390 likes | 597 Views
Cloud Computing Infrastructure Security. Peng Ning With Ahmed Azab , Xiaolan Zhang, Wu Zhou, Xuxian Jiang, and Zhi Wang. Supported by the US NSF under grant # 0910767, the US ARO under the grant # W911NF-08-1-0105, and IBM under Open Collaboration Research (OCR) Awards. Outline.
E N D
Cloud Computing Infrastructure Security Peng Ning With Ahmed Azab, Xiaolan Zhang, Wu Zhou, Xuxian Jiang, and Zhi Wang. Supported by the US NSF under grant # 0910767, the US ARO under the grant # W911NF-08-1-0105, and IBM under Open Collaboration Research (OCR) Awards. ACNS 2012
Outline Background Security threats to cloud computing Security of cloud computing infrastructure • Driven by a new security architecture for cloud computing • Hypervisor-based security services • Offline VM image security services • Hypervisor integrity services • Isolation that can bypass hypervisor control Conclusion ACNS 2012
What is Cloud Computing Wikipedia • Cloud computing is a paradigm of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet • Users need not have knowledge of, expertise in, or control over the technology infrastructure in the "cloud" that supports them • Reduction in hardware, operational and administrative costs Virtualization is a key to cloud computing • Scalability • Ease of use • Affordable pricing ACNS 2012
Example: Amazon Elastic Compute Cloud (EC2) Verify the Instance EC 2 Management Console Start an Instance Launch the Instance Set up the Instance ACNS 2012
Security Threats in Cloud Computing External threats Guest-to-guest threats Guest-to-cloud threats Cloud-to-guest threats ACNS 2012
Cloud Computing Infrastructure Security Our proposal • A security architecture for compute clouds • Focus on Infrastructure as a Service (IaaS) • Addition of security architecture components • Hypervisor-based security services • Offline VM image security services • Hypervisor integrity services • Isolation mechanisms that can bypass the hypervisor ACNS 2012
A Typical Compute Cloud ACNS 2012
Virtualization-based Runtime Security Services HIMA [ACSAC ’09] HookSafe [CCS ’09] ACNS 2012
Example Service: HIMA Ahmed M. Azab, Peng Ning, Emre C. Sezer, and Xiaolan Zhang, "HIMA: A Hypervisor Based Integrity Measurement Agent," in Proceedings of ACSAC 2009, December 2009. HIMA: Hypervisor based Integrity Measurement Agent Validation of VMs with runtime guarantees • Measure the VM OS and applications loaded into guest VMs • Actively monitor all guest events that could change measured applications • Time of Check to Time of Use (TOCTTOU) consistency Prototypes • Initial implementation works for Xen (para-virtualization) • Ported to support KVM (hardware assisted virtualization) ACNS 2012
VM Image Security Services Nüwa—offline patching [ACSAC ’10] Offline virus scanning [CCSW ’09] ACNS 2012
Example Service: Nüwa(女娲) Nüwa – Offline Patching of VM Images Motivation • Dormant VM images usually contain vulnerabilities • Offline patching service • A desirable security service in compute clouds Technical challenge • Current patching system: Designed for running systems • Pre- and post-processing scripts • Examples: Stop/start daemons; Conditional updates ACNS 2012
Nüwa Approach Wu Zhou, Peng Ning, Xiaolan Zhang, Glenn Ammons, VasanthBala, Ruowen Wang, "Always Up-to-date -- Scalable Offline Patching of VM Images in a Compute Cloud," in Proceedings of ACSAC 2010, December 2010. Two phases • Phase 1: Automatic script rewriting • Phase 2 (Leftovers): Resort to online updates • Our research focus is on script rewriting Variations • Standalone Nüwa:Offline patching of individual VM images in emulated environments • Mirage-based Nüwa: Batched offline patching using the Mirage VM image library ACNS 2012
Some Evaluation Results Standalone Nüwa • Base VM image • 64-bit Ubuntu8.04; 406 patches (collected on 10/26/2009) • 402 patches can be applied offline (99%) • Failure cases • Mono-gac package and three others that depend on it Mirage-based Nüwa • 100 VM images based on 32-bit Ubuntu 8.04 • Using 100 randomly selected subsets of basic Ubuntu tasks • Top 8 security updates from Ubuntu Security Notices • Ranked by Ubuntu popularity contest • All data collected on 01/18/2010 ACNS 2012
