| nectar.org.au NECTAR TRAINING Module 8 Security

Is cloud computing safe? What are the common security concerns, and how justified are they? Introduction to key security issues, dangers and consequences when running a virtual machine in the cloud. Practical advise for making your machine secure. Introduction to data encryption incl. worked examples.

Security concerns Common perception: cloud computing poses a whole lot of new risks. But in fact, security is often as good as or better than in traditional systems—the cloud infrastructure is professionally managed. More trust is needed in the administrators of cloud computing infrastructure!

Security concerns Perhaps the biggest security concern among cloud computing customers is data loss. However, figures show that internal security breaches are actually not among the main causes for data loss: 21% Hardware failure 19% Software failure 18% Human error / accident 15% Corruption 7% Theft 7% Internal security breach 6% External security breach 5% Natural disaster Source: The Databarracks 2014 Data Health report

Security concerns Let’s say you can trust your cloud provider in ensuring the best protection against software and hardware failures. This still leaves one very important factor in keeping your virtual machine and data safe: yourself! You also share responsibility for ensuring the security of your virtual machine and data. This module will talk about all important things you need to know to make your virtual machine secure.

Main threats Cyber attack. Includes use of malware, DDoS attacks, phishing, fraud and exploitation of software vulnerabilities. Protection from the provider: Protection measures like firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or Network Access Control (NAC) Protection from you: Be careful which software you install, and only free up necessary ports in the firewall rules.

Main threats Access to your data The cloud provider can potentially access the data that is on the cloud at any time. They can even be obliged to share information with third parties if necessary for purposes of law and order, even without a warrant. Protection from you: Encrypt your sensitive data.

Main threats Data loss & leakage / Risks of multi-tenancy data belonging to different customers can reside on the same server Risks of multi-tenancy: “Noisy neighbours” take up resources Data leakage between tenants flaws in one client’s application could allow an attacker access to another clients data. Protection from provider: good protection software and setting it up securely. Protection from you: Encrypt your sensitive data; keep off-line backups of your data; securely erase storage when releasing it.

Main threats Hardware failure and data loss When hardware fails, the state of the VM and data may be lost. Protection from the provider: Create separate backups of all hard-drives. NeCTAR uses RAID systems on most storage types, but: “all care taken, no guarantees given”: you have to do your own backups. Protection from you: Backup your data and VM at regular intervals

Main threats Access security: Authentication, access control and data encryption: How secure are the services? Protection from the provider: Data encryption and complete deletion of resources which have been released. Protection from you: Access your services via secure connections only. Never share your private key with anyone! Encrypt your sensitive data. Request complete removal of your data.

Main threats Data ownership Legal ownership of the data is widely considered a risk as well. However NeCTAR never lays claims on ownership of your data. Malicious insiders a current or former employee, contractor, or other business partner who has or had authorized access and and intentionally misuses that access Availability / Lack of Internet: Service interruptions Protection from the provider: Ensure service availability best as possible. Protection from you: Choose a reliable Internet Provider.

Main threads Insufficient knowledge Human error: knowledge about the potential issues and risks is required to mitigate them. Protection by you: Pay attention in this Module and you will have the required knowledge to protect your resources adequately.

VM-specific vulnerabilities Most VM specific vulnerabilities stem from the hypervisor. Fortunately, these security concerns can be addressed effectively in a well-managed cloud like NeCTAR. Hyperjacking modifying the hypervisor to be malicious, or inserting a malicious hypervisor (a “rogue” hypervisor) VM Escape A malicious program manages to “escape” out of a virtual machine and compromising the hypervisor. VM Theft Theft of a virtual machine file electronically

VM-specific vulnerabilities What you can do to ensure protection: Install an Anti-Virus protection software Regularly update your VM’s operating system

Security benefits of the Cloud Abstraction hardware abstraction and isolation of the VM makes unauthorized access on the physical machine (and manipulating it) more difficult. State restore It is easy to restore the state of a virtual machine, and return to a state prior to an attack or data loss. External monitoring The hypervisors runs outside the virtual machine and may also monitor for malware (in addition to the anti-virus on the VM). Transience An advantage of a VM is that it may be started remotely only when they are needed, decreasing time window for an attack.

Security benefits of the Cloud Simplicity of Hypervisors Hypervisors are much simpler than traditional operating systems, and are therefore much easier to secure. This makes it easier for software developers to minimize bugs and vulnerabilities. Off-premise data storage Storing your data off-premise makes it harder for someone to steal it: they would have to break into the data center and identify the physical hard-drive. Data availability Object storage has great performance and data integrity.

Summary of your responsibilities Install an Anti Virus Protection on your instance. Regularly update your VMs operating system to get the newest security updates. Only free up necessary ports in the firewall rules. Do not install potentially harmful software on your VM. Encrypt sensitive data on the cloud storage to prevent unauthorized access. Regularly back up your data (see Module 9).

