SlideShare a Scribd company logo

VALID Rules - A language for cloud verification (EU CSP\’12)

Download as ODP, PDF
T
Thomas Gross

How can we specify high-level security goals for clouds and be sure that the infrastructure actually fulfills the goals? Presented at the EU Cyber Security and Privacy Forum 2012.

Technology
1 of 29
VALID Rules A Language for Cloud Security Dr. Thomas Gross joint work with Sören Bleikertz, IBM Research Sebastian Mödersheim, DTU Informatics [Work partially done while at IBM Research - Zurich]
What's our challenge? [Automated Information Flow Analysis of Virtualized Infrastructures; ESORICS'11]
A Tale of a Bank's Private Cloud Bank offloads IT to (private) cloud Isolation of security zones Network: VLAN isolation Storage: Backup Different storage volumes High Zone Compute: Security Covert-channels Low unconsidered Security [Photo:http://www.flickr.com/photos/teegardin/5737823348/]
The Ideal World: Cloud Topology D0 VM1 VM2 D0 VM1 VM2 D0 VM1 VM2 VMs Xen VMWare System p Hypervisors HW HW HW vSwitch vSwitch vSwitch Virtual Net pSwitch Physical Net S1 S2 Storage WAN Global Net
The Real World 1,300 VMs 25,000 Nodes 30,000 Edges [Data from a customer case study with a global financial institution]
Combat Against Complexity Our Opponent Complex Topology Multi-tenancy Changing System Our Battle Plan Versatile Tool Chain Free Specification of Security Goals “Days of a startup” http://www.flickr.com/photos/tangysd/
How to specify security goals? [A Virtualization Assurance Language for Isolation and Deployment; POLICY'11]
Basis: Graph Model (e.g., Info Flows) Sink Source
Trust Assumptions: Traversal Rules Behavior of Components Storage connections Network connections Isolation Tailored by administrator Exchange format
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) [VALID is based on ASLan, proposed by the EU FP7 project AVANTSSAR]
Example Goal: Zone Isolation section types: Declaration of Variables MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB))
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: Declaration of Alarm State goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB))
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Pattern Matching Facts
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) Zone Membership Fact & not(equal(ZA, ZB))
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Connectivity Fact
Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Logical Constraints
Library of Alarm States Zoning Breach Deployment Breach
How to verify the security of an infrastructure? [Automated Verification of Virtualized Infrastructures; CCSW'11]
TEST HIGH SECURITY
TEST MB vlan1 IsolationBreach? contains (ZA, MA). vlan1 contains (ZB, MB). MA connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA,ZB
ZB TEST MB vlan2 MA vlan1 IsolationBreach? contains (ZA, MA). contains (ZB, MB). connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA
TEST MB IsolationBreach? MA contains (ZA, MA). contains (ZB, MB). connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA,ZB
ZB TEST MB vlan3 vlan3 IsolationBreach contains (ZA, MA). contains (ZB, MB). MA connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA
Verification Tool Chain [Contribution to EU FP7 project TCLOUDS]
Problem Solvers Dynamic Problem Solvers: AVANTSSAR platform Input: ASLan/IF (basis of VALID) OFMC SAT-MC Cl-AtSe Static Problem Solvers: Input: proprietary language for first-order logic SPASS ProVerif SuccintSolver
Verification of Zone Isolation The Challenge Three security zones Test, Base, High Multiple VMs in each zone (contains(zone, vm)) Network isolation realized using VLANs Input: Policy and information flow graph Output: Isolation breach
Performance 4h Test Environment Cluster 1: isolation breach 15386 nodes, 17817 edges Cluster 2: safe 6218 nodes, 7543 edges Experiments 1: Simplified graph, attack 2: Simplified graph, safe 3: Non-simplified graph, attack 4: Non-simplified graph, safe
VALID Rules for Goal Specification Expressive Policy Language Pattern matching on positive facts Logical predicates as constraints Efficient Verification with Versatile Tool Chain Next Big Step: Dynamic Problems
Get in Touch! thomas.gross@ncl.ac.uk Thomas Gross http://www.thomasgross.net Computing Science@ http://www.cs.ncl.ac.uk http://cccs.ncl.ac.uk

Recommended

(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...
(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...
(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...MYEONGGYU LEE
 
L'avenir du web au prisme de la ressource
L'avenir du web au prisme de la ressourceL'avenir du web au prisme de la ressource
L'avenir du web au prisme de la ressourcePascale Laurent
 
