Page 1036 - Cloud computing: From paradigm to operation
P. 1036
7 Security
8.2 Data encryption and key management
Encryption and key management are the core mechanisms to protect data in cloud computing systems.
Encryption provides a resource protection capability, while key management provides cryptographic keys
control which are used to protect resources.
The specific implementation of encryption should be clearly defined in the security clause of SLA.
Furthermore, the encryption should follow the relevant industrial and governmental standards. CSPs or CSCs
should seriously consider the following elements:
1) Encryption of data transmission in network. It is especially important to secure credentials such as
financial information, passwords, etc.
2) Encryption of static data on the disk or in the database. It could be used to prevent malicious CSPs
or malicious neighbour tenants.
3) Encryption of data in backup media. It could be used to prevent data leakage in case the backup
media were lost or stolen.
If CSP is the main enforcer of data encryption, key management is an essential issue in daily operations. CSP
should define and execute an integrated key management in the life cycle including the generation, use,
store, backup, recovery, update and destroy. CSPs should also consider the following issues:
1) Protection of key storage: Key storage must be protected as any other sensitive data or even its
security level must be higher than others. Only a specific entity can access the key storage. Related
policies are also needed like separation of roles to enforce a stronger access control.
2) Backup and recovery: As an unexpected loss of a specific key may destroy a service, it is necessary
to implement a key backup and recovery solution.
3) Introduction of the third party for key management: By a series of task separation, it could help CSPs
avoid conflict with legal requirements when data in cloud computing systems is claimed to be
provided.
8.3 System security monitoring
In daily operations, CSPs should undertake centralized real-time security monitoring on the cloud platform
and infrastructure, which includes the running status of various physical and virtual resources. By considering
the key terms of SLA (such as network performance, utilization of host resource and storage, etc.), and
analysing all kinds of logs, CSPs can perform fault management, performance management and automatic
inspection management to achieve the goal for real-time or quasi real-time monitoring of the health status
of cloud resources.
In general, the monitoring logs are managed and strictly protected by CSPs. Nevertheless, once needed by
CSC, CSP could provide CSC with related monitoring logs as they claimed, for instance, CSC might need related
monitoring logs to do trouble shooting in emergency response.
CSPs can also proactively detect potential operational risks and resolve them timely. Furthermore, CSPs
should provide the capability of correlation analysis between CSCs and their services provided by CSPs, which
can be implemented to diagnose the quality and security status of cloud services.
There are two kinds of security monitoring modes: automatic monitoring and manual inspection, which rely
on the technical means and management of individual CSPs. The object of security monitoring involves:
1) Health status monitoring of the cloud computing infrastructure: CSPs should provide the capability
to collect and monitor the security event logs, vulnerability information, alteration of security device
configuration, performance and operational status on all objects of the cloud computing
infrastructure, which include virtual machine (VM) resources, cloud computing management
platform, security devices, database, etc. This monitoring can help CSPs to keep a perceptive
awareness of the overall health status and operating status of the cloud infrastructure.
1028
