This document provides an overview of secure cloud hosting best practices for enterprise messaging solutions. It discusses the benefits and risks of cloud computing, as well as common deployment and service models. The document then focuses on Infinite Convergence's Enterprise Messaging Service (EMS), which is hosted privately and securely at Infinite's premises. Some key security practices for EMS include robust identity and access management, comprehensive monitoring and metering, adherence to service level agreements, and lifecycle management of applications and data. Virtualization is also discussed as the core technology enabling efficient cloud hosting.
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Secure Cloud Hosting.paper
1. June 2013
Technical Paper
Secure Cloud Hosting: Best Practices
Enterprise Messaging Solutions
Infinite Convergence
By Jagannath Rao & Pankaj Jaiswal
2. April 2013 Page 2 Infinite Computer Solutions India P Ltd.
Contents
Executive Summary....................................................................Error! Bookmark not defined.
Introduction to Cloud Service....................................................................................................4
Definitions ..............................................................................................................................4
Benefits ....................................................................................................................................5
Risks .........................................................................................................................................5
Deployment Models of Cloud Computing.......................................................................5
Service Models of Cloud Computing.................................................................................6
Some of the best practices for providing Cloud Based Service ....................................8
1. Management and Governance......................................................................................................8
Virtualization ..............................................................................................................................10
An Overview of Traditional Web Hosting......................................................................10
........................................................................................................................................................10
A view of how a web hosting application is implemented in Amazon’s AWS
architecture is shown below. .............................................................................................10
Enterprise Messaging Overview .............................................................................................13
Secure Cloud Hosting................................................................................................................15
What Needs to be Secured in a Cloud?............................................................................15
Some Additional Security Aspects for the Cloud..........................................................19
Acknowledgements & Bibliography ......................................................................................21
3. April 2013 Page 3 Infinite Computer Solutions India P Ltd.
Section 1
Abstract
Enterprises & Service Providers are moving towards Cloud Based Computing and
Services to reduce costs and improve efficiency. It has become an integral part of
providing ease of deployment, scalability and flexible payment based on actual
usage.
However security remains a concern for many customers. Certain class of services
have several restrictions that have prevented such customers from benefiting from
cloud services.
These security issues fall under 3 broad categories of protection:-
Physical Security
Network level security
Protection of Data
This paper provides an overview of cloud based services and examines some of the
constraints around these issues and describes some of the practices used at Infinite
to alleviate security hazards and provide a comprehensive cloud hosted solution to
enterprise customers.
This solution is based on the Enterprise Messaging Service (EMS) developed and
deployed by Infinite Computer Solutions for banking customers. This service is
hosted at the Infinite Premises.
4. April 2013 Page 4 Infinite Computer Solutions India P Ltd.
Section 2
Overview of Cloud Service
Definitions
Cloud computing is the process of moving information technology resources (computing and
storage) to a centralized environment and accessing resources based on need through a high-
speed internet connection.
Some of the key attributes of a cloud are:-
Is Abstracted and offered as a service
Built on a highly scalable infrastructure
Easily purchased and billed by consumption
Is Shared and can be multi-tenanted
Provides dynamic, elastic, flexibly configurable resources
Is Accessible centrally over the Internet
There are typically 2 models for providing the cloud service:
Private Cloud: Hosted within the enterprise as a centralized resource.
Public Cloud: Publicly hosted service that can be accessed by any user on the internet.
A few variations of these (hybrid and community) and depicted below. The Private cloud
provides highest level of security and performance but lacks other advantages of the Public
cloud like scalability and cost effectiveness.
Healthcare
Financial
Telecom
Media
Enterprise
Govt
Public
Cloud
Private
Cloud
Hybrid
Community
Cloud
5. April 2013 Page 5 Infinite Computer Solutions India P Ltd.
The key characteristic of cloud computing is its ability to scale and provision computing power
dynamically in a cost efficient manner.
The key technology involved in providing a cloud service is Virtualization. This is described in
more detail in the next section.
Benefits
Because the IT resources and software applications are maintained and managed centrally and
off premises, companies typically pay only for the services they need and use. Other benefits
include Scalability, Agility, Adaptability and Flexibility.
Risks
Security and Privacy Security and privacy may represent the biggest risks to moving services to
external clouds exposing the data, information and intellectual. Additionally, in a multi-tenant
environment, it become necessary to provide the level of isolation and associated guarantees.
Standards that guarantee security are still emerging. It also becomes challenging to monitor and
enforce security policies including vulnerability assessment of applications and data and privacy.
The other risk is to clearly define methods for defining, validating and implementing SLA’s.