Aizatulin slides-4-3
Aizatulin slides-4-3Aizatulin slides-4-3
Aizatulin slides-4-3anesah
 
Conference Paper: Formal Verification of the Security for Dual Connectivity i...
Conference Paper: Formal Verification of the Security for Dual Connectivity i...Conference Paper: Formal Verification of the Security for Dual Connectivity i...
Conference Paper: Formal Verification of the Security for Dual Connectivity i...Ericsson
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS AnalysisDuduman Bogdan Vlad
 
2014 diapo ag
2014 diapo ag 2014 diapo ag
2014 diapo ag Bibliothèque de L'Union
 
Diapo ag 2011 simplifiee
Diapo ag 2011 simplifieeDiapo ag 2011 simplifiee
Diapo ag 2011 simplifieeBibliothèque de L'Union
 
Owf 2013 rii coccinelle muller speaker 1
Owf 2013 rii coccinelle muller speaker 1Owf 2013 rii coccinelle muller speaker 1
Owf 2013 rii coccinelle muller speaker 1Patrick MOREAU
 

Recommended

(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...
(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...
(Paper Review) Reconstruction of Monte Carlo Image Sequences using a Recurren...MYEONGGYU LEE
 
L'avenir du web au prisme de la ressource
L'avenir du web au prisme de la ressourceL'avenir du web au prisme de la ressource
L'avenir du web au prisme de la ressourcePascale Laurent
 
Aizatulin slides-4-3
Aizatulin slides-4-3Aizatulin slides-4-3
Aizatulin slides-4-3anesah
 
Conference Paper: Formal Verification of the Security for Dual Connectivity i...
Conference Paper: Formal Verification of the Security for Dual Connectivity i...Conference Paper: Formal Verification of the Security for Dual Connectivity i...
Conference Paper: Formal Verification of the Security for Dual Connectivity i...Ericsson
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS AnalysisDuduman Bogdan Vlad
 
2014 diapo ag
2014 diapo ag 2014 diapo ag
2014 diapo ag Bibliothèque de L'Union
 
Diapo ag 2011 simplifiee
Diapo ag 2011 simplifieeDiapo ag 2011 simplifiee
Diapo ag 2011 simplifieeBibliothèque de L'Union
 
Owf 2013 rii coccinelle muller speaker 1
Owf 2013 rii coccinelle muller speaker 1Owf 2013 rii coccinelle muller speaker 1
Owf 2013 rii coccinelle muller speaker 1Patrick MOREAU
 
La publication scientifique et le libre accès
La publication scientifique et le libre accèsLa publication scientifique et le libre accès
La publication scientifique et le libre accèsPascale Laurent
 
How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?Microsoft
 
Adbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurusAdbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurus2helene
 
Bilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lireBilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lireBibliothèque de L'Union
 
Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Thomas Gross
 
Pequeñito[1]..
Pequeñito[1]..Pequeñito[1]..
Pequeñito[1]..E. Maritza Ramirez C.
 
Flowers
FlowersFlowers
Flowersmb22
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresThomas Gross
 
Kelly Wellness Center
Kelly Wellness CenterKelly Wellness Center
Kelly Wellness Centerperales14
 
C:\fakepath\maisfin
C:\fakepath\maisfinC:\fakepath\maisfin
C:\fakepath\maisfinMAIS - CUI
 
How to-use-google-plus-for-business
How to-use-google-plus-for-businessHow to-use-google-plus-for-business
How to-use-google-plus-for-businessJoan Carles González i Santamaría
 
Plantilla Power Point para presentaciones impresionantes.
Plantilla Power Point para presentaciones impresionantes.Plantilla Power Point para presentaciones impresionantes.
Plantilla Power Point para presentaciones impresionantes.Joan Carles González i Santamaría
 
Finding Shapes- Math
Finding Shapes- MathFinding Shapes- Math
Finding Shapes- Mathacton22
 
54 examples-of-brilliant-homepage-design
54 examples-of-brilliant-homepage-design54 examples-of-brilliant-homepage-design
54 examples-of-brilliant-homepage-designJoan Carles González i Santamaría
 
CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossThomas Gross
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossThomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossThomas Gross
 
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...Thomas Gross
 
Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based AuthenticationThomas Gross
 
O caml2014 leroy-slides
O caml2014 leroy-slidesO caml2014 leroy-slides
O caml2014 leroy-slidesOCaml
 
Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud ComutingKazuhiko Kato
 
Subgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud EnvironmentSubgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud EnvironmentAtakanAral
 