Summary of your responsibilities Securely erase all data when you release your storage resources (see Module 9) Always choose secure passwords! And never share your passwords or private ssh keys with anyone. Be aware of the risks: information given in this Module helps you to avoid potential security problems. [optional] Keep off-line backups of your important data – however only do this if you can store the backups at a safe place.

Cloud Deployment Models Private cloud Owned by one organization (infrastructure on or off premises). Public cloud Computing services are publicly accessible over the Internet. Hybrid cloud employing both private and public infrastructures. Using private infrastructure for sensitive data or processes only. Community cloud Shared by multiple organizations with common concerns.

Cloud Deployment models Private clouds are regarded as more secure because they provide more control over the data and equipment. However: setting up a private cloud infrastructure comes at a significant expense. A public cloud is instead more flexible and is often a more affordable investment. However: control of the cloud infrastructure is in the hands of the cloud provider. It is actually often safer to use cloud services which offer a well- managed infrastructure!

File and Volume Encryption We can broadly distinguish two types of file encryption: 1.encrypting an entire volume and 2.encrypting individual files. Why encrypt the data? While access to your Object Store is secured with your OpenStack credentials, the transfer of your files via the network is not necessarily secure (unless you explicityl use a secure client). Use per-file encryption To protect your data on a Volume against data breaches Use volume encryption

File encryption Some tools for per-file encryptions include GnuPG AESCrypt Encrypted zip files Beware the standard zip encryption scheme which is not secure! On a Mac: Disk utility In this course we will learn how to use GnuPG. The On-Line Documentation provides more information about the other tools, incl. links to further documentation.

File encryption GnuPG: GnuPG is an implementation of Pretty Good Privacy (PGP). PGP has excellent security. GnuPG is open-source and accessible through a variety of different clients and tools. You will have to generate a key pair to use GnuPG. You need to keep your private keys and passphrases secure!

File encryption Exercise 1: Create a GnuPG key pair. Windows: Install GpgForWin Make sure Kleopatra is checked. Kleopatra  File  New Certificate Mac OSX: Download & Install from Open “GPG Keychain”, click on “New” to generate key. Linux (Ubuntu): $ sudo apt-get install gpnupg $ gpg --gen-key

File encryption Exercise 2: Encrypt / decrypt a file with GnuPG. Windows: Right-click on file in the Windows explorer. Select Sign and encrypt. (Decrypt and Verify to decrypt) Select your key and click “Add”, then “Encrypt”, and finally “Finish”. Mac OSX: Right-click on file in the Finder. Select Services  OpenPGP: Encrypt file (OpenPGP:Decrypt to decrypt) Select the key and click “Ok”. Linux (Ubuntu): Encrypt: $ gpg --output --encrypt --recipient Decrypt: $ gpg --output --decrypt

Volume encryption In Module 7, we have mounted our 2ndary ephemeral drive and a volume, so that we can access it from the instance. Disks which are mounted on the instance are suitable for Volume Encryption. You may encrypt the whole block of storage with all files on it. You may think of volume encryption as happening in the background: You unlock the drive once with the password, then use the drive as usual. The OS takes care of automatic encryption and decryption in the background.

Volume Encryption While security is added, be aware of new risks introduced: If you ever forget your password, access to your data will be lost forever. It may also introduce difficulties with manual data recovery. You can only unlock your drive using the same encryption algorithm/tool. Performance of reading and writing to your Volume will degrade with the encryption.

Volume Encryption on Ubuntu The next exercise will go through the steps required to encrypt your Volume storage on your Ubuntu instance. We will use a standard procedure on Linux to encrypt drives with the Linux Unified Key Setup (LUKS). Doing the exercise will erase all data on the volume! If you have any files on it, make sure to back them up first.

Volume Encryption on Ubuntu Exercise 3: Set up Volume Encryption. $ sudo lsblk -l to find out your device name (say it is vdc) $ mount | grep vdc and unmount the device if it is mounted: $ sudo umount /dev/vdc $ sudo apt-get install cryptsetup $ sudo modprobe dm-crypt $ sudo cryptsetup luksFormat -c aes-xts-plain64 -s 512 -h sha512 -y /dev/vdc $ sudo cryptsetup luksOpen /dev/vdc MySecureDrive $ sudo mkfs.ext4 /dev/mapper/MySecureDrive $ sudo mkdir /MyMountedDrive $ sudo mount /dev/mapper/MySecureDrive /MyMountedDrive

Volume Encryption on Ubuntu Exercise 4 Release the drive: $ sudo umount /MyMountedDrive $ sudo cryptsetup luksClose MySecureDrive To re-enable encryption: $ sudo cryptsetup luksOpen /dev/vdc MySecureDrive $ sudo mount /dev/mapper/MySecureDrive /MyMountedDrive

Closing note Well done! You now are aware of general security concerns in the cloud, know how risks can be mitigated and know how to encrypt your data The next Module will show more practical steps involved for securing your resources: Backing up your data and VM, and Cleaning up after releasing your resources.