Return on Investment is the other concern for large enterprises since many large enterprises can
reap the benefits of significant economies of scale in their own internal IT operations.
While cloud computing initially appears to be less expensive in terms of upfront costs, the
comparison may be much more competitive when total cost of ownership (TCO) that include
recurring costs, managing potential risks, cost of networking and managing the several touch
points are taken into account.
Deployment Models of Cloud Computing
Cloud computing enables ubiquitous, convenient, on-demand network access to a shared pool of
configurable computing resources (e.g., networks, servers, storage, applications, and services)
that can be rapidly provisioned and released with minimal management effort or service provider
interaction.
According to the National Institute of Standards and Technology, cloud computing can be
deployed using any one of the four models described below. :
Private Cloud
The cloud infrastructure is provisioned exclusively within the enterprise as a centralized resource.
The security of such a service is determined by the security within the enterprise.
Community Cloud
The cloud infrastructure is shared by several organizations that have shared concerns (e.g.,
mission, security requirements, policy, and compliance considerations). It may be managed by a
community of these organizations or a third party (or both) and may exist either on or off
premises.
6. April 2013 Page 6 Infinite Computer Solutions India P Ltd.
Public Cloud
The cloud infrastructure is operated for the general public or a large industry group and is owned
by an organization providing cloud services. It exists on the premises of the service provider.
Public Cloud. It can be accessed by any user on the internet. The security is determined by the
security provided within the cloud as well as the connectivity
Hybrid Cloud
The cloud infrastructure is a composition of two or more cloud infrastructures (private,
community, or public) that remain unique entities but are bound together by standardized or
proprietary technology that enables data and application portability (e.g., cloud bursting for load
balancing between clouds).
Cloud computing applications are usually optimized to provide a simple, easy-to-use interface,
reducing installation, deployment time and improved communication between various software
packages and availability. Cloud computing services also allow scheduling of upgrades, security
updates minimizing impact to users.
Service Models of Cloud Computing
The organization’s scope and control over the cloud computational environment can be affected
by the service models supported by the cloud. Described below are three of the most well-
known and frequently used service models.
Software as a Service (SaaS)
Software as a service (SaaS). Software deployed as a hosted service and accessed over the
Internet. The capability provided to the consumer is to use the provider’s applications running on
a cloud infrastructure. The applications are accessible from various client devices through a thin
client interface such as a web browser (e.g., web-based email). The consumer does not manage
or control the underlying cloud infrastructure including network devices, servers, operating
systems, storage or the individual application capabilities with the possible exception of limited
user-specific application-configuration settings. In the case of SaaS, the usage is measured
based on the number of users, the time, per-execution, per-record-processed, network bandwidth
consumed, and quantity/duration of data stored
Platform as a Service (PaaS)
Platform as a service (PaaS): Platforms that can be used to deploy applications provided by
customers or partners of the PaaS provider.The capability provided to the consumer is to deploy
onto the cloud infrastructure consumer-created or acquired applications created using
programming languages and tools supported by the provider. The consumer does not manage or
control the underlying cloud infrastructure including network, servers, operating systems, or
storage, but has control over the deployed applications and, possibly, the configuration of the
application-hosting environment. In case of PaaS, the usage is measured based on the number
of subscribers, the kind of subscribers (e.g. developers vs. application end users), storage,
processing, or network resources consumed by the platform, requests serviced and the time the
platform is in use .
7. April 2013 Page 7 Infinite Computer Solutions India P Ltd.
Infrastructure as a Service (IaaS)
Infrastructure as a service (IaaS): Computing infrastructure, such as servers, storage, and
network, delivered as a cloud service, typically through virtualization. The capability provided to
the consumer is to provision processing, storage, networks and other
Fundamental computing resources to deploy and run arbitrary software, which can include
operating systems and applications. The consumer does not manage or control the underlying
cloud infrastructure but has control over operating systems, storage and deployed applications. In
case of IaaS, the usage fee is measured based on the per CPU hour, data GB stored per hour,
network bandwidth consumed or infrastructure used (e.g., IP addresses) per hour, and value-
added services used.
Examples of where these models are typically used are summarized in the table below
IAAS PAAS SAAS
Storage
Content Delivery Networks
Backup and Recovery
Services Management
Platform Hosting
Compute
Database
Business Intelligence
Development and Testing
Integration
Application Deployment
ERP
Human Resources
Billing
Sales
CRM
Content
Management
8. April 2013 Page 8 Infinite Computer Solutions India P Ltd.
Some of the best practices for providing Cloud Based Service
1. Management and Governance
Opening an account and begin using cloud services might create the risk of
individuals in an enterprise using cloud services for unlawful purposes. Managing
VMs and cloud services such as storage, databases and message queues
effectively is needed to track the services being used. Governance is a crucial
criterion to ensure that policies and government regulations are followed
wherever cloud computing is used. Industry and geography-specific requirements
are other types of governance. Management of VM and governance of polices
and other regulations should be enforced in all the cloud computing scenarios
except for the end-user to cloud scenario.
