Computer Security Laboratory Why Does Your Data Leak? Uncovering the Data Leakage in Cloud from Mobile Apps Chaoshun Zuo , Zhiqiang Lin, and Yinqian Zhang Department of Computer Science and Engineering The Ohio State University IEEE S&P 2019 T HE O HIO S TATE U NIVRESITY
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Recent News Headlines about Cloud Data Leakage 2 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Recent News Headlines about Cloud Data Leakage 2 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Recent News Headlines about Cloud Data Leakage 2 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Recent News Headlines about Cloud Data Leakage 2 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References The Mobile Backend as a Service (mBaaS) Clouds APIs running On the Cloud Cloud App Engines Mobile Backend Client Library Mobile Backend Databases Push Notification Client Server 3 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References The Mobile Backend as a Service (mBaaS) Clouds APIs running On the Cloud Cloud App Engines Mobile Backend Client Library Mobile Backend Databases Push Notification Client Server 3 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Data Leakage is Essentially an Access Control Problem Bob’s Data Bob Online Service Alice Alice’s Data 4 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Data Leakage is Essentially an Access Control Problem Bob’s Data Bob Access Control Alice Alice’s Data 4 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Data Leakage is Essentially an Access Control Problem Bob’s Data Bob Access Control Alice Alice’s Data 4 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Data Leakage is Essentially an Access Control Problem Authentication Bob’s Data Authorization Bob Password Token Alice Alice’s Data 4 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Cloud Resources User A Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Credential A (App Key) Cloud Resources User A Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Credential A (App Key) Cloud Resources User A Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Credential A (App Key) Cloud Resources User A Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Credential A (App Key) Cloud Resources User A Credential B (App Key) User B Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Cloud Resources Developer/Administrator Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Cloud Resources Root Key Developer/Administrator Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References How Do Mobile Apps and mBaaS Cloud Communicate Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 5 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Our Discovery Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 6 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Our Discovery Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 6 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Our Discovery Authentication The Root Causes of the Cloud Data Leakage Credential A (App Key) Cloud Resources User A 1 Misuse of Various Keys in Authentication Root Key ◮ Microsoft Azure Storage Developer/Administrator ◮ Microsoft Azure Notification Hubs Credential B (App Key) ◮ Amazon AWS User B Authorization 2 Misconfiguration of User Permissions in Authorization ◮ Google Firebase ◮ Amazon AWS 6 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misuse of Various Keys in Authentication Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 7 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misuse of Root Keys in Microsoft Azure Service Key Type Example Account DefaultEndpointsProtocol=https; Azure Key AccountName=*;AccountKey=* Storage https://*.blob.core.windows.net/* SAS ?sv=*&st=*&se=*&sr=b& sp=rw&sip=*&spr=https&sig=* Endpoint=sb://*.servicebus.windows.net/; Listening SharedAccessKeyName= Key Default Listen SharedAccessSignature; Notification SharedAccessKey=* Hub Endpoint=sb://*.servicebus.windows.net/; Full SharedAccessKeyName= Access Key Default Full SharedAccessSignature; SharedAccessKey=* 8 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misuse of Root Keys in Microsoft Azure Service Key Type Example Account DefaultEndpointsProtocol=https; Azure Key AccountName=*;AccountKey=* Storage https://*.blob.core.windows.net/* SAS ?sv=*&st=*&se=*&sr=b& sp=rw&sip=*&spr=https&sig=* Endpoint=sb://*.servicebus.windows.net/; Listening SharedAccessKeyName= Key Default Listen SharedAccessSignature; Notification SharedAccessKey=* Hub Endpoint=sb://*.servicebus.windows.net/; Full SharedAccessKeyName= Access Key Default Full SharedAccessSignature; SharedAccessKey=* 8 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Our Discovery Authentication The Root Causes of the Cloud Data Leakage Credential A (App Key) Cloud Resources User A 1 Misuse of Various Keys in Authentication Root Key ◮ Microsoft Azure Storage Developer/Administrator ◮ Microsoft Azure Notification Hubs Credential B (App Key) ◮ Amazon AWS User B Authorization 2 Misconfiguration of User Permissions in Authorization ◮ Google Firebase ◮ Amazon AWS 9 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misconfiguration of User Permissions in Authorization Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 10 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misconfiguration of User Permissions in Authorization Authentication Credential A (App Key) Cloud Resources User A Root Key Developer/Administrator Credential B (App Key) User B Authorization 10 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misconfiguration of User Permissions in Google Firebase { "rules": { "users": { "$uid": { ".read": "$uid === auth.uid", ".write": "$uid === auth.uid" } } } } Figure: A Correct Firebase Authorization Rule 11 / 32
Introduction Our Discovery LeakScope Evaluation Related Work Summary References Misconfiguration of User Permissions in Google Firebase { "rules": { "users": { "$uid": { ".read": "$uid === auth.uid", ".write": "$uid === auth.uid" } } } } Figure: A Correct Firebase Authorization Rule { { "rules": { "rules": { ".read": "auth != null", ".read": true, ".write": true ".write": "auth != null" } } } } (a) (b) Figure: Two Misconfigured Firebase Authorization Rules 11 / 32
Recommend
More recommend