what is "secure"?
DESCRIPTION
Security is too often discussed in terms of what it prevents rather than what it assures. Too much trust in narrowly focused technology, combined with too much fear of the unknown in areas like adoption of the cloud, combine to make many enterprise and other IT systems unnecessarily expensive and inadequately trustworthy.TRANSCRIPT
What is “Secure”?
“If you think cryptography can solve your problem, then you
don't understand your problem and you don't understand
cryptography.” – Bruce Schneier, 1998
The Nouns and Verbs of Security
Preserve integrity, availability & access
Permit authentication and authorization
Assure confidentiality & control
Promote awareness and accountability
Perform inspection; maintain protection;
afford detection; enable reaction; build on
reflection
The Nouns and Verbs of Security
Preserve integrity, availability & access
Permit authentication and authorization
Assure confidentiality & control
Promote awareness and accountability
Perform inspection; maintain protection;
afford detection; enable reaction; build on
reflection
The Nouns and Verbs of Security
If all you want is data protection, put it on
tape and store it in a Kansas cavern
The point of security is to maximize the
risk-adjusted value of the asset: money in
a bank, not under a mattress
Infosec is therefore a process, not a
product; a mode of travel, not a destination
“Secure” against what?
“Who” Matters So Much More than “Where”
"There are five common factors that lead to the compromise of database information":
• ignorance
• poor password management
• rampant account sharing
• unfettered access to data
• excessive portability of data
DarkReading.com, October 2009
Clouds Can Be
Usefully Secure
Single-Tenant vs. Multi-Tenant Clouds
In a multi-tenant environment, all
applications run under a common trust
model: more manageable, more consistent,
more subject to rigorous scrutiny by trained
specialists (internal & customer)
Shared infrastructure
Other apps
Single tenancy entails creation of multiple
software stacks, whether real or virtual:
each layer in each stack represents a
distinct opportunity for misconfiguration or
other sources of security risk
Server
OS
Database
App Server
Storage
Network
App 1
Server
OS
Database
App Server
Storage
Network
App 2
Server
OS
Database
App Server
Storage
Network
App 3
Every Act an Invocation: Granular Privilege
Password security policies
Rich Sharing Rules
User Profiles
SSO/2-factor solutions
Login… Authenticate…Apply Data Security Rules… View Filtered Content
Bottom-Up Design to be “Shared and Secure”
Expanding legislation, regulation, mainstream mind share
Rising standard of due diligence
Desktop/laptop systems carry far too much “state”
– More data than people actually use
– Far too much data that user may easily lose
– More than one version of what should be one shared truth
Cloud’s Solutions:
– Logical view of exactly one database
– Profile definitions manage privilege sets
– Activity logs precisely record actions
Governance: More Eyes, More Agendas
Strong Session Management Every row in the database contains an ORG_ID - Unique encoded string Session Tokens – user unique, non-predictable long random value generated for each session combined with a routing “hint” and checksum, base64 encoded Contains no user-identifiable information Session Timeout – 15 Mins to 8 Hrs Lock Sessions to IP – prevent hijacking and replay attacks SSLv3/TLS used to prevent token capture / session hijacking Session Logout – Explicitly expire and destroy the session
Common Controls + Customer Choices
• SSL data encryption
• Optional strict password policies
• SAS 70 Type II & SysTrust Certification
• Security certifications from Fortune 50
financial services customers
• May 2008: ISO 27001 Certification
Platform Security
• Fault tolerant external firewall
• Intrusion detection systems
• Best practices secure systems mgmt
• 3rd party vulnerability assessments
Network Security
• 24x365 on site security
• Biometric readers, man traps
• Anonymous exterior
• Silent alarm
• CCTV
• Motion detection
• N+1 infrastructure
Facility Security
World-Class Defense in Depth
“There are some strong technical security arguments in favor of Cloud
Computing… (Craig Balding, Fortune 500 security practitioner)
Peter Coffee VP for Strategic Research
facebook.com/peter.coffee
twitter.com/petercoffee