2. Metering and Monitoring
In a measured service, aspects of the cloud service are controlled and
monitored. This is crucial for billing, access control, resource optimization,
Capacity planning and other tasks
3. Security
Cloud computing scenarios involving an enterprise will usually have more
Sophisticated security requirements than those involving a single end user.
To achieve the necessary security, cloud service providers comprehensive
security practices and procedures including must be adopted. This includes well-
recognized, transparent and verifiable security criteria. Robust identity,
authentication and access control mechanisms commensurate with the level of
sensitivity of the data. Comprehensive and ongoing testing of security measures
is required before and after deployment
4. Service Level Agreement (SLA)
An SLA is a contract between a provider and a consumer that specifies
consumer requirements and the provider’s commitment to them. Typically, an
SLA includes items such as uptime, privacy, security and backup procedures.
In addition to the basic SLAs required by end users, another best practice for
Enterprises that enter into contracts is to establish a standard process for
Benchmarking performance. There must be an unequivocal way of defining what
a cloud provider will deliver, and there also must be an unambiguous way of
Measuring and monitoring what was actually delivered. A machine readable
language for SLAs is one of the standard formats for expressing an SLA. In case
of hybrid computing, this allows the cloud provider to select resources according
to the consumer’s terms without human intervention.
5. Life Cycle Management
9. April 2013 Page 9 Infinite Computer Solutions India P Ltd.
Enterprises must be able to manage the lifecycle of applications and documents.
This requirement includes versioning applications and the retention and
destruction of data. Discovery is a major issue for many organizations. There are
substantial legal liabilities if certain data is no longer available. In addition to data
retention, an enterprise may be interested in destroying data at some point. Many
organizations have legal requirements that data must be kept for a certain period
of time. Some organizations also require that data be deleted after a certain
period of time. It is necessary to provide a mechanism to implement and audit
practices that ensure there requirements are adhered to.
10. April 2013 Page 10 Infinite Computer Solutions India P Ltd.
Section 3
Virtualization
The key technology to provide efficient cloud hosting is virtualization. EMS
makes significant use of Virtualization Architecture in cloud based products.
Some of these concepts based on Vmware are described here.
An Overview of Traditional Web Hosting
Web hosting is typically implemented as a common three-tier web application
model that separates the architecture into presentation, application, and
persistence layers. Scalability is provided by adding additional hosts at these
layers with built-in performance, failover and availability features.
The figure below shows how web hosting can be made scalable by using load
balancers at the web-services and application-services levels
A view of how a web hosting application is implemented in Amazon’s AWS
architecture is shown below.
MySql
Storage/
Backup
App Servers
Data
Load Balancer
Web Servers
App Server
http://www.xxx.com
11. April 2013 Page 11 Infinite Computer Solutions India P Ltd.
Some of the key difference with respect to conventional web hosted architecture
to note are:
Content Delivery: Several options are provided for Edge caching
Managing Public DNS: DNS changes are required to take advantage of the
multiple availability zones
Security: In-bound network traffic should not be confined to the edge but
applied at the host level
12. April 2013 Page 12 Infinite Computer Solutions India P Ltd.
The key technology that enables this is virtualization which is depicted in the
figure below.
Virtualization allows one single hardware running one piece of software to be
seen virtually as several pieces of hardware and software. A large and power
hardware can therefore be better utilized by supporting several software (OS+
Application combination called VM) simultaneously as if they were all running on
different machines thereby bringing economies of scale.
VMWare defines the concept of Hypervisor. A hypervisor (also called a virtual
machine manager-VMM), is a program that allows multiple operating systems to
share a single hardware host. Each operating system appears to have the host's
processor, memory, and other resources all to itself. However, the hypervisor is
actually controlling the host processor and resources, allocating what is needed
to each operating system in turn and making sure that the guest operating
systems (called virtual machines) cannot disrupt each other.
Virtualization…
Decouples software from
underlying hardware
Encapsulates Operating
Systems and applications
into “Virtual Machines”
A Virtual Machine
13. April 2013 Page 13 Infinite Computer Solutions India P Ltd.
Section 4
Enterprise Messaging Service
The ubiquity of mobile devices and the universal reach of mobile messaging is
the most effective and cost-efficient mode of delivering pertinent timely
messages to customers and business partners resulting in enhanced customer
satisfaction and improved customer loyalty.
