silverline data and network isolation for cloud services
play

SilverLine: Data and Network Isolation for Cloud Services Yogesh - PowerPoint PPT Presentation

SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran Nick Feamster 1 Cloud Computing Advantages Reduced operational costs Reduced management overhead Easier resources scaling Lowers


  1. SilverLine: Data and Network Isolation for Cloud Services Yogesh Mundada Anirudh Ramachandran Nick Feamster 1

  2. Cloud Computing Advantages • Reduced operational costs • Reduced management overhead • Easier resources scaling • Lowers the barrier to entry for new services Cloud revenue for 2010 was $68 billion. Estimated revenue for 2014 is $150 billion. 2

  3. Recent Cloud Data Leak Incidents • Microsoft BPOS cloud service data breach (Dec 2010) • Heroku cloud application platform vulnerability (Jan 2011) • Dropbox hash-tag security flaw (May 2011) Occurrences such as these make adoption of the cloud harder 3

  4. Top Cloud Computing Threats • Shared resources – Heroku • Data loss and leakage – Microsoft BPOS – Dropbox 4

  5. SilverLine Solution: Isolation Problem Attack Solution Service exploit, SilverLine’s Operating Information Flow Data Loss environment Tracking and Control exploit, Misconfigurations Gain more SilverLine’s information about obfuscation of the environment network metrics to Network Side-Channels through namespace, reduce the RTT and hop-count information entropy. study 5

  6. SilverLine Data Isolation • Information Flow Tracking – Add taints or labels to data – Track the taints – System Call Hooks • Components of the system – Tracker: Initialize and track taints, on end hosts – Enforcer: Stop unauthorized data flow, in the network 6

  7. Example Setting SilverLine Storage service With automatically created labels for each database record 7

  8. Example Setting Alex’s records are Labeled with a taint ‘A’ 8

  9. Example Setting VM instance that runs application logic 9

  10. Example Setting Custom LOGIN module & Declassifier 10

  11. Example Setting Network Level Enforcer in Dom0 11

  12. Normal User’s Interaction A1. Login & “Get My Balance” A3. Start Worker A4. Get Process Alex’s Balance A6. A2. Authen- Alex’s Labeled ticate Worker Replies Alex to Process A5. Ans = Declassifier $100, Label=‘A’ A7. Alex’s Replies pass A8. Reply = $100 12

  13. An Attacker’s Interaction B1. Login, SQL exploit to get Bob & Alex’s Balance B3. Start B4. Get Worker Bob & process Alex’s Balance Bob’s B2. Authen- Worker ticate Process B5. Ans= Bob ($10, $100 ) B6. Label=‘B, A ’ Labeled replies B7. Bob’s Replies are blocked 13

  14. SilverLine Configuration • Labeling Service – Specify Taint Creation Policy when query := “INSERT” and table := “USERS”: Generate a new label; add it to the DB record • Custom Login module – Provided by each tenant – Authorizes legitimate users 14

  15. SilverLine Solution: Isolation Problem Attack Solution Service exploit, SilverLine’s Operating Information Flow Data Loss environment exploit, Tracking and Control Misconfigurations Gain more SilverLine’s information about obfuscation of Network the environment network metrics to Side-Channels through namespace, reduce the RTT and hop-count information entropy. study 15

  16. SilverLine Network Isolation • IP address obfuscation – Actual Internal IP to Pseudo IP – OpenFlow protocol Actual IP Pseudo IP • Entirely in the software a.b.c.d w.x.y.z • Minimal changes --------- --------- Centralized VM1 VM2 VM3 Controller Local Click Software Router Controller with OpenFlowClick 16

  17. SilverLine Network Isolation • Normalize network metrics – Realistic RTTs between instances – Minimal threshold on hop counts – Modified openflow module for per packet decision Delay Queue to simulate realistic delays From Internal between virtual machines Virtual Machines To Internal vitf0 vitf0 Virtual Machines vitf1 vitf1 OpenFlowClick Element From External Virtual Machines To External eth0 eth0 Virtual Machines 17

  18. SilverLine Summary • Data Isolation: Information Flow Tracking • Network Isolation: Reducing the entropy of the network side-channels Future Work • Measure the taint leakage • Fine grained tainting in a VMM 18

  19. Questions B1. Login, SQL exploit to get Bob & Alex’s Balance B3. Start B4. Get Worker Bob & process Alex’s Balance Bob’s B2. Authen- Worker ticate Process B5. Ans= Bob ($10, $100 ) B6. Label=‘B, A ’ Labeled replies B7. Bob’s Replies are blocked 19

Recommend


More recommend