IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

International Journal of Research in Information Technology (IJRIT) www.ijrit.com

ISSN 2001-5569

Study on Building a Secured Secured Private Cloud Ms. Rajaprabha M N School of Information Technology & Engineering VIT University, Vellore, Tamilnadu, India [email protected]

Abstract Cloud computing is one of the developing field which offers the market environment data storage and capacity with flexible and scalable computing processing power to match elastic demand and supply, whilst reducing capital expenditure. Due to the sensitivity and importance of the data stored in the cloud and also because the management of the data, security is considered to be one of the most critical aspects in a cloud computing environment. This paper presents a detailed study to build a secured private cloud and also the security issues in it.

Keywords: private cloud, cloud computing, building private cloud, private cloud security.

1. Introduction In the recent IT industry, the most important issue in cloud computing is the security and privacy implications. The industry has responded with private cloud, which looks to turn existing investments inside the data center into a cloud-like environment. The architecture is catching on, albeit slowly. According to a recent survey by SearchCloudComputing.com on adoption plans for cloud in 2010, most IT shops are still in research mode and not ready to make the leap. That said, the interest in private cloud was significant. About half the respondents to the survey, approximately 250 companies, said they found private cloud more appealing than public cloud. 25% said they were interested in public cloud services, but only 20% said they would be doing any kind of cloud deployment this year. As cloud computing is becoming increasingly more mainstream, it becomes harder to distinguish between the generic security issues that an IT manager needs to tackle, from those that are specific to cloud computing. Things like roles and responsibilities, secure application development, least privilege and many more apply equally well in traditional environments as they do in the cloud. So what are the cloud computing security issues? • First, there are definitely new threats relating to Cloud Computing Security Issues. There are whole new attack vectors that potentially give the attacker unlimited control over your IT infrastructure, if any one of the user is not careful. • More than that, in a cloud computing (specifically public cloud) environment we also trust the user data with the cloud provider’s personnel. Most cloud providers are doing a very good job

Ms. Rajaprabha M N, IJRIT

89

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

•

protecting customer data from outsiders. But are they equally diligent protecting the same data from their own technical people? Although the cloud computing infrastructure is generally very secure, it is also a very tempting target for the criminal underground.

2. CHARACTERISTICS OF A PRIVATE CLOUD Due to the security concerns associated with public cloud, many firms go for private cloud deployments. And, while security pros are on their guard when it comes to public cloud, private cloud computing security doesn’t always garner as much attention. Private cloud grants more control to in-house staff, but increased control isn’t a license to ignore security. On the contrary, there are some very real security risks associated with all cloud models, private included. However, because security pros are less sensitive to risks in the private model, it can lead to a situation where risks go overlooked. So what is private cloud computing? First, it’s an operations model, not a technology. Fundamentally, cloud computing is a new way to provision, operate and deliver IT infrastructure. The National Institute of Standards and Testing (NIST) defines the cloud model this way: 1. on-demand self-service; 2. broad network access; 3. resource pooling; 4. rapid elasticity; 5. measured service. No introduction to cloud computing is complete without a distinction between public and private clouds. • Public clouds are large-scale, open-to-all providers, in which any customer can pay for and use. Our data sits cheek by jowl with other companies’ data, and the service provides the illusion of isolation. • Private clouds, on the other hand, are run by an organization and designated for use only by members of that organization. It may be a mix of technologies and applications, and it may serve many different parts of the business; but it’s not open to the public. Private clouds can be external to a company’s data center, which securely walls off a section of its public cloud infrastructure for a unique customer. 2.1 General Requirements on Private Cloud Security [2] Security in a private cloud is related to the important aspects like confidentiality, integrity, availability, privacy and trust. 2.1.1 Confidentiality Confidentiality refers to only authorized users or systems having the permission and ability to access protected data. Confidentiality is to ensure that user data which resides in the cloud cannot be accessed by unauthorized party. Data confidentiality in the cloud is correlated to user authentication. Protecting a user’s account from theft is an instance of a larger problem of controlling access to objects, including memory, devices, software, etc. Authentication is the process of establishing confidence in user identities, while they are presented to an information system. Lack of strong authentication can lead to unauthorized access to users account on a cloud, leading to a breach in privacy. 2.1.2 Integrity A key aspect of Information Security is integrity. Integrity means that assets can be modified only by authorized parties or in authorized ways. Integrity may be associated with data, software and hardware. Data Integrity refers to protecting data from unauthorized deletion, modification or fabrication. Managing an entity’s admittance and rights to specific enterprise resources ensures that valuable data and services are not abused or misappropriated. Moreover, integrity preserving mechanisms offer a greater visibility into

