ENISA – Cloud Computing Security Strategy
1 / 25

ENISA - PowerPoint PPT Presentation

  • Uploaded on

ENISA – Cloud Computing Security Strategy Dr Steve Purser Head of Technical Department European Network and Information Security Agency (ENISA) OGF28 2010 Munich March, 2010. ENISA. Created in 2004 Centre of Expertise Supports EU institutions

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'ENISA' - ryo

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

ENISA – Cloud Computing Security StrategyDr Steve PurserHead of Technical DepartmentEuropean Network and Information Security Agency (ENISA)OGF282010MunichMarch, 2010


  • Created in 2004

  • Centre of Expertise

  • Supports EU institutions

  • Facilitator of information exchange between EU institutions, public sector & private sector.

  • Advising and assisting

  • Collecting and analysing

  • Promoting methods

  • Raising awareness

Enisa s understanding of c loud computing
ENISA’s Understanding ofCloud Computing

  • Cloud computing is a new business model that allows:

    • Highly abstracted HW and SW resources

    • Rapidscalability and flexibility

    • Near instantaneous provisioning

    • Shared resources (hardware, database, memory, etc...)

    • ‘Service On demand’, usually with a ‘pay as you go’ billing system

    • Programmatic management (e.g. through Web Services API)

ENISA Cloud Computing Objectives

  • Help governments and businesses to leverage the cost benefits of cloud computing taking due consideration of security requirements.

  • Improve transparency on security practices to allow informed decisions

  • Creating trustand trustworthiness by promoting best practice and assurance standards

Reaching the objectives
Reaching the objectives

ENISA Deliverables and Ongoing Activities:

  • Cloud Computing: Benefits, Risks and Recommendations for Information security 2009

  • Assurance framework 2009

  • Research Recommendations 2009

  • Gov-Cloud security and resilience analysis (2010)

  • Cloud Assurance Framework (CAM) consortium 2010

  • 2011 (proposed) procurement and monitoring guidance for government cloud contracts.

Security Information security


Economies of scale
Economies of Information securityscale

  • The same amount of investment in security may result inbetter protection

  • Manysecurity measures are cheaper when implemented on a larger scale.

    • (e.g. filtering, patch management, hardening of virtual machine instances and hypervisors, etc)

The Risks Information security

Very high value assets
Very high value assets Information security

  • More Data in transit (Without encryption?)

  • Management interfaces are interesting targets for attackers.

  • Trustworthiness of insiders.

  • Hypervisors- hypervisor layer attacks on virtual machines are very attractive

Loss of governance
Loss of Governance Information security

  • The client cedes control to the Provider on a number of issues effecting security:

    • External penetration testing may not be permitted.

    • Very limited logs available.

    • Usually no forensics service offered

    • No information on location/jurisdiction of data.

    • Outsource or sub-contract services to third-parties (fourth parties?)

  • SLAs may not offer a commitment to provide the above services, thus leaving a gap in security defences.

Compliance challenges
Compliance Challenges Information security

  • Cloud Provider may not be able toprovide evidence of their own compliance to the relevant requirements.

  • Cloud Provider maynot permit audit by the Cloud Customer.

  • In certain cases, using a cloud implies certain kind of compliance cannot be achieved

Legal and contractual risks
Legal and contractual risks Information security

  • Data may be stored in multiple jurisdictions, some of which may be risky.

  • Lack of compliance with EU Data Protection Directive

    • Potentially difficult for the customer (data controller) to check the data handling practices of the provider

    • Multiple transfers of data exacerbated the problem

  • Subpoena and e-discovery

  • Confidentiality and Non-disclosure

  • Intellectual Property

  • Risk Allocation and limitation of liability

Cryptographic key m anagement
Cryptographic Key Information securityManagement

  • Key management is (currently) the responsibility of the cloud customer.

  • Distributed key management is difficult.

  • Therefore key provisioning and storage is usually out of band – i.e. off-cloud

  • Some models, e.g. one key per account, do notscale to multiple accounts/account holders

  • Hardware security modules are difficult to implement in the cloud.

Vendor lock in
Vendor Lock in Information security

  • Few tools, procedures or standard formats for data and service portability

  • Difficult to migrate from one provider to another, or to migrate data and services to or from an in-house IT environment

  • Potential dependency of service provision on a particular Cloud Provider.

Resource exhaustion
Resource Exhaustion Information security

  • Overbooking

  • Underbooking

  • Caused by

    • Resource allocation algorithms

    • Unpredictable peaks in legitimate demand.

    • Denial of Service

Cloud information assurance framework
Cloud Information Assurance Framework Information security

  • Aims at increasing transparency by defining a a minimum baseline for:

    • Comparing cloud offers

    • Assessing the risk to go Cloud

    • Reducing audit burden and security risks

Cloud information assurance framework1
Cloud Information Assurance Framework Information security

An example

  • Network architecture controls

  • Well-defined controls are in place to mitigate DDoS (distributed denial–of-service) attacks e.g.

    • Defence in depth (traffic throttling, packet black-holing, etc..)

    • Defences are in place against ‘internal’ (originating from the cloud providers networks) attacks as well as external (originating from the Internet or customer networks) attacks.

  • Measures are specified to isolate resource usage between accounts for virtual machines, physical machines, network, storage (e.g., storage area networks), management networks and management support systems, etc.

  • The architecture supports continued operation from the cloud when the customer is separated from the service provider and vice versa (e.g., there is no critical dependency on the customer LDAP system).

Framework 2010 cloud assurance metric
Framework 2010 – Cloud Assurance Metric Information security

Provider comparison on security features

2010 – Supporting EU Governments in Cloud Migration Information security

  • Government in the Cloud: impact on service security & resilience

  • ENISA aims to:

  • Analyze and evaluate the impact of cloud computing on the resilience and security of GOV services

  • Provide recommendations and good practices for European Members State planning to migrate to cloud computing

Governments and the cloud

USA Information security






Governments and the Cloud

  • Gov Agencies and Public Organizations around the globe are moving non-critical applications towards a "cloud approach".

  • In Europe we have some fast adopters, i.e. Denmark and UK, announcing/planning to move into the cloud.

  • In the short-medium term (1 to 3 years) an increasing number of Public Organizations, in EU Member States, will consider/adopt cloud computing.


2011 procurement and monitoring guidelines
2011 procurement and monitoring guidelines Information security


Procurement Criteria

Monitoring and Supervision

Information security procurement criteria and monitoring of government cloud contracts.

Conclusions Information security

  • Cloud computing can represent an improvement in security for non-critical applications and data.

  • But transparency is crucial: customers must be given a means to assess and compare provider security practices.

  • In the current state of the art, migrating critical applications and data to the cloud is still very risky (even private clouds)

  • It is not currently clear to what extent the Cloud Computing model can be applied to applications that require high levels of security.

http://www.nis-summer-school.eu/ Information security

Subscribe to the NIS'10 Newsletter at