BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
It’s been widely reported that security concerns are the number one item affecting large-scale adoption of cloud...
computing. While this may be true, a more granular definition is appropriate: Organizations are concerned with the security aspects of public cloud computing, but are unconcerned with private cloud security. It’s this dichotomy that poses security issues for hybrid cloud computing (i.e., mixed public and private) when compared to dealing with its individual components.
Public and private cloud computing risks
Take a typical organization with an enterprise network and applications located in a data center that wants to maximize its capital costs by utilizing the benefits of cloud computing (i.e., dynamic scalability, on-demand computing, etc.) with its current hardware. The organization could use the physical hardware in the datacenter as the basis for the virtualized servers, and deploy a cloud management platform such as those from Eucalyptus Systems Inc. or Cloud.com (CloudStack) to create a private cloud. In this instance, the organization would own the hardware and manage the “cloud” software.
From a trust standpoint, the difference between this private cloud and the data center is almost identical. The main difference being that in a traditional datacenter, it’s likely that individual hardware would have been dedicated to applications and identity and access control mechanisms enforced at the system level. In this cloud architecture, many of those systems have now been virtualized and actually exist on a single piece of hardware, thus bringing in a multitenant (although it is internal to the organization) risk that was not originally there. Other versions of private clouds exist in which another organization actually owns the hardware, and you are leasing it from them. In this situation, there are additional cloud computing risks, however, through contracts, SLAs, and dedicated resources, the trust level is still higher than that of a public cloud.
The organization might then desire to increase the cost benefit further and consider moving some applications and IT processes to a public cloud, where the risks are primarily associated with multitenant architectures (where organizations share the hypervisor) and staff that manages the hardware at the cloud service provider. It should be noted that these risks are present in many hosted environments today.
From a hybrid cloud computing standpoint, the top two security considerations are:
- What are the trust requirements within my environment?
- What cloud management tool will I use, and will it provide the enforcement I need?
When thinking about the hybrid cloud, the most important concept to understand is that of the trust levels of the different environments. Organizations will likely have contractual and regulatory requirements for the protection of certain information. It’s been my experience that if there are strict requirements in your contracts or regulations, it is easiest to meet those utilizing the private cloud portion of a hybrid. However, organizations will have many services that don’t have those extra security requirements and can be adequately protected and provided in the public cloud portion. So understanding of trust and what applications and information an organization can put in the public cloud and which ones must reside in the private cloud is critical.
By understanding what trust requirements exist within your environment, you’ll be able to determine access control requirements as well as authentication requirements. Once you have identified those areas, you can utilize your cloud management tool to implement and enforce those requirements.
Cloud management tool
From a practical standpoint, the most important security decision for a hybrid cloud is choosing a tool that will be used to manage the environments. By definition, a hybrid cloud has communications between the public and private cloud infrastructure, so the tool must be flexible enough to manage both environments, as well as be able to implement your security requirements..
When talking about hybrid cloud computing management tools, the clear leader is currently RightScale Inc., especially if you are not using the same public and private cloud providers. The RightScale Cloud Management Platform provides a management interface into different cloud providers. Its Web-based management platform provides an abstracted interface to the different underlying APIs of various cloud providers, making it much more user friendly than trying to do integration on your own. Further, it will interface with your private cloud, based on Eucalyptus or CloudStack, if you go that way. Ylastic LLC is another vendor in this space.
The other option for management is using a single cloud provider’s management tool for both its public and private cloud services. Amazon’s AWS Management Console is a good example.. However, this means you’re locked into that provider, which probably isn’t good from a long-term standpoint.
One aspect of hybrid clouds that should get special consideration to is identity sharing. Most organizations will extend their enterprise identity solution to the hybrid cloud, but they need to examine how this extension to the public cloud will affect the security of the private cloud and the enterprise overall.
This is more of a risk assessment issue than an control implementation issue. Organizations will need to ensure the mechanisms by which they provide and consume identity with their public cloud provider do not decrease the security within their private cloud. An example of this would be if an organization used Microsoft Active Directory Federation Services for both public and private clouds, as well its internal enterprise network. Would it be possible for an external attacker or staff of a public cloud provider to harvest usernames and passwords from the public portion of the cloud and use them s against the private portion? Should an organization use separate identity sources for public and private portions of its hybrid cloud? Does sharing services between public and private portions increase the security risk to the private portion to an unacceptable level?
Taking the time to ask these questions along with making a careful choice in a management tool will improve the chances of a successful hybrid cloud project.
About the author:
Philip Cox is a principal consultant of SystemExperts Corporation, a consulting firm that specializes in system security and management. He is a well-known authority in the areas of system integration and security. He serves on the Trusted Cloud Initiative Architecture workgroup, as well as the PCI Virtualization and Scoping SIGs. Phil frequently writes and lectures on issues dealing with heterogeneous system integration and compliance (PCI-DSS and ISO). He is the lead author of Windows 2000 Security Handbook Second Edition (Osborne McGraw-Hill) and contributing author for Windows NT/2000 Network Security (Macmillan Technical Publishing) and CIW Security Professional Certification Bible(Wiley).