Ms. Rajaprabha M N, IJRIT

90

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

determining who or what may have altered data or system information, potentially affecting their integrity (accountability). 2.1.3 Availability Availability is one of the most critical information security requirements in cloud computing. SLAs are the most important document which highlights the trepidation of availability in cloud services and resources between the cloud provider and customer. 2.1.4 Privacy Privacy is the desire of a person to control the disclosure of personal information. Organizations dealing with personal data are required to comply with a country’s legal framework that ensures appropriate privacy and confidentiality protection. Cloud computing presents a number of legal challenges towards privacy issues involved in data stored in multiple locations in the cloud, additionally increasing the risk of confidentiality and privacy breaches. Instead of its data being stored on the company’s servers, in cloud computing, end users’ data stored in the service provider’s datacenters, which could be anywhere in the world. This tenet of cloud computing conflicts with various legal requirements, such as the European laws that require that an organization know where the personal data in its possession is at all times. 2.1.5 Trust Trust was used in the process of convincing observers that a system (model, design or implementation) was correct and secure. Trust in a cloud environment depends heavily on the selected deployment model, as governance of data and applications is outsourced and delegated out of the owner’s strict control.

3. Building a Private Cloud [1] A private cloud is a layer of software and management built on top of existing data center infrastructure that masks the differences underlying data center hardware, storage and networks to enable scalability, elasticity, and on-demand access to applications and other services. Cloud computing offers significant benefits over traditional models of provisioning hardware and software. Private clouds offer many benefits of the public cloud model without raising the same data security concerns. In a private cloud, users can maintain control of computing resources and information storage, minimizing data-leakage risks. But without the right safeguards in place, private clouds are still risky. Even though data isn’t housed on shared servers run by a cloud provider, a private cloud’s pooled, virtualized and dynamic resources can poke serious holes in data security. So data risks and access controls become more complex. To securely operate a private cloud infrastructure, we need to get our data privacy strategy in order. To build a private cloud, we have to explore how the model necessarily changes our approach to traditional data center security. 3.1 Storage Provisioning As we deploy infrsturcutures to support cloud services, several issues arise. A central issue is storage (local disks, iSCSI, storage area networks [SANs], network-attached storage [NAS], etc.), which are extremely dynamic in a cloud environment. A sudden spike in website traffic, for example, can have domino effects: It may result in 10 new front ends being started, an extra slave database instance being fired up and so on. To run, all these machines need storage space, swap space (i.e., disk space that temporarily holds a process memory image) and so on. Once a traffic spike subsides, servers are disabled, and the used storage space is returned to the pool. But after the spike, potentially sensitive data—such as customer data, the contents of memory, passwords, encryption keys—may remain on the physical disks in the storage system. The next time this storage is Ms. Rajaprabha M N, IJRIT

91

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

provisioned, users with access to it could run data recovery software and retrieve the privileged information. One solution solve this issue is to wipe storage prior to use. When we wipe disks on demand, the process will slow storage provisioning times. Allocating a terabyte of disk space is quick, but zeroing it out prior to use takes a minimum of several minutes. Wiping disk space can also be done in advance of provisioning (when, for example, storage space is returned to the storage pool). If we can’t rely on storage to be reliably zeroed out, the storage can be encrypted to prevent the leakage of information. i.e We need an automated process for wiping storage space clean to prevent data leakage. 3.2 Perimeter Security Building a solid perimeter is easier said than done—even if firewalls are installed at all the network access points. For systems to share data with customers, clients and partners, IT managers end up poking incoming and outgoing holes in these firewalls. When publicfacing services are added and the need for virtual private networks to provide “secure” remote access, then firewall ends up resulting in solid perimeter meaningless. One solution is to move firewalls inside, placing one on every virtualized system (or guest OS), bringing the firewall as close to the system as possible. Ironically, placing a firewall on a guest OS is less than ideal. Virtualized servers and services can potentially make changes to the firewall or disable it. And some virtual appliances don’t come with a properly configured, or any, firewall. Virtualized networking can also create performance issues and, combined with firewalling, cause unacceptable performance degradation. But it should be noted that more recent virtual OSes have improved network performance significantly. A second solution is to place the firewall on a network switch. Then virtual servers are connected to the network through a firewall. But if a guest OS is moved to another physical server, the firewall may not follow it, which leaves a system unprotected.