Some Evaluation Results (Cont’d) * “Average” refers to the average of all 402 packages. Performance gain by standalone Nüwa • About 4 times speedup ACNS 2012
Some Evaluation Results (Cont’d) Additional speedup by Mirage-based Nüwa • Another 2 – 10 times ACNS 2012
Hypervisor Integrity Services HyperSentry [CCS ’10] ACNS 2012
Example Service: HyperSentry Why HyperSentry? • Hypervisor is the highest privileged software • Compromise of hypervisor compromise of the system • Hypervisors cannot be blindly trusted • Example #1: Xen owning trilogy [BlackHat 2008] • Example #2: VM Ware ESX 3.x • 6/18/12:67 Secunia advisories; 562 vulnerabilities; 7%Secunia advisories not patched • Hypervisor's code base is growing More vulnerabilities? ACNS 2012
HyperSentry HyperSentry • Stealthy and in-context measurement of hypervisor integrity Challenges • A fundamental problem • How to measure the integrity of the highest privileged software? • Hypervisor has full control of the software system (most of the time) • Scrubbing attacks • Tampering with the measurement agent • Tampering with the measurement results • Relying on a higher privileged software goes back to the same problem ACNS 2012
The HyperSentry Approach Ahmed M. Azab, Peng Ning, Zhi Wang, Xuxian Jiang, Xiaolan Zhang, Nathan C. Skalsky, "HyperSentry: Enabling Stealthy In-context Measurement of Hypervisor Integrity,” in ACM CCS 2010, October 2010. HyperSentry • A generic framework to stealthily measure the integrity of a hypervisor in its context Key ideas • Allow the measurement software to gain the highest privilege temporarily • Measurement is triggered stealthily • Scrubbing attacks • Isolate measurement results from the hypervisor ACNS 2012
Case Study: Verifying the Integrity of Xen Integrity measurement • Code: SHA-1 hash of Xen's code; Control flow verification • Date: Detect unauthorized sharing of physical pages across guest VMs Performance (on IBM HS21 XM blade server) • End-to-end execution time: 35ms • Periodical measurement: Every 8s: 2.4%; every 16s: 1.3% ACNS 2012
Isolated Execution Bypassing Hypervisor Control SICE [CCS ’11] ACNS 2012
SICE: Strongly Isolated Computing Environment VM/ Workload VM VM VM VM VM Legacy Host (Hypervisor/OS) Legacy Host (Hypervisor/OS) SICE Hardware Hardware Virtualized Platform Virtualized Platform with SICE Ahmed Azab, Peng Ning, Xiaolan Zhang, “SICE: A Hardware-Level Strongly Isolated Computing Environment for x86 Multi-core Platforms,” in Proceedings of ACM CCS 2011, October 2011. ACNS 2012
Foundation of SICE System Management Mode (SMM) • x86 operating mode for system management functions • Single entry point: System Management Interrupt (SMI) • SMRAM: Isolated from the rest of system • Not accessible by the system software (e.g., hypervisor) • AMD processors implementation • Resizing the SMRAM at runtime • Separate SMRAM range for each CPU core • Main challenges • SMM has escalated privileges • The CPU runs slowly and has limited functionality ACNS 2012
Foundation of SICE (Cont’d) Trusted/Secure boot • Building the trust chain during system initialization • C-RTM BIOS Boot loader Initial hypervisor/OS image • Secure hardware extensions (e.g., the TPM) • Seals and authenticates the measurement output • Main challenge • Trust cannot be sustained due to potential runtime attacks ACNS 2012
SICE Architecture • Special hypervisor: • Confines the isolated workload • Trusted by the host Provided by the user • Secure boot • Consists of 300 SLOC to: • Maintain the isolation • Initialize and attest to the isolated environment • Communication channel: • Providing hardware services SMRAM Legacy Host Isolated Environment VM VM APP Isolated Workload (VM) SMI Handler (SICE) Security Manager (hypervisor) Hypervisor/OS Trusted Untrusted Hardware Isolated DMA Devices CPU, TPM, BIOS, etc… Virtualized Platform with SICE Implementation requirements • Hardware: AMD processors • BIOS: Load the SMI handler • Legacy host: Provide the communication channel ACNS 2012
SICE Operations Operating modes • Time-sharing Mode (an intermediate step) • Multi-core Mode Remote attestation • The initial image of the isolated environment • Secure communication with remote users ACNS 2012
