3. AGENDA
Definitions (brief, I promise)
Cloud Benefits
Cloud Security Concepts
Moving applications to the cloud, wrong way
Moving applications to the cloud, right way
Please do ask questions!
10. FORKLIFTING…
“Datacenter” application to the cloud:
• Can’t trust what you used to
• Datacenter apps usually not flexible
• Confidentiality, Integrity, Availability all handled differently
13. LEVERAGING CLOUD
ARCHITECTURE
How can we (gently) re-architect to take advantage of the
cloud?
• Network
• Web server
• Application Server
• Database server
• Don’t forget audit/forensics!
14. NETWORK
Good: Limit by IP
Better: Allow administration via
VPN only
Best: Admin interface on separate
host, VPN only
Artist: Jonathan, Age 7 Heidelberg, Germany
15. WEB/APP SERVER
Good: Load balancing, “Basic” hardening (IP ACLs, only
accept GET/POST, server tuned for large loads). SSL’s cheap
nowadays
Better: Build Web Application Firewalls and reverse caches
into your IaaS (mod_security’s free)
Best: Use 3rd party services to handle load and minimize
security issues (CDNs like Akamai, Cloudflare)
Required: Input filtering, output encoding.
16. DATASTORE
Good: Place DBs on separate host from application.
Better: Place DBs in separate datacenters, and replicate
Best: Migrate to a “NOSQL” datastore (Cassandra, MongoDB,
ElasticSearch)
Required: Encrypt data-at-rest
17. NOSQL SECURITY?
• Many NOSQL systems turn off
even authentication
• Data labeling or granular access
needs to be handled in
application.
Artist: Luca, Italy
18. INTER-PROCESS
COMMUNICATION
Good: Whatever you’ve dreamt up,
(cloud bullhorn?) at least encrypt it.
Better: Use open protocols for
communication between nodes.
Make sure encryption is enabled!
Best: Consider using message
queues.
Required, in case you missed it: encryption.
19. LOGGING & FORENSICS
What happens to logs when our scalable architecture…
scales down?
Cloud really really requires centralized logging, monitoring,
and management.
Also, consider erase vs. overwrite
20. WHAT HAVE WE
BUILT?
• Scalable solution
• No single point of failure
• Healthy caution of all those around us (filtering/encoding)
• Data stored and transmitted safely
• And a nice set of audit logs for when Bad Things happen
22. THANKS AND
CONTACT INFO
“Bad People” drawings from http://badpeopleproject.org
Follow me on twitter: @johnlkinsella
Editor's Notes
Service: Infrastructure, Platform, Software as a serviceDeployment: Private, community, public, hybrid
So for each one of these things I’ll try to break it down into GOOD – BETTER – BEST.
Some of these points fit better for IaaS, this is one of them
Load balancing – linux virtual server“best” – I’m expecting/wanting resistance to some of these points – I believe CDN/NoSQL/Message Queues have security value from a scalability POV, but they’re not slam-dunk arguments.