Mar 16

SecureCloud 2010: day 1

Tag: (i)realidad,Informática Legal,SystemsJoaquim Anguas @ 11:36 pm

Today I attended the first day at SecureCloud 2010, a two days event organized by ISACA, ENISA, CSA and IEEE centered on security on «The Cloud».

In this first day I had the opportunity to attend to nine talks, all of them very focused and well presented.

Here’s a very concise summary of the sessions:

40 Years of Cloud Computing
First Phil Dunkelberger’s “40 Years of Cloud Computing”, pointed that encryption is not a silver bullet, made a good correspondence between  Zoo / Jungle resemblance with the cloud in terms of predictability and gave some interesting figures on lost related to security breaches: 6,75M USD/incident, 204 USD/record.

Forensics 2.0: Challenges in the Cloud

Second was Dominik Birk “Forensics 2.0: Challenges in the Cloud”, who mainly raised attention on the many problems that the Cloud implies when you need to acquire, process and present evidences. Only snapshots may come to the rescue and their ability to stand in court is unknown at this time.

In the cloud, out of mind

Then Wendy Goucher’s “ In the cloud, out of mind: The challenge of caring about virtual data”. Mrs. Goucher focused on social issues and in making people understand the environment they are working and living, making good points regarding positive re-enforcement and attachment theory.

Cloud Legal Issues

Fourth was the panel “Cloud Legal Issues”, moderated by Dov Yoran,  with Carolyn Herzog, Cynthia O’Donoghue, Paolo Balboni and David Snead. They raised very, very interesting questions and made good points on jurisdiction and interpretation and use of EC Regulation 95/46.

Fighting Fraud from the Cloud

Fifth was Joram Borenstein’s “Fighting Fraud from the Cloud: Metrics War-Stories from the Past 5 Years” who reviewed how the cloud has been (mis)used in the last 4-5 years. He talked about knowledge based authentication and also was interesting how bad guys are using the infrastructure for their own purposes.

Towards Incident Handling in the Cloud

Then at Thomas Schreck’s “Towards Incident Handling in the Cloud: Challenges and Approaches” Mr. Schreck focused on the difficulties that the Cloud adds to the classical incident response from a CERT point of view and the need for the definition of standards and procedures and how important is to build a good relationship with the CSP in order to be agile enough when there’s a breach.

Practical Applications of Trusted Computing in the Cloud

It was the turn for Jesus Molina from Barcelona but working at Fujitsu in SF. His presentation was “Practical Applications of Trusted Computing in the Cloud“ and he insisted on how in the Cloud you have to trust someone else (the CSP) regarding the computing base used, how Trusted Computing can help and secure virtualization and virtual TPM.

CSA Top Threats Research

Mr. Michael Sutton presented “CSA Top Threats Research”. He gave perceived importance from a study and good examples for what he called «the 7 capital sins»:

  • Shared technology vulnerabilities, perceived as 7,2% source of breaches: «Cloudburst: Hacking 3D (and Breaking Out of VMware)» at Blackhat 2009, PDF and MOV.
  • Data loss / leakage, with a perceived 26,1%: » Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds «, PDF.
  • Malicious insiders, perceived at 13%,  “Google Investigates Insider Threat After China Hack”, see here.
  • Interception or hijacking of traffic, perceived as 13%, «Twitter’s own account caused blackout, says DNS provider«, see here.
  • Insecure APIs, with a 13,8%, from AusCert 2009: «P0wning The Programmable Web«, see here.
  • Nefarious use of service, with a 18,1%:  «Hackers Find Home In Amazon EC2 Cloud«, see here.
  • Unknown risk profile, with a 8%: «Heartland Has No Heart for Violated Customers«, see here.

Last but not least, Philippe Courtot keynote. Mr Courtot said that the inconvenient truth in security is that securing our networks is harder than ever, it’s becoming almost impossible as new technologies are building upon themselves at increased speed.