The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Identity Providers-as-a-Service built as Cloud-of-Clouds: challenges and opportunities
1. Identity Providers-as-a-Service built as
Cloud-of-Clouds: challenges and opportunities
Diego Kreutz and Eduardo Feitosa
FedCSIS/SODIS 2014, Warsaw, Poland
3. Common Threats and Challenges
Cyber Crimes/Attacks!
Software Bugs & Vulnerabilities
Logical Failures
3
4. 4
Vulnerabilities and Treats in IdPs
Vulnerability/Support RADIUS OpenID
Tolerates crash faults (e.g., back-end clusters) YES YES
Tolerates arbitrary faults NO NO
Tolerates infrastructure outages NO NO
Tolerates DDoS attacks NO NO
Risk of common vulnerabilities HIGH HIGH
Risk of sensitive data leakage HIGH HIGH
Diverse security-related vulnerabilities YES YES
Susceptible to resource depletion attacks YES YES
6. 6
What can we do about it?
Approach 1: try to fix
everything!?
7. 7
What can we do about it?
Approach 2: increase the
system’s resilience and
trustworthiness
Hybrid system architectures, specialized components, clouds, …
8. 8
Current State of Affairs
Fault
tolerance/resilience
Level
of
trust
C1
C2
C3 C4
C6
C5
9. Goals
9
Develop new hybrid system
architectures.
Use cloud and multi-cloud
environments to increase the
resilience and trustworthiness of
critical systems.
Reduce costs and foster new
business models.
10. Cloud: some benefits
10
Ø Elasticity of resources"
Ø Cost-effectiveness"
§ Reduce CAPEX and OPEX for business"
Ø Efficient and productive tools and systems"
Ø Protection against high scale attacks"
11. Cloud: some challenges
11
Ø Failures: are still high"
Ø Performance"
§ Hard to measure"
§ Not yet enough for HPC apps"
Ø Price models"
§ No standards"
§ No easy way to measure and compare"
Ø Confidentiality & Privacy"
§ Cloud provider has access to your data"
12. Multi-Cloud: some benefits
12
Ø Increasing reliability"
§ Up to three nines"
Ø Lower costs"
Ø No vendor lock-in"
Ø Better privacy and confidentiality"
§ Multi-cloud storage crypto solutions"
Ø Improved performance"
Ø Diversity of attack defenses"
13. Multi-Cloud: challenges
13
Ø Inter-cloud high network latency"
Ø Network performance, reliability and costs"
Ø Privacy and confidentiality"
§ Yet, still easier to solve than in a single cloud"
Ø Deployment and management costs"
§ Different technologies"
§ Diversity of tools"
§ Lack of standardized interoperability"
17. 17
ROpenID Architecture
User
Browser / !
Certificate /
Attributes!
IdP Service
Replicas!
Service Providers
(SPs) / Relying
Parties (RPs)!
IdP Gateways!
Resilient and
Secue IdP!
Secure Authentication!
(confidentiality)!
Alternative Path!
Default Path!
18. Ø Arbitrary faults:
§ Between the
CIS and
gateway
18
Client!
Cx!
CIS!
Cx!
Service!
Sx!
Gateway!
Gx!
Timeout A! Timeout B!
Corrupted response !
from replica Sx!
Corrupted response !
from replica Gx!
Byzantine behavior!
from replica Cx!
ROpenID Fault Detection Mechanisms
Ø Timeouts:"
§ Between client and service"
§ Between service and gateway"
Ø Corrupted messages detection"
§ Between service and client"
§ Between gateway and service"
19. 19
Main Building Blocks
1. Virtual Machines"
2. Trusted Computing Base"
§ e.g. hypervisors"
3. Trusted Components"
§ e.g. smart cards, TPMs, isolated VMs, secured PCs"
4. Replication & Recovery Protocols"
§ e.g. BFT-SMaRt and ITVM"
5. Diversity"
§ e.g. different operating systems"
6. Strong mutual authentication"
§ e.g. EAP-TLS"
20. 20
What is a TC in our model?
A trusted/secure component can be “any” device capable of ensuring !
the data and operation confidentiality of the target system/environment.!
Smart Cards" TPM" Tamper Resistant
a FPGA"
A Highly Secured
(shielded) Computer"
Virtual TPM"
(e.g. vTPM)"
Secure Hypervisor
(e.g. sHyper)"
40. Identity Providers-as-a-Service built as
Cloud-of-Clouds: challenges and opportunities
Diego Kreutz and Eduardo Feitosa
FedCSIS/SODIS 2014, Warsaw, Poland