More Related Content

Viewers also liked

La publication scientifique et le libre accès
La publication scientifique et le libre accèsLa publication scientifique et le libre accès
La publication scientifique et le libre accèsPascale Laurent
 
How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?Microsoft
 
Adbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurusAdbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurus2helene
 
Bilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lireBilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lireBibliothèque de L'Union
 
Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Thomas Gross
 
Flowers
FlowersFlowers
Flowersmb22
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresThomas Gross
 
Kelly Wellness Center
Kelly Wellness CenterKelly Wellness Center
Kelly Wellness Centerperales14
 
C:\fakepath\maisfin
C:\fakepath\maisfinC:\fakepath\maisfin
C:\fakepath\maisfinMAIS - CUI
 
Finding Shapes- Math
Finding Shapes- MathFinding Shapes- Math
Finding Shapes- Mathacton22
 
CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossThomas Gross
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossThomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossThomas Gross
 
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...Thomas Gross
 
Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based AuthenticationThomas Gross
 
O caml2014 leroy-slides
O caml2014 leroy-slidesO caml2014 leroy-slides
O caml2014 leroy-slidesOCaml
 

Viewers also liked (20)

La publication scientifique et le libre accès
La publication scientifique et le libre accèsLa publication scientifique et le libre accès
La publication scientifique et le libre accès
 
How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?How (un)secure is SSL/TLS?
How (un)secure is SSL/TLS?
 
Adbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurusAdbs 5 à 7 : une nouvelle norme pour le thesaurus
Adbs 5 à 7 : une nouvelle norme pour le thesaurus
 
Bilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lireBilan 2014 de la bibliothèque Plaisir de lire
Bilan 2014 de la bibliothèque Plaisir de lire
 
Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011Anonymous Credentials on Java Card - SIT Smartcard 2011
Anonymous Credentials on Java Card - SIT Smartcard 2011
 
Pequeñito[1]..
Pequeñito[1]..Pequeñito[1]..
Pequeñito[1]..
 
Flowers
FlowersFlowers
Flowers
 
CCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized InfrastructuresCCSW’12: Automated Verification of Virtualized Infrastructures
CCSW’12: Automated Verification of Virtualized Infrastructures
 
Kelly Wellness Center
Kelly Wellness CenterKelly Wellness Center
Kelly Wellness Center
 
C:\fakepath\maisfin
C:\fakepath\maisfinC:\fakepath\maisfin
C:\fakepath\maisfin
 
How to-use-google-plus-for-business
How to-use-google-plus-for-businessHow to-use-google-plus-for-business
How to-use-google-plus-for-business
 
Plantilla Power Point para presentaciones impresionantes.
Plantilla Power Point para presentaciones impresionantes.Plantilla Power Point para presentaciones impresionantes.
Plantilla Power Point para presentaciones impresionantes.
 
Finding Shapes- Math
Finding Shapes- MathFinding Shapes- Math
Finding Shapes- Math
 
54 examples-of-brilliant-homepage-design
54 examples-of-brilliant-homepage-design54 examples-of-brilliant-homepage-design
54 examples-of-brilliant-homepage-design
 
CCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas GrossCCS’09: Smart Identity Card - Thomas Gross
CCS’09: Smart Identity Card - Thomas Gross
 
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas GrossPrivacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
Privacy - Principles, PrimeLife and Identity Mixer - Thomas Gross
 
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas GrossCCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
CCS\'08: Efficient Attributes For Anonymous Credentials - Thomas Gross
 
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
CRYPTO\'10: Credential Authenticated Identification and Key Exchange - Thomas...
 
Attribute-based Authentication
Attribute-based AuthenticationAttribute-based Authentication
Attribute-based Authentication
 
O caml2014 leroy-slides
O caml2014 leroy-slidesO caml2014 leroy-slides
O caml2014 leroy-slides
 

Similar to VALID Rules - A language for cloud verification (EU CSP\’12)

Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud ComutingKazuhiko Kato
 
Subgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud EnvironmentSubgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud EnvironmentAtakanAral
 
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVM
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVMTUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVM
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVMMediaEval2012
 
Simple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageSimple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageKevin Tong
 
Cloud Computing Best Practices
Cloud Computing Best PracticesCloud Computing Best Practices
Cloud Computing Best PracticesArmor
 
Five Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureFive Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
 
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...MLconf
 
Thr30092 building a resilient iaa s architecture
Thr30092 building a resilient iaa s architectureThr30092 building a resilient iaa s architecture
Thr30092 building a resilient iaa s architectureAbou CONDE
 
