As an oper
As an oper
As ator of a private cloud solution:
The operational procedures associated with managing a private cloud should include the following security functionality in relation to the on-demand, self-service attribute of the private cloud:
The following sections describe in more detail how to provide this functionality in the private cloud.
In the IaaS service delivery model, typically tenants are given access to virtual machines that they can use to host their own applications and services. The tenants can typically choose the operating systems that they wish to use:
In the second scenario outlined above, operational responsibilities should include ensuring that the tenant's operating system is fully patched: baseline machine images should be kept up to date with the latest security patches, currently active virtual machines should be patched, and any dormant virtual machines should be updated.
Note:
This document is part of a collection of documents that comprise the
Reference Architecture for Private Cloud
document set. The Solution for Private Cloud is a community collaboration project. Please feel free to edit this document to improve its quality. If you would like to be recognized for your work on improving this document, please include your name
and any contact information you wish to share at the bottom of this page
Note: To carry out this updating, the CSP must have access to the virtual machines. Again, the responsibilities for updating virtual machines should be set out clearly in the SLA. With PaaS, customer applications might be dependent on specific updates, such as to SQL Server Express or a particular version of the .NET Framework.
System Center provides an example of how you can patch offline virtual machines. You can use System Centecles/solution-for-private-cloud.aspx"> document set. The Solution for Private Cloud is a community collaboration project. Please feel free to edit this document to improve its quality. If you would like to be recognized for your work on improving this document, please include your name and any contact information you wish to share at the bottom of this page
Note: To carry out this updating, the CSP must have access to the virtual machines. Again, the responsibilities for updating virtual machines should be set out clearly in the SLA. With PaaS, customer applications might be dependent on specific updates, such as to SQLr Virtual Machine Manager to manage patching your virtual machine images, including dormant images and templates. See http://technet.microsoft.com/en-us/magazine/ff848996.aspx for more information.
The SLA between the CSP and the tenant must specify where the responsibility for managing the security of the virtualized operating system lies.
In the PaaS service delivery model, the standardized run-time environment means that responsibility for maintaining the security of the run-time lies with the CSP. However, if the platform enables tenants to configure options that impact the security of their environment, such as opening or closing ports, such changes made by the tenant should be subject to role-based access controls and be fully logged.
In the SaaS service delivery model, the CSP is responsible for all aspects of the hosted service's security. The on-demand self-service attribute, if it exists, is likely to appear as the ability of client business units to register their end users to have access to the service. Security related operational activities will include maintaining the identity and access management systems used by the service, managing information security, availability, and IT service continuity.
In the IaaS and PaaS service models, the CSP may monitor the software deployed by the tenants for compliance with corporate standards for designing, implementing, and managing software and services.
You should use traffic analysis and packet inspection to monitor the use of all service delivery endpoints and identify unusual patterns or potential attacks.
You must be able to identify who within your organization has requested and authorized specific resources through the automated provisioning system for the private cloud. Although other users may access a service hosted in the cloud, the person or business unit who requested and authorized the use of a resource is responsible for paying for that resource and responsible for ensuring that its use complies with any enterprise policies. The self-service provisioning system must record all the relevant information about the resource request and ensure that the tenants are fully aware of their responsibilities in running and maintaining that resource. The same system must record requests and authorizations to de-provision resources at the end of their lifecycle.
Note:
In providing information to the tenants about their responsibilities for running and maintaining the resource, you should be careful not to reveal any information that might compromise your security systems and procedures.
To ensure that any provisioning process includes all the necessary security configuration steps, you should use automated procedures. As well as ensuring repeatable processes, automation can automatically log details of each step to provide a full audit trail of the provisioning and de-provisioning processes.
You should monitor and log all access to management functions that relate to the self-service attribute of the private cloud: for example financial management, capacity management, and fabric management.
You should also automate complex management operations to ensure they are performed in a repeatable fashion and that all steps are logged. Quotas should ensure that an attacker cannot simply request more and more pooled resources until the resources are exhausted.
In the SaaS service delivery model, legislation may restrict access to certain services to users in particular geographic regions. The cloud service provider should ensure compliance, for example by
ensuring that the self-service provisioning system verifies the geographic region of the user who is requesting access, and by monitoring and filtering access to the service based on the location that the request originates from.
REFERENCES:
ACKNOWLEDGEMENTS LIST:
If you edit this page and would like acknowledgement of your participation in the v1 version of this document set, please include your name below:
[Enter your name here and include any contact information you would like to share]
Return to Private Cloud Security Operations Challenges
Return to A Solution for Private Cloud Security
Return to Reference Architecture for Private Cloud
Move forward to Private Cloud Security Operations Challenges - Rapid Elasticity
Table of Contents for A Solution for Private Cloud Security