SlideShare une entreprise Scribd logo

MS Cloud day - Understanding and implementation on Windows Azure platform security

Télécharger en tant que PPTX, PDF
Spiffy
Spiffy
Technologie
1  sur  47
Microsoft Cloud Day Tan ChoonNgeeDirector, aZaaS Pte Ltd Understanding and implementation Windows Azure platform security ChoonNgee has more than 10 years of IT Sales, Marketing and Consulting experience with leading organizations like JP Morgan and Crimson Logic. He has developed several businesses focussed purely on Microsoft Technologies during this period. This session focuses on the security challenges and recommended approaches to design and develop more secure applications for Microsoft’s Windows Azure platform.
Understanding and implementation Windows Azure platform security Microsoft Corporation Authors Andrew Marshall (Senior Security Program Manager, Security Engineering) Michael Howard (Principal Security Program Manager, Security Engineering) Grant Bugher (Lead Security Program Manager, OSSC) Brian Harden (Security Architect, OSSC) Contributors Charlie Kaufman (Principal Architect) Martin Rues (Director, OSSC) Vittorio Bertocci (Senior Technical Evangelist, Developer and Platform Evangelism
Responsibility for Threat Mitigation There are many threats to a traditional server There are some additional threats in the case of cloud computing Some threats are handled by Windows Azure; others remain the responsibility of the customer
Windows Azure Security Certifications ISO/IEC 27001:2005 certification SAS 70 Type 1 and II attestations PCI Data Security Standard compliance Sarbanes–Oxley Act compliance Health Insurance Portability and Accountability Act compliance
External Verification Microsoft contracted two top-tier penetration testing firms Conduct security assessments on different elements of the Windows Azure architecture Examined hardened virtualization boundaries and Probed for side-channel or I/O thrashing attacks Six professional penetration testers working over the course of seven weeks were unable to mount a successful attack against this design.
Threats Handled by Azure Physical Attacks On Servers Central Admin Users Customer Admin Windows Azure Customer Tenant External Web Site
Attacks against Windows Azure A successful attack on the infrastructure could compromise all of our customers Windows Azure must secure its facilities against unauthorized access Windows Azure must secure its interfaces against attacks over the network Customer tenants breaking out of their VMs Attackers successfully impersonating customer administrators or Windows Azure administrators Customer administrators affecting other than their own tenants Physical Attacks On Servers Users Customer Admin Windows Azure Customer Tenant
Abuse of Privilege by Windows Azure Administrators Windows Azure administrators could make unauthorized access to customer data Procedures involving customer consent when such access is necessary Separation of Duty to prevent abuse by a single rogue administrator Auditing to assure that unauthorized access will be discovered Central Admin Windows Azure Customer Tenant
Using Windows Azure as a Platform for Attacking Others MS will receive complaints of misbehavior by Windows Azure tenants MS proactively monitor outbound access to detect common cases (port scans, spam) If a good customer’s tenant has been compromised (botted), MS work with the customer to resolve the problem If a customer intentionally attacks others, MS ban them Windows Azure Customer Tenant External Web Site
Defenses Inherited by Windows Azure Tenants Spoofing Tampering & Disclosure Elevation of Privilege Denial of Service Load-balanced Infrastructure Network bandwidth throttling CiscoGuard enabled on Storage nodes Configurable scale-out VM switch hardening Certificate Services Shared-Access Signatures HTTPS Sidechannel protections Partial Trust Runtime Hypervisor custom sandboxing Virtual Service Accounts VLANs Top of Rack Switches Custom packet filtering Port Scanning/ Service Enumeration Service Definition file, Windows Firewall, VM switch packet filtering
Windows Azure Security Layers 18 Network ACLs: dedicated VLANS for tenant nodes
How does it work? For Windows Azure Storage and SQL Azure, like any other shared service Storage or SQL account owned by some customer who sets access policy Access policy is enforced by the code that parses and satisfies requests For Windows Azure Compute, MS create customer owned VMs, isolated by a hypervisor
Underlying Hardware Rack mounted servers Each rack has a collection of identical nodes Each node (currently) has 2 CPU chips with 4 cores each 16 Gig of memory Disks for local storage Network Interface to a Top of Rack Switch
Hypervisor & VM Sandbox Guest VM Guest VM Guest VM Guest VM Guest VM Guest VM Guest VM Root VM Hypervisor Network/Disk All Guest access to network and disk is mediated by Root VM (via the Hypervisor)
Managing it all through the Fabric Controllers
What does the world look like to a Guest VM? 1, 2, 4, or 8 CPUs; up to 14 GB or memory Three disk drives: C:(for temps; initially populated with config file) D:(for OS code; initially as supplied by Windows Azure) E:(for application code; initially as supplied by customer admin) Network connectivity to Internet via NAT and to other VMs of same tenant Guest agent accepts incoming HTTