interaction between the cloud service consumer and the cloud infrastructure administrators. Users just pick out what they need from your service catalog and away they go!

Your new tools will need to be aware of the new workloads automatically and without any type of intervention on your part. If for no other reason, large private clouds can easily support thousands or even tens of thousands of virtual machines. This includes virtual machines that are spinning up, those that have been spun up, and those that are in the process of decommissioning (by policy or by manual intervention on the cloud consumer’s part).

Other Security Considerations Related to On-Demand, Self-Service

While the monitoring, alerting, and reporting infrastructure is probably the most significant consideration when thinking about the on-demand self-service characteristics of the private cloud, there are a few other issues that you should consider. Some of these include:

  • How will you decide who has rights to consume cloud services?
  • How granular do you want to be when assigning rights to consume cloud services?
  • Does your AAA (Authentication, Authorization and Accounting) and cloud infrastructure support the ability to scope rights to particular offerings in your service catalog or will everyone who has rights to obtain cloud services have the right to obtain anything in the service catalog?
  • Do you have a way to automate security responses to possible DoS (denial of service) situations where a consumer of cloud services attempts to oversubscribe the system?
  • Do you have a mechanism available to assure that self-service customers cannot “break out” of their customer role into a cloud administrator role?
  • Do you have a way to control the behaviors of the operating system and services that your self-service customers will install?
  • Do you have a way to identity self-service customers that might represent a potential threat, such as customers who are using stolen credentials?

These are just a few of the security issues that you need to consider when working in a new IT environment where your customers – not you – are driving the datacenter activity. Automation is going to be a critical enabler for you as you try to maintain control of a self-service environment. Automation will be used in your monitoring, alerting and reporting and automation will also need to be used to secure the workloads that run on the cloud infrastructure. Automation is also critical so that incident response doesn’t require cloud infrastructure administrator intervention.

Summary

In this article, we introduced the idea of thinking about private cloud security within the context of each of the five essential characteristics that define a cloud-based solution. We began with the first essential characteristic, which is on-demand self-service. The primary security concern with on-demand self-service relates to the fact that IT is no longer in total control of which operating systems and workloads run in the datacenter. Customers of the cloud services will be making these decisions. Because of this, the cloud infrastructure administrator will need to depend on new tools that are cloud aware, so that monitoring, alerting and reporting can be done on a massive infrastructure that is constantly spinning up and spinning down workloads; with these workloads for the most part not being defined by IT. In addition to the monitoring, alerting and reporting security issues are a handful of other issues related to on-demand self-service – most of which are related to authorization and authentication of individuals to obtain cloud services. In the 3rd part of this series, we’ll take a look at how the “broad network access” essential characteristic of the private cloud influences your security design. See you then! –Deb.

If you would like to read the other parts in this article series please go to:

Advertisement

Featured Links