Cloud Computing Security

The Cloud Computing concept has emerged as a response to the necessity of bringing computation and storage services following a flexible and on-demand business model. However, from its conception the cloud computing paradigm, and its associated nature of outsourced data management and computation, has also brought security and privacy problems. Security in cloud computing has been traditionally considered as one of the major concerns by enterprises and organizations. Moreover, there are no global and harmonized policies for data protection among different countries, which makes interoperability difficult both at legal and technical levels. Trust in the different actors that conform the cloud ecosystem is also a challenging issue, since the cloud model is inherently opaque. All these problems have hindered the adoption of cloud computing.

Accountability in the Cloud

The problem of accountability (e.g., "who is responsible of the security and proper stewardship of my data in the cloud?") has not a clear answer nowadays, as there are no accountability frameworks for distributed IT services. It is difficult then for users to understand, influence and determine how their service providers respond to their obligations. NICS participates in the FP7 project A4Cloud, which aims to extend accountability across entire cloud service value chains, covering personal and business sensitive information in the cloud. A4Cloud will create solutions to support users in deciding and tracking how their data is used by cloud service providers. The role of NICS in A4Cloud is mostly centered in the development of metrics for accountability in the cloud. In [1], we propose a metamodel for describing accountability properties and metrics for measuring them, which constitutes a first step towards the development of a methodology for metrics elicitation.

Privacy and Identity Management in the Cloud

Identity management is an almost indispensable component of today’s organizations and companies, as it plays a key role in authentication and access control. However, it is widely recognized as a costly and time-consuming task. The advent of cloud computing technologies, together with the promise of flexible, cheap and efficient provision of services, has provided the opportunity to externalize such a common process, shaping what has been called Identity Management as a Service (IDaaS). Nevertheless, as in the case of other cloud-based services, IDaaS brings with it great concerns regarding security and privacy, such as the loss of control over the outsourced data. One of our research lines tackles this problem by using cryptographic means instead of just relying in access control policies and models.

We first investigated how cryptography can be applied to Cloud Computing in order to alleviate some of the concerns that limit their adoption. In [2], we report on the applicability of several cryptographic techniques to the cloud environment highlighting their benefits and limitations. Cryptographics means for data protection are usually disregarded due to the complexity of managing encryption key in the Cloud, but still there are some novel approaches that can be used satisfactorily. Regarding the problem of privacy and data confidentiality in cloud-based identity services, we have explored the application of cryptographic techniques for achieving the protection of users’ data in Identity Management Systems. In [3], we applied proxy re-encryption techniques for creating a special OpenID provider that is not capable of reading the user's information but still provides an identity service. This research has been further refined in [4][5]. In this work, we propose a general model for privacy-preserving Identity Management as a Service, and describe a particular instantiation of this model using SAML 2.0.

Identity management does not only involve users in the system. Within the PASSIVE project, we have worked towards an authentication and authorization scheme for applications, users and resources that is suitable for its use in large and highly dynamic deployments such as the Cloud [6]. Other work in this area identifies the challenges that arise in the intersection of interconnected clouds and identity management [7].

Trust Management and Interoperability in the Cloud

One of the current trends in cloud computing is the federation of different cloud providers. The idea is that a federation of clouds enables local cloud providers (i.e., SMEs) to build business alliances with other cloud providers (possibly scattered around the globe), for offering more competitive solutions. In this direction, NICS is working on the FISICCO project, where we aim to develop and integrate services for federating and interconnecting cloud computing infrastructures in a secure way, through the extension of existing interconnection architectures and the definition of new connectors. FISICCO can be seen as an extension of existing interconnection architectures, that will lead cloud computing to an upper level of interoperability. In previous work, we have also explored the challenges that lay in the intersection of interconnected clouds and identity management [7]. We have also concentrated in social cloud scenarios where users provide the resources themselves. In this type of scenarios users might not know each other and then it becomes essential to have some mechanism that tells them which cloud provider is the most appropriate to collaborate with. We have proposed a development framework [8] onto which developers can implement trust-aware social cloud applications. Developers can also adapt the framework in order to accommodate their application-specific needs.

Smart Grid and Cloud

During the last decade, the Cloud Computing paradigm has emerged as a panacea for many problems in traditional IT infrastructures and in critical systems. Little by little we are seeing how part of the Industry is adopting the cloud in order to obtain some benefits against serious incidents, such as availability of information, resilience and recovery of states by keeping copies of backups within the cloud. One of the main demands of industry is the building of smart remote substations with the ability to connect to external infrastructures for the control from anywhere and at any time, such as the Internet or the cloud, moving from the private cloud (current situation) to the public Cloud. In this way, sensors, RTUs, gateways and any smart device (e.g., smart phones) will have to be able to access, with the suitable permissions, the cloud and (temporarily or permanently) store information related to alarms, configurations, processes and measurements in a secure way.