Enterprise Messaging Service (EMS) is designed to provide enterprises with the
ability to securely communicate with their customers, employees, and business
partners. It uses the same leading edge technology used to power the
messaging engines of tier 1 wireless carriers. The ability of EMS to integrate the
service into the client’s network greatly differentiates its service in the
marketplace.
EMS offers many key capabilities to enterprises:
Cloud-based superior reliability and security, deployment flexibility and
scalability
The Infinite
Convergence
Advantage
Enterprise Messaging Service
SMS
MMS
Mobile
Number
Validation
Data
Archiving
Operator A
Operator B
Operator C
Cloud-Based
EMS
HTTP
SMPP
XML/TCPIP
SMTP
Financial Transactions
Services Offered
• Customized solution to
serve messaging needs
• APIs for simplified
integration
• Engineering & Consulting
services to improve User
Experience and Time to
Market
Healthcare
Travel & Transportation
14. April 2013 Page 14 Infinite Computer Solutions India P Ltd.
Global reach to billions of subscribers securely allowing applications to
connect and exchange messages with customers and employees and other
stakeholders
Maintaining delivery analytics, billing reports and detailed message logs
Easy integration with applications through APIs. Support for multiple standard
interfaces including HTTP(S), SMPP, SMTP & XML
Reliable routing of messages using a store and forward model
EMS Implements industry-leading flexible and redundant cloud architecture with
geo redundancy can delivers anywhere from 99.99% to 99.999 service
availability and scalability to meet enterprise’s messaging volume needs.
15. April 2013 Page 15 Infinite Computer Solutions India P Ltd.
Section 5
Secure Cloud Hosting
Cloud platforms are responsible for customer data and applications. Exposure to
security risks is a concern that most companies contemplating to move the cloud
have since it involves that transfer their IT resources from locally-maintained
servers to the cloud that is exposed. This requires measures to be employed in
order to keep valuable information protected from intrusion or theft. Some of the
threats to guard against are attacks on the application, nefarious use of the
services, intrusion in multi-tenancy system, loss,of data and account hijacking.
While most of these are equally relevant for any IT organization, Cloud
computing best practices need to include higher degrees of password protection,
additional levels of security at the hosting site, and other advanced computing
security measures designed to protect information and applications on the cloud.
In addition it is necessary to have independent order to ensure a good system for
security standards, compliance and audit. Based on the application and
deployment, these include one or more of HIPAA, Cloud Security Alliance, SAS
70 Type II, SOX, PCI (payment card industry) DSS (data security standards) and
ISO27001.
EMS is deployed with Infinite where secure hosting is implemented as a Multi-
dimensional business imperative with robust, detailed policies and procedures in
place.
What Needs to be Secured in a Cloud?
These can be classified into the following areas which have to be at the highest
level of standards:-
1. Physical Security
2. Network Security
3. Application Security
4. Internal Systems Security
5. Secure Data backup
6. Secure internal policies and procedures
Infinite’s Secure Hosting Model implements this as a Information Security
Management System (ISM). The fundamental concept of ISM is confidentiality,
Integrity and Availability shown below.
16. April 2013 Page 16 Infinite Computer Solutions India P Ltd.
Infinite implements ISM in a multi-tiered approach with 129 control points as shown
below:
Information
Security
Physical Security
&
Access Control
Network Security Business Continuity
Policies and Procedures are
implemented for organization
to assure safety, availability,
integrity & confidentiality of
our customers data
Security roles and
responsibilities are
established for all the
employees
ISMS Training is provided
to all employees about the
relevance & importance of
information security
One factor authentication
is implemented in the
organisation to provide
secure enviornment for the
employees
Smoke dectectors, fire
extinguishers are installed
to ensure protection of
all resources
CCTVs have been installed at
the required locations
Appropriate access rights to
the information system are
granted to employees based
on the role
Gateway Firewalls are
installed to protect network
Penetration Testing is carried
out in periodic intervals
Routers are installed and
monitored to regulate
network traffic
Information Security Management System
BCP and DR plans have been
established
L1,L2,L3 disaster locations
are identified
RTO and RPO has been
defined based on the
business needs
Mock drills and Resiliency
Tests are conducted to
ascertain readiness
129 Controls have been effectively deployed
Asset: Anything that has value to the
organization.
Risk: Risk is the likelihood that something bad
will happen that causes harm to an
informational asset (or the loss of the asset).
Vulnerability: A vulnerability is a weakness that
could be used to endanger or cause harm to an
informational asset.
Threat: A threat is anything (man made or act of
nature) that has the potential to cause harm
Confidentiality
Integrity Availability
17. April 2013 Page 17 Infinite Computer Solutions India P Ltd.
Some of the aspects of ISM are describer below
Physical Security
– Access control are installed in the entry/exit points to the data
center
– All the critical hardware are placed in secured Rack
– Camera are installed at ingress/egress points
Network Control
– Firewalls are implemented at the ingress and egress points of the
network
– Intrusion prevention system is implemented at the internet gateway
is monitored from centralized location
– Servers accessed over the internet are placed in the isolated
network (DMZ)
– Internal servers are segregated through VLAN based on the
security requirement
– Centralized monitoring of the network devices in place
– Syslog is enabled on the network device for the audit purpose
Server Management
– Server are installed with the hardened OS
– Based on configuration chosen, Virtual Instances are used to
separate and provide dedicated platform for each customer
– Unnecessary services are disabled
– Password policy is implemented
– Access for the guest accounts are disabled and the default admin
users are renamed or disabled everywhere possible
– Critical Servers audit log are maintained
– Centralized monitoring of servers are implemented
Robust process is implemented for the change & release management.
This includes maintain a list of all users of the cloud in case basic model is
used.
Product Development and Release Compliance. The model below
demonstrates how security is enhanced through a repeatable and
measurable process compliance throughout the Software development
lifecycle.
18. April 2013 Page 18 Infinite Computer Solutions India P Ltd.
This integrates the software development activities right from the
initial stages to provide guidance on secure development reviews,
uniform reviews and security assessments.”
Security Hardening of the Product/Service
The EMS system is security hardened and tested before product release.
These include:-
• Opening of necessary ports only
– Any open ports limit access to specific IP addresses and
ports
• Disabling of Insecure protocols
– Example: Telnet and FTP are disabled by default
• Application of Latest security patches for operating system and
open source
19. April 2013 Page 19 Infinite Computer Solutions India P Ltd.
– Product is updated at least once each release with latest
security patches
• Disabling of unnecessary services
– Example: rlogin, rsh, rcp are disabled by default
• All Management connections protected by SSHv3
– Configurable password complexity, aging, history
• Support for automatic lockout
– Configurable number of login failures lock out user for a
configurable amount of time
Some Additional Security Aspects for the Cloud
Since the cloud needs to address a variety of applications and scale and remain
secure it should embrace a secure-by-design approach: IT organizations need to
focus on identifying controls that address the lack of direct access to information
and addressing these..
It is also necessary to Identify alternative deployment rapidly re-deployment
implementing an active monitoring systems and Developing a plan for rapid
response teams Clouds that deliver scalable services for multiple tenants
(whether tenants are business groups from the same company or independent
organizations) need to isolate instances.
This means sharing of CPU caches, graphics processing units (GPUs), disk
partitions, memory, and other components that were never designed for strong
compartmentalization. The concept of virtualization and hypervisor provides
mechanismsto mediate access between guest operating systems and physical
resources.
However there is a need to ensure that attackers cannot gain unauthorized
access and control of your underlying platform with software-only isolation
mechanisms. Potential compromise of the hypervisor layer can in turn lead to a
potential compromise of all the shared physical resources of the server that it
controls, including memory and data as well as other virtual machines (VMs) on
that server.
Best Practice 1
20. April 2013 Page 20 Infinite Computer Solutions India P Ltd.
EMS is based on Vmware Hypervisor which is used to create multiple virtual
instances as shown below:
The Hypervisor installs on the hardware and is able to create virtual machines
which provide a replica to each application instance. Infinite has partnered with
Vmware to create enterprise applications which can be shared on the cloud and
uses vCenter, Vspher and vCloud network and security. vSphere provides the
basic virtualization capability. vCenter as a central node allows the system to
scale. vCloud network security provides a secure firewall between each instance.
Shielding between customers who use the same hardware is providing by
creating a dedicated instance.
21. April 2013 Page 21 Infinite Computer Solutions India P Ltd.
References & Acknowledgements
The authors would like to thank the ITSG team at Infinite Computer Solutions
India Pvt. Ltd. For insights into secure hosting and ISM. Also the team at
Grameen bank and BSNL India for the several reviews during the deployment of
the EMS service.
1. 5 Best practices for Cloud Security, IBM research
2. AWS Web Hosting Best practices
3. Cloud Security Panning Guide, Intel
4. Silver Lining of Clud Computing, TCS
5. The seven standards of Cloud Computing and Delivery Performance,
Salesforce
6. VMWare Virtualization: The right investment for a tough economy,
VMWare