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1Benton "Ben" Bovée
 
Self-Adaptive Cloud Infrastructures with Bidirectional Programming
Self-Adaptive Cloud Infrastructures with Bidirectional ProgrammingSelf-Adaptive Cloud Infrastructures with Bidirectional Programming
Self-Adaptive Cloud Infrastructures with Bidirectional ProgrammingLionel Montrieux
 
List of MATLAB Projects Research Topics
List of MATLAB Projects Research TopicsList of MATLAB Projects Research Topics
List of MATLAB Projects Research TopicsMatlab Simulation
 
Composite user interfaces for service oriented systems without exercises
Composite user interfaces for service oriented systems without exercisesComposite user interfaces for service oriented systems without exercises
Composite user interfaces for service oriented systems without exercisesDaniel Marbach
 
VMworld 2013: Multi-site Deployments with Network Virtualization
VMworld 2013: Multi-site Deployments with Network Virtualization VMworld 2013: Multi-site Deployments with Network Virtualization
VMworld 2013: Multi-site Deployments with Network Virtualization VMworld
 
Scaling Systems: Architectures that Grow
Scaling Systems: Architectures that GrowScaling Systems: Architectures that Grow
Scaling Systems: Architectures that GrowGibraltar Software
 

Similar to VALID Rules - A language for cloud verification (EU CSP\’12) (20)

Dependable Cloud Comuting
Dependable Cloud ComutingDependable Cloud Comuting
Dependable Cloud Comuting
 
Subgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud EnvironmentSubgraph Matching for Resource Allocation in the Federated Cloud Environment
Subgraph Matching for Resource Allocation in the Federated Cloud Environment
 
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVM
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVMTUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVM
TUKE MediaEval 2012: Spoken Web Search using DTW and Unsupervised SVM
 
Simple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud StorageSimple regenerating codes: Network Coding for Cloud Storage
Simple regenerating codes: Network Coding for Cloud Storage
 
Cloud Computing Best Practices
Cloud Computing Best PracticesCloud Computing Best Practices
Cloud Computing Best Practices
 
Five Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureFive Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud Architecture
 
call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...call for papers, research paper publishing, where to publish research paper, ...
call for papers, research paper publishing, where to publish research paper, ...
 
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...
Alex Smola, Professor in the Machine Learning Department, Carnegie Mellon Uni...
 
Thr30092 building a resilient iaa s architecture
Thr30092 building a resilient iaa s architectureThr30092 building a resilient iaa s architecture
Thr30092 building a resilient iaa s architecture
 
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1
SSTC-2012 BenKBovée 2933a_Backup Slides 26-Apr 1130-1300 Track1
 
DDoS Resiliency
DDoS ResiliencyDDoS Resiliency
DDoS Resiliency
 
Self-Adaptive Cloud Infrastructures with Bidirectional Programming
Self-Adaptive Cloud Infrastructures with Bidirectional ProgrammingSelf-Adaptive Cloud Infrastructures with Bidirectional Programming
Self-Adaptive Cloud Infrastructures with Bidirectional Programming
 
List of MATLAB Projects Research Topics
List of MATLAB Projects Research TopicsList of MATLAB Projects Research Topics
List of MATLAB Projects Research Topics
 
Composite user interfaces for service oriented systems without exercises
Composite user interfaces for service oriented systems without exercisesComposite user interfaces for service oriented systems without exercises
Composite user interfaces for service oriented systems without exercises
 
7.Wireless
7.Wireless7.Wireless
7.Wireless
 
VMworld 2013: Multi-site Deployments with Network Virtualization
VMworld 2013: Multi-site Deployments with Network Virtualization VMworld 2013: Multi-site Deployments with Network Virtualization
VMworld 2013: Multi-site Deployments with Network Virtualization
 
AWS vs. Azure
AWS vs. AzureAWS vs. Azure
AWS vs. Azure
 
JavaSecure
JavaSecureJavaSecure
JavaSecure
 
Scaling Systems: Architectures that Grow
Scaling Systems: Architectures that GrowScaling Systems: Architectures that Grow
Scaling Systems: Architectures that Grow
 
線上遊戲與雲端運算
線上遊戲與雲端運算線上遊戲與雲端運算
線上遊戲與雲端運算
 

Recently uploaded

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 

Recently uploaded (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 

VALID Rules - A language for cloud verification (EU CSP\’12)

  • 1. VALID Rules A Language for Cloud Security Dr. Thomas Gross joint work with Sören Bleikertz, IBM Research Sebastian Mödersheim, DTU Informatics [Work partially done while at IBM Research - Zurich]
  • 2. What's our challenge? [Automated Information Flow Analysis of Virtualized Infrastructures; ESORICS'11]
  • 3. A Tale of a Bank's Private Cloud Bank offloads IT to (private) cloud Isolation of security zones Network: VLAN isolation Storage: Backup Different storage volumes High Zone Compute: Security Covert-channels Low unconsidered Security [Photo:http://www.flickr.com/photos/teegardin/5737823348/]
  • 4. The Ideal World: Cloud Topology D0 VM1 VM2 D0 VM1 VM2 D0 VM1 VM2 VMs Xen VMWare System p Hypervisors HW HW HW vSwitch vSwitch vSwitch Virtual Net pSwitch Physical Net S1 S2 Storage WAN Global Net
  • 5. The Real World 1,300 VMs 25,000 Nodes 30,000 Edges [Data from a customer case study with a global financial institution]
  • 6. Combat Against Complexity Our Opponent Complex Topology Multi-tenancy Changing System Our Battle Plan Versatile Tool Chain Free Specification of Security Goals “Days of a startup” http://www.flickr.com/photos/tangysd/
  • 7. How to specify security goals? [A Virtualization Assurance Language for Isolation and Deployment; POLICY'11]
  • 8. Basis: Graph Model (e.g., Info Flows) Sink Source
  • 9. Trust Assumptions: Traversal Rules Behavior of Components Storage connections Network connections Isolation Tailored by administrator Exchange format
  • 10. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) [VALID is based on ASLan, proposed by the EU FP7 project AVANTSSAR]
  • 11. Example Goal: Zone Isolation section types: Declaration of Variables MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB))
  • 12. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: Declaration of Alarm State goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB))
  • 13. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Pattern Matching Facts
  • 14. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) Zone Membership Fact & not(equal(ZA, ZB))
  • 15. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Connectivity Fact
  • 16. Example Goal: Zone Isolation section types: MA, MB : machine ZA, ZB : zone section goals: goal isolationBreach (info; ZA, ZB, MA, MB) := contains (ZA, MA).contains (ZB, MB) .connected (MA, MB) & not(equal(ZA, ZB)) Logical Constraints
  • 17. Library of Alarm States Zoning Breach Deployment Breach
  • 18. How to verify the security of an infrastructure? [Automated Verification of Virtualized Infrastructures; CCSW'11]
  • 20. TEST MB vlan1 IsolationBreach? contains (ZA, MA). vlan1 contains (ZB, MB). MA connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA,ZB
  • 21. ZB TEST MB vlan2 MA vlan1 IsolationBreach? contains (ZA, MA). contains (ZB, MB). connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA
  • 22. TEST MB IsolationBreach? MA contains (ZA, MA). contains (ZB, MB). connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA,ZB
  • 23. ZB TEST MB vlan3 vlan3 IsolationBreach contains (ZA, MA). contains (ZB, MB). MA connected (MA, MB) & not(equal(ZA, ZB)) HIGH SECURITY ZA
  • 24. Verification Tool Chain [Contribution to EU FP7 project TCLOUDS]
  • 25. Problem Solvers Dynamic Problem Solvers: AVANTSSAR platform Input: ASLan/IF (basis of VALID) OFMC SAT-MC Cl-AtSe Static Problem Solvers: Input: proprietary language for first-order logic SPASS ProVerif SuccintSolver
  • 26. Verification of Zone Isolation The Challenge Three security zones Test, Base, High Multiple VMs in each zone (contains(zone, vm)) Network isolation realized using VLANs Input: Policy and information flow graph Output: Isolation breach
  • 27. Performance 4h Test Environment Cluster 1: isolation breach 15386 nodes, 17817 edges Cluster 2: safe 6218 nodes, 7543 edges Experiments 1: Simplified graph, attack 2: Simplified graph, safe 3: Non-simplified graph, attack 4: Non-simplified graph, safe
  • 28. VALID Rules for Goal Specification Expressive Policy Language Pattern matching on positive facts Logical predicates as constraints Efficient Verification with Versatile Tool Chain Next Big Step: Dynamic Problems
  • 29. Get in Touch! thomas.gross@ncl.ac.uk Thomas Gross http://www.thomasgross.net Computing Science@ http://www.cs.ncl.ac.uk http://cccs.ncl.ac.uk