Moreover, through the TIGRIS project, NICS Lab is going to deal with these new needs by analysing the integration of control elements into much more complex systems. This includes control systems (e.g., smart meters, sensors, RTUs, etc.), IT systems, engineering devices and the interaction of different types of users (e.g., contractors, operators, customers, providers, etc.), where any information from substations will have to be replicated within the cloud, and more specifically when this information is related to configurations related of devices, roles, permissions, credentials, etc. We are aware that critical data availability, integrity and confidentiality within the cloud, as well as the virtualization and operational privacy are the major drawbacks within the cloud, and more specifically when it developes within a Smart Grid. In [9] which security mechanisms, in particular cryptographic schemes, can help for a better integration of elements of a Smart Grid within the cloud (e.g., resources and data). Within this research, we propose the use of a Virtual SCADA in the Cloud (VS-Cloud) as a means to improve reliability and efficiency whilst maintaining the same protection level as in traditional SCADA architectures.


References

  1. D. Nuñez, C. Fernandez-Gago, S. Pearson, and M. Felici, "A Metamodel for Measuring Accountability Attributes in the Cloud", In 2013 IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2013), IEEE, pp. 355-362, 12/2013. DOI More..

    Abstract

    Cloud governance, and in particular data governance in the cloud, relies on different technical and organizational practices and procedures, such as policy enforcement, risk management, incident management and remediation. The concept of accountability encompasses such practices, and is essential for enhancing security and trustworthiness in the cloud. Besides this, proper measurement of cloud services, both at a technical and governance level, is a distinctive aspect of the cloud computing model. Hence, a natural problem that arises is how to measure the impact on accountability of the procedures held in practice by organizations that participate in the cloud ecosystem. In this paper, we describe a metamodel for addressing the problem of measuring accountability properties for cloud computing, as discussed and defined by the Cloud Accountability Project (A4Cloud). The goal of this metamodel is to act as a language for describing: (i) accountability properties in terms of actions between entities, and (ii) metrics for measuring the fulfillment of such properties. It also allows the recursive decomposition of properties and metrics, from a high-level and abstract world to a tangible and measurable one. Finally, we illustrate our proposal of the metamodel by modelling the transparency property, and define some metrics for it.

  2. I. Agudo, et al., "Cryptography Goes to the Cloud", In 1st International Workshop on Security and Trust for Applications in Virtualised Environments (STAVE 2011), C. Lee, J-M. Seigneur, J. J. Park, and R. R. Wagner Eds., Communications in Computer and Information Science 187, Springer, pp. 190-197, June, 2011. DOI More..

    Abstract

    In this paper we identify some areas where cryptography can help a rapid adoption of cloud computing. Although secure storage has already captured the attention of many cloud providers, offering a higher level of protection for their customer’s data, we think that more advanced techniques such as searchable encryption and secure outsourced computation will become popular in the near future, opening the doors of the Cloud to customers with higher security requirements.

  3. D. Nuñez, I. Agudo, and J. Lopez, "Integrating OpenID with Proxy Re-Encryption to enhance privacy in cloud-based identity services", In IEEE CloudCom 2012, IEEE Computer Society, pp. 241 - 248, Dec 2012. DOI More..

    Abstract

    The inclusion of identity management in the cloud computing landscape represents a new business opportunity for providing what has been called Identity Management as a Service (IDaaS). Nevertheless, IDaaS introduces the same kind of problems regarding privacy and data confidentiality as other cloud services; on top of that, the nature of the outsourced information (users’ identity) is critical. Traditionally, cloud services (including IDaaS) rely only on SLAs and security policies to protect the data, but these measures have proven insufficient in some cases; recent research has employed advanced cryptographic mechanisms as an additional safeguard. Apart from this, there are several identity management schemes that could be used for realizing IDaaS systems in the cloud; among them, OpenID has gained crescent popularity because of its open and decentralized nature, which makes it a prime candidate for this task. In this paper we demonstrate how a privacy-preserving IDaaS system can be implemented using OpenID Attribute Exchange and a proxy re-encryption scheme. Our prototype enables an identity provider to serve attributes to other parties without being able to read their values. This proposal constitutes a novel contribution to both privacy and identity management fields. Finally, we discuss the performance and economical viability of our proposal.

  4. D. Nuñez, and I. Agudo, "BlindIdM: A Privacy-Preserving Approach for Identity Management as a Service", In International Journal of Information Security, vol. 13, issue 2, Springer, pp. 199-215, 2014. ISI JCR Impact Factor 2014: 0.963 DOI More..

    Abstract

    Identity management is an almost indispensable component of today’s organizations and companies, as it plays a key role in authentication and access control; however, at the same time it is widely recognized as a costly and time-consuming task. The advent of cloud computing technologies, together with the promise of flexible, cheap and efficient provision of services, has provided the opportunity to externalize such a common process, shaping what has been called Identity Management as a Service (IDaaS). Nevertheless, as in the case of other cloud-based services, IDaaS brings with it great concerns regarding security and privacy, such as the loss of control over the outsourced data. In this paper we analyze these concerns and propose BlindIdM, a model for privacy-preserving IDaaS with a focus on data privacy protection. In particular, we describe how a SAML-based system can be augmented to employ proxy re-encryption techniques for achieving data condentiality with respect to the cloud provider, while preserving the ability to supply the identity service. This is an innovative contribution to both the privacy and identity management landscapes.

    Impact Factor: 0.963
    Journal Citation Reports® Science Edition (Thomson Reuters, 2014)

  5. D. Nuñez, I. Agudo, and J. Lopez, "Leveraging Privacy in Identity Management as a Service through Proxy Re-Encryption", In Ph.D Symposium of the European Conference on Service-Oriented and Cloud Computing (ESOCC) 2013, September 2013. More..

    Abstract

    The advent of cloud computing has provided the opportunity to externalize the identity management processes, shaping what has been called Identity Management as a Service (IDaaS). However, as in the case of other cloud-based services, IDaaS brings with it great concerns regarding security and privacy, such as the loss of control over the outsourced data. As part of this PhD thesis, we analyze these concerns and propose BlindIdM, a model for privacy-preserving IDaaS with a focus on data privacy protection through the use of proxy re-encryption.

  6. N. Libor, et al., "Strong Authentication of Humans and Machines in Policy Controlled Cloud Computing Environment Using Automatic Cyber Identity", In Information Security Solutions Europe 2012, N. Pohlmann, H. Reimer, and W. Schneider Eds., Springer Vieweg, pp. 195-206, 2012. DOI More..

    Abstract

    The paper describes the experience with integration of automatic cyber identity technology with policy controlled virtualisation environment. One identity technology has been used to enable strong authentication of users (human beings) as well as machines (host systems) to the virtualization management system. The real experimental evaluation has been done in PASSIVE project (Policy-Assessed system-level Security of Sensitive Information processing in Virtualised Environments - SEVENTH FRAMEWORK PROGRAMME THEME ICT-2009.1.4 INFORMATION AND COMMUNICATION TECHNOLOGIES - Small or medium-scale focused research project - Grant agreement no.: 257644).

  7. D. Nuñez, I. Agudo, P. Drogkaris, and S. Gritzalis, "Identity Management Challenges for Intercloud Applications", In 1st International Workshop on Security and Trust for Applications in Virtualised Environments (STAVE 2011), vol. 187, pp. 198-204, June, 2011. DOI More..

    Abstract

    Intercloud notion is gaining a lot of attention lately from both enterprise and academia, not only because of its benefits and expected results but also due to the challenges that it introduces regarding interoperability and standardisation. Identity management services are one of the main candidates to be outsourced into the Intercloud, since they are one of the most common services needed by companies and organisations. This paper addresses emerging identity management challenges that arise in intercloud formations, such as naming, identification, interoperability, identity life cycle management and single sign-on.

  8. F. Moyano, C. Fernandez-Gago, and J. Lopez, "A Framework for Enabling Trust Requirements in Social Cloud Applications", In Requirements Engineering, vol. 18, issue 4, Springer London, pp. 321-341, Nov 2013. ISI JCR Impact Factor 2013: 1.147 DOI More..

    Abstract

    Cloud applications entail the provision of a huge amount of heterogeneous, geographically-distributed resources managed and shared by many different stakeholders who often do not know each other beforehand. This raises numerous security concerns that, if not addressed carefully, might hinder the adoption of this promising computational model. Appropriately dealing with these threats gains special relevance in the social cloud context, where computational resources are provided by the users themselves. We argue that taking trust and reputation requirements into account can leverage security in these scenarios by incorporating the notions of trust relationships and reputation into them. For this reason, we propose a development framework onto which developers can implement trust-aware social cloud applications. Developers can also adapt the framework in order to accommodate their application-specific needs.

    Impact Factor: 1.147
    Journal Citation Reports® Science Edition (Thomson Reuters, 2013)

  9. C. Alcaraz, I. Agudo, D. Nuñez, and J. Lopez, "Managing Incidents in Smart Grids à la Cloud", In IEEE CloudCom 2011, IEEE Computer Society, pp. 527-531, Nov-Dec 2011. DOI More..

    Abstract

    During the last decade, the Cloud Computing paradigm has emerged as a panacea for many problems in traditional IT infrastructures. Much has been said about the potential of Cloud Computing in the Smart Grid context, but unfortunately it is still relegated to a second layer when it comes to critical systems. Although the advantages of outsourcing those kind of applications to the cloud is clear, data confidentiality and operational privacy stand as mayor drawbacks. In this paper, we try to give some hints on which security mechanisms and more specific, which cryptographic schemes, will help a better integration of Smart Grids and Clouds. We propose the use of Virtual SCADA in the Cloud (VS-Cloud) as a mean to improve reliability and efficiency whilst maintaining the same protection level as in traditional SCADA architectures.