2. Rationalization and
Defense in Depth -
Two Steps Closer to
the Clouds
OTN Architect Day 2011
3. Perimeter Security
DB
All network traffic All network traffic blocked
blocked except for except from the proxy.
specific ports.
Web Server Application Message Mainframe
(app Proxy) Server Queue Application
Client
Firewall Firewall
DB DB
DMZ
Unprotected Zone Perimeter Protected Zone(s)
⢠Can establish multiple perimeters ⢠Alone, often involves a lot of implied trust
⢠Each perimeter can be more restrictive ⢠Modern environments donât have such a clearly
⢠Perimeters can be at varying degrees of granularity defined perimeter
OTN Architect Day 2011
4. Defense in Depth
⢠Military defensive strategy to secure
a position using multiple defense "Krak des Chavaliersâ, Syria
mechanisms.
⢠Less emphasis is placed on a single
perimeter wall
⢠Several barriers and different types
of fortifications
⢠Objective is to win the battle by
attrition. The attacker may overcome
some barriers but canât sustain the
attack for such a long period of time.
OTN Architect Day 2011
5. Several Layers of Defense
Data
Each layer introduces Each layer can contain
Application
additional security multiple levels of
measures Host control
Internal Network
Perimeter
Physical
Policies, Procedures, & Awareness
OTN Architect Day 2011
6. Defense in Depth: Greater Control
Many enforcement points
Data
Application / Service
Host
Internal Network
Perimeter
Physical
Policies & Procedures
Consistent set of policies & procedures
OTN Architect Day 2011
7. Security Silos
Support ⢠Application silos with their own
standalone security architecture
⢠Integration is hard enough
without security
!
! ⢠End users have many
logins & passwords
End User
Security Administrator
⢠Administration is time-
consuming and error-prone
⢠Auditing is inaccurate
? and/or impossible
Finance
Sales
Security Auditor
OTN Architect Day 2011
8. Security Framework Support
⢠Security is part of the foundation,
not an inconvenient afterthought
⢠Users have one
identity and a set of
roles & attributes that
govern access End User
Security Security Administrator
⢠Administration
operator-centric, not Framework
system-centric
⢠Auditing is possible
and realistic Finance
Sales
Security Auditor
OTN Architect Day 2011
9. Security Framework High Level Architecture
Information Processing: Information Management:
⢠Provides a secure run-time environment ⢠Provides confidentiality, integrity, and
⢠Offer security services to business logic availability for information management
⢠Allow solution-level security admin ⢠Allow db-level security administration
Security Framework:
Development &
Administration
Business ⢠Provides shared security services
Information
Design &
Logic ⢠Manage security data for the enterprise
⢠Allow enterprise-level security admin
Information
Security Interfaces
Management
Processing
Security Interfaces:
Security Services ⢠Provide consistent access to security
Shared Security Services
services
⢠Embrace open, common industry
Enterprise Security Information standards
Security Management & Administration
Enterprise Security Framework
OTN Architect Day 2011
10. Container-Based Computing Platform
⢠Container enforces security on behalf
of the protected resources
Inbound
Requests ⢠Access to security services via
Web Business
Client Pages Logic standard APIs & libraries
Protected Resources
⢠Plug-in framework allows one to
Container
configure multiple providers for each
Standard Security APIs & Libraries
security service
Platform Security Plug-in Framework ⢠Providers may be selected and
Security Providers
configured based on the needs of the
solution
Security Services
Authentication Authorization Credential Mapping ⢠Providers can be included with the
Role Mapping Auditing Encryption ⌠platform or custom written for a
specific purpose
OTN Architect Day 2011
11. Database Platform Security
⢠Transactional
⢠Historical
Administration
⢠Unstructured Information
Design &
Administrative
⢠Audit
⢠Access Control
⢠Security
Information ⢠SoD Rules & Controls
⢠Realms
Management
⢠Auditing
Security Services
Access Control Encryption & Masking Auditing & Availability
⢠Multi-Factor AuthN ⢠Network ⢠Central collection & control
⢠Label Security ⢠Persistence ⢠Local online archive
⢠Table Policies ⢠Backup
Firewall
⢠Connection Id ⢠Dev & Test Masking
⢠SQL inspection & rejection
OTN Architect Day 2011
13. SOA Scenario
Policy Manager
App Server App Server
Service WSS WSS Service
Consumer Agent Agent Provider
Platform Security Id CM Mediation AAA Id Platform Security
WSS Agent
Legacy DB
Platform Service
Firewalls Security Provider
DMZ
Security
External WSS AuthN AuthZ Audit
Token
Consumer Gateway Service Service Service
Service
OTN Architect Day 2011
15. (Some of) The GoodâŚ
⢠Cloud providers have a deep vested interest in
security
⢠Must prove themselves to the market
⢠Often much greater investment and attention to detail than
traditional IT
⢠Cloud homogeneity makes security auditing/testing
simpler
⢠Shifting public data to an external cloud
reduces the exposure of the internal
sensitive data
⢠Data held by an unbiased party
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
OTN Architect Day 2011
16. âŚThe BadâŚ
⢠Multi-tenancy; need for isolation management
⢠High value target for hackers
⢠Fragmentation; creation of more silos
⢠Data dispersal and international privacy laws
⢠EU Data Protection Directive and U.S. Safe Harbor program
⢠Exposure of data to foreign government and data subpoenas
⢠Data retention issues
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
OTN Architect Day 2011
17. âŚ& The Ugly
⢠Trusting another vendorâs security model
⢠Proprietary implementations
⢠Audit & compliance
⢠Availability: Relying on a vendor to stay in business
http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-computing-v26.ppt
OTN Architect Day 2011
18. SaaS Patterns Authorization Authorization
Access Policy Access Policy
Management Management
Provider
B Identity
Provider
Management
A
Provider
SAML C
User id & attributes
User Id
SPML
SAML
Authentication
Authorization
Authentication Authorization STS Identity
Provider
D Management
Identity Access Policy
Management Management SAML, WS-Trust, Access Policy
WS-Federation Management
OTN Architect Day 2011
19. Recommendations
1. Assess your risks
2. Classify your information
3. Define policies and procedures
4. Maintain most sensitive data in house
5. Donât outsource your security management
6. Follow a security architecture / roadmap
7. Design patterns for cloud computing
8. Choose a secure platform
OTN Architect Day 2011
20. Takeaways (Cloud or not)
ďź Deploy Defense in Depth
⢠Good general strategy to protect highly distributed
systems (SOA, BPM, Cloud, etc.)
⢠Limit your risks
ďź Consolidate your resources
⢠Standardized frameworks, services, & technologies
⢠Implement processes & policies
ďź Plan Ahead
⢠Classification strategy: know your systems & data
⢠Cloud strategy: know your options & vendors
⢠Risk management: choose wisely & CYA
Visit the ITSO Reference Library at www.oracle.com/goto/itstrategies