Including Security Monitoring in Cloud Service Level Agreement (SLA) Amir Teshome Supervisors Louis Rilling Christine Morin July 5, 2016 Amir Teshome Including Security Monitoring in Cloud SLA 1 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Contents Challenges on including security monitoring into SLA Amir Teshome Including Security Monitoring in Cloud SLA 1 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Contents Challenges on including security monitoring into SLA IDS evaluation method (used as SLA verification mechanism) Amir Teshome Including Security Monitoring in Cloud SLA 1 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Introduction Clients outsource VM 1 VM 2 VM 3 VM 4 VM 5 VM 6 their information system User Portal Amir Teshome Including Security Monitoring in Cloud SLA 2 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Introduction Clients outsource VM 1 VM 2 VM 3 VM 4 VM 5 VM 6 their information system Loss of full control User Portal Amir Teshome Including Security Monitoring in Cloud SLA 2 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Introduction Clients outsource VM 1 VM 2 VM 3 VM 4 VM 5 VM 6 their information system Loss of full control User Portal Lack of trust in service providers and security concerns was a reason for 40% of small and medium businesses not to join the cloud.[2014 study] Amir Teshome Including Security Monitoring in Cloud SLA 2 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Security Monitoring Security Monitoring 1 Security Monitoring is the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. 1“Tao of Network Security Monitoring, Beyond Intrusion Detection” by Richard Bejtlich Amir Teshome Including Security Monitoring in Cloud SLA 3 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Security Monitoring Security Monitoring 1 Security Monitoring is the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. Detect suspicious behaviors and take action before severe damage. 1“Tao of Network Security Monitoring, Beyond Intrusion Detection” by Richard Bejtlich Amir Teshome Including Security Monitoring in Cloud SLA 3 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Security Monitoring Security Monitoring 1 Security Monitoring is the collection, analysis, and escalation of indications and warnings to detect and respond to intrusions. Detect suspicious behaviors and take action before severe damage. Intrusion Detection Systems (IDS) and logs from firewalls are used as monitoring systems. 1“Tao of Network Security Monitoring, Beyond Intrusion Detection” by Richard Bejtlich Amir Teshome Including Security Monitoring in Cloud SLA 3 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Service Level Agreement (SLA) SLA: An agreement between cloud providers and customers It describes: Amir Teshome Including Security Monitoring in Cloud SLA 4 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Service Level Agreement (SLA) SLA: An agreement between cloud providers and customers It describes: Provided service Amir Teshome Including Security Monitoring in Cloud SLA 4 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Service Level Agreement (SLA) SLA: An agreement between cloud providers and customers It describes: Provided service Rights and obligations Amir Teshome Including Security Monitoring in Cloud SLA 4 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Service Level Agreement (SLA) SLA: An agreement between cloud providers and customers It describes: Provided service Rights and obligations Penalties Amir Teshome Including Security Monitoring in Cloud SLA 4 / 11
Introduction SLAs & Security Monitoring Challenges Security Monitoring IDS Evaluation Conclusion and Future Work Service Level Agreement (SLA) SLA: An agreement between cloud providers and customers It describes: Provided service Rights and obligations Penalties But don’t include the security monitoring aspect of an Information System Amir Teshome Including Security Monitoring in Cloud SLA 4 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Malleability of virtual infrastructures Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Malleability of virtual infrastructures Difficulty of expressing security monitoring properties using precise terms Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Malleability of virtual infrastructures Difficulty of expressing security monitoring properties using precise terms SLA enforcement is done at the lower level Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Malleability of virtual infrastructures Difficulty of expressing security monitoring properties using precise terms SLA enforcement is done at the lower level Lack of methods to evaluate security monitoring setups Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Challenges Include security monitoring In Service Level Agreement Malleability of virtual infrastructures Difficulty of expressing security monitoring properties using precise terms SLA enforcement is done at the lower level Lack of methods to evaluate security monitoring setups Amir Teshome Including Security Monitoring in Cloud SLA 5 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Given the requirements Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Given the requirements Automatically configure and deploy Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Given the requirements Automatically configure and deploy Verify if the specified SLA is respected or not Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Given the requirements Automatically configure and deploy Verify if the specified SLA is respected or not If not to take action Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work Proposed Directions Specify security monitoring requirements Given the requirements Automatically configure and deploy Verify if the specified SLA is respected or not If not to take action Amir Teshome Including Security Monitoring in Cloud SLA 6 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work State of the art Focus on specific monitoring probe (IDS) Amir Teshome Including Security Monitoring in Cloud SLA 7 / 11
Introduction SLAs & Security Monitoring Challenges IDS Evaluation Conclusion and Future Work State of the art Focus on specific monitoring probe (IDS) IDS evaluation method, used for SLA verification Amir Teshome Including Security Monitoring in Cloud SLA 7 / 11
Recommend
More recommend