Third, several virtualization products now support firewalls to protect guest OSes, but these tools— such as VMware vShield—reside on the underlying host OS. By taking virtualized resources into account, this solution offers the best of all worlds: performance, security and ease of management. 3.3 Data Security For data security to work, it needs to be end to end, and the cloud introduces new weaknesses, especially in data storage. With the dynamic allocation, multi-tenancy and resource pooling, the chances of a company’s data intermingling with data that is under the control of another organization is high. This presents problems, where sensitive data commingles with less-sensitive data and can leak into other systems to which users have access. The standard information lifecycle rules apply, with some caveats. The first is data location, though this issue is largely solved in a private cloud given the degree of control that users can exert. But other issues, such as data persistence and commingling, are still present. Traditionally data persistence and comingling haven’t been an issue because storage wasn’t shared across administrative and business unit boundaries. When storage has to be shared across boundaries, it has to be allocated in a relatively static manner. Chances are that most IT shops won’t spring for multiple storage systems to hold sensitive and nonsensitive data or various business units’ data separately, because this setup significantly increases cost. And even with data segregation, we may face difficulties. So we have to ensure that we can properly track and audit the user data so that compliance measures can be applied. Fortunately, with private clouds, a provider is most likely under the same administrative control as that for cloud users. When both entities are subject to the same controls, enforcement of such measures is much easier. 3.4 Data Encryption Ms. Rajaprabha M N, IJRIT

92

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

With shared storage, encryption is one of the few effective measures to prevent data leakage. With proper encryption measures—such as when data sits in storage on a hard drive or on a SAN/NAS—even if the underlying storage space isn’t properly sanitized after use, data remnants won’t be legible or accessible. But if multiple users and systems require access to encrypted data, key management can become an issue, especially if data decryption does not take place on the server that holds the data (i.e., a back-end SAN or NAS). Another benefit of encrypting data at rest is cryptoshredding. The destruction of encryption keys should render all data inaccessible, and encryption keys are typically only a few kilobytes in size. Compare this size with the data itself, which may be several terabytes in size. Database encryption also poses problems. Most products enables to encrypt databases at the table level, but not all offer row-level encryption, where specific rows can be encrypted so that specific users can read them. Normally this is not an issue, as databases tend to be deployed for each application or service that needs one, which results in proliferation. For shared database services, table-level encryption is sufficient to keep data secure and separate. For Software as a Service (SaaS) platforms, it is likely that a single database back end and set of shared tables will be used. Backups, of course, also need to be encrypted. But again, with data commingling on storage systems, problems can arise. If unencrypted data is backed up and encrypted with a common encryption key, it may be accessible to those without privileged access to this data. If encrypted data is backed up, encryption keys used to protect data must also be backed up securely and stored for as long as data backups are stored. Otherwise the backups are useless. 3.5 Data Portability IT shops have major concerns about vendor lock-in with public and hybrid cloud providers. And the tasks of importing and creating data such as sales data or enterprise resource planning data, for example—in a new system are often significant and time-consuming. Unfortunately there are very few open or closed standards that address common business data formats for import and export from one system to another. Several factors also prevent such standards from emerging. SaaS vendors in particular have generally custom-built their systems for individual customer needs, and the underlying data storage and formatting is often highly specific. Additionally, customers often make modifications based on business rules and needs (e.g., “Customer records must be linked to a purchase order, unless they were entered in the last fiscal year. In this case, a credit card is sufficient, but only if the purchase amount was less than X and more than Y”). A language sufficiently descriptive to handle every possible data format issue and business rule would be extremely complex. Also, much of the data housed in cloud-based systems is not useful on its own. Information regarding data ownership and use is also needed to make full use of the data and regulatory requirements associated with the data, and business rules must also be considered—to name just a few issues. Finally, we also need applications data, which can be a significant issue in cloud-based systems that provide services. If you leave a provider, for example, it’s unlikely that this provider will offer you all the software you need to make use of the data on our own—not to mention the information regarding infrastructure and other support components. These portability issues dovetail with data backups. To make use of and software to make use of the data backups from a cloud-based provider, we need the appropriate software, configuration data, ownership information and authentication data—again, to name just a few prerequisites. The only way to ensure that all these systems work together is to export the data and get it working on a new system. In private clouds, vendor lock-in is much less of an issue because we will most likely have access to the software, configuration data and other components to make the system work. Some tactics that can assist in portability and data backups, though, are building a hot-site copy of the cloud system, or splitting the work across multiple sites. Ms. Rajaprabha M N, IJRIT

93

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

3.6 Logging and Auditing With traditional computing, it is relatively simple to audit and set up logging for the systems and networks involved. With cloud computing, even in a private cloud, accessing the underlying hardware and network infrastructure may not be easy or even possible. It is critical to ensure we have proper technical support for systems auditing and contractual support. During the design phase of a private cloud, take an inventory of the types of data and the regulations that apply to them to ensure that systems can support proper separation of data auditing and logging between separate business units (or even within a business unit, for that matter). This needs to be applied to networking equipment such as routers, switches, firewalls, intrusion detection and intrusion protection systems, data storage systems, authentication systems, and so on. 3.7 Data Transport From a security perspective, the problem of data transport is largely solved. We can either encrypt the data end to end and ship the files or create an encrypted transport mechanism (such as a VPN or an SSL-secured service) and then shove the data through. Data transport is a critical element in cloud computing, though. So we may need to suddenly bring additional database servers online to handle loads or bring up additional content servers to handle a sales campaign. When considering data transport strategies, include your data security needs. We may be able to piggyback on them with file-level or database-level encryption. 4. Managing the End Consumer The success of the private cloud model will hinge in part on how IT managers respond to the technical changes required. Users want to dynamically spin up virtual machines from a Web portal, to create custom templates for VM creation, to view their physical and virtual resources together, and to price out the costs of individual components of a private cloud infrastructure. If corporate IT doesn’t step up and present its offering as an external commercial provider would, it runs the risk of end consumers taking their business elsewhere. Ultimately, though, the success of a private cloud infrastructure will hinge on how we manage change at a human level. Revamping your infrastructure for increasing levels of virtualization, standardization and transparency can work only with executive buy-in and IT managers on the front lines, ready to deliver on that strategy

5. Conclusions Maintaining and managing security in a cloud computing environment is considered to be one of the most critical aspects due to the sensitivity and importance of information stored in the cloud. The risk of malicious insiders in the cloud and the failing of cloud services have received a strong attention by researchers. Private clouds offer many of the benefits of public cloud computing and can potentially prevent one of the central problems of the model: the loss of control of the underlying network and systems. To recreate the level of security associated with dedicated hardware in private cloud environments, we need to take special measures. A cloud’s dynamic deployment, resource elasticity and shared tenancy create challenges and require that IT architects implement compensating controls (such as data encryption and storage wiping) to overcome these problems. Fortunately, by deploying a private cloud, such security measures can be implemented and use auditing to verify that these measures have been implemented.

References [1] http://searchcloudcomputing.techtarget.com/resources/Building-a-private-cloud-infrastructure

Ms. Rajaprabha M N, IJRIT

94

IJRIT International Journal of Research in Information Technology, Volume 2, Issue 1, January 2014, Pg:89-95

[2] Huaglory Tianfield, Security Issues In Cloud Computing, 2012 IEEE International Conference on Systems, Man, and Cybernetics October 14-17, 2012, COEX, Seoul, Korea. [3] C. P. Pfleeger, S. L. Pfleeger, Security in Computing. Fourth Edition. Prentice Hall. [4] European Commission, Green paper on the security of information systems, ver. 4.2.1 [5] Cloud Security Alliance, Security guidance for critical areas of focus in cloud computing, V2.1, 2009. [6] S. Castell, Code of practice and management guidelines for trusted third party services, INFOSEC Project Report S2101/02

Ms. Rajaprabha M N, IJRIT

95