Time-sharing Mode • Initialization • Secure boot • SMI to load the isolated workload • Execution environment switching • SMI to trigger the isolated environment • Changing the saved CPU state • Changing the SMRAM memory range • Fresh CPU start in the new environment • SMI to return to the legacy host • Termination Legacy Host Isolated Env. SMRAM Legacy Host SMRAM Running Workload Workload Image SMI SMI Handler (SICE) SMI Security Manager (Hypervisor) Security Manager Image Hardware BIOS/TPM ACNS 2012
Multi-core Mode Concurrent sharing of the hardware • Good utilization • One or more CPU cores are assigned to either • The isolated environments • The legacy host Main challenges • Event isolation • Memory isolation ACNS 2012
Multi-core Mode (Cont’d) • AMD processors: • Define the SMRAM • SMM_BASE • SMM_MASK Core n Core n Core 1 Core 1 • Core 0: • Registers • MSRs • L-APIC • L1 Caches • Core 0: • Registers • MSRs • L-APIC • L1 Caches • Memory Control Hub (North Bridge): • Configuration registers • L2 Cache • I/O registers • Memory Control Hub (North Bridge): • Configuration registers • L2 Cache • I/O registers General multi-core processor architecture ACNS 2012
Multi-core Mode Operations SMRAM Legacy Host Workload Image SMI SMI Handler (SICE) Security Manager Hardware Initialization • Secure boot • Loading the isolated workload ACNS 2012
Multi-core Mode Operations Isolated Env. Legacy Host SMRAM SMRAM Legacy Host SMRAM Running Isolated Workload (VM) Workload Image Workload Image Isolated Workload SMI Handler (SICE) SMI Handler (SICE) Security Manager (Hypervisor) Security Manager Security Manager Isolated CPU Core Host CPU Core Hardware BIOS/TPM Running the isolated environment: The isolated core • Changing saved CPU state • E.g., page tables, interrupt descriptor, instruction & stack pointers • Changing the SMRAM memory range (password stored in SMRAM) • Fresh CPU start in the isolated environment ACNS 2012
Multi-core Mode Operations Isolated Env. Legacy Host SMRAM SMRAM Legacy Host Running Isolated Workload (VM) Workload Image Isolated Workload SMI Handler (SICE) SMI Handler (SICE) Security Manager (Hypervisor) Security Manager Isolated CPU Core Host CPU Core Hardware BIOS/TPM Running the isolated environment: The host core • Return to the legacy host No environment switching necessary ACNS 2012
Multi-core Mode Event Isolation Event isolation • Prevent the legacy host and the isolated workloads send events to each other • Events between cores: Inter-Processor Interrupts (IPI) Two types of IPIs • MaskableIPIs • Can be blocked by recipient core’s APIC • Non-maskableIPIs • Can be controlled by Global Interrupt Flag (GIF) • Clear GIF to ignore or hold all IPIs ACNS 2012
Multi-core Mode Event Isolation (Cont’d) Protecting the host core • The security manager runs as a thin hypervisor • Prevents the isolated workload from privileged hardware access Protecting the isolated core • The security manager • Clear GIF • All IPIs are disabled • The isolated workload • Set the GIF and re-enable maskableIPIs • IPIswill cause a VM exit, which are examined by the security manager for processing ACNS 2012
Multi-core Mode Memory Isolation • Memory Isolation • Assigning different memory ranges to different CPU cores • Memory double-view technique • Each CPU core has its own SMRAM Set by the security manager Set by the SMI handler Shared Memory Isolated Workload Registers: • Nested cr3 MSRs: • SMM_Mask • SMM_Address Security Manager SMI Handler Physical Memory Host Core(s) Isolated Core(s) Registers: cr3 MSRs: SMM_Mask SMM_Address ACNS 2012
The SICE TCB The isolated environment • Hardware + BIOS + SMI handler (300 SLOC) The legacy host • Hardware + BIOS + SMI handler + The security manager • Similar to micro-hypervisor approaches ACNS 2012
SICE Prototype & Evaluation IBM LS 22 blade server Modifying Qemu/KVM to support a SICE isolated Linux guest • No disk emulation: RAM disk image Time needed for context switching: 46 µs Evaluation results ACNS 2012
Conclusion Infrastructure security of cloud computing • Necessary for new research • Better security protection for cloud workloads Security architecture for cloud computing • Hypervisor-based runtime security services • VM image security services • Hypervisor integrity services • Isolated execution bypassing hypervisor control • Not necessarily complete • Hopefully a guidance/framework for innovative ideas Stay relevant!!! ACNS 2012
Questions? Thank You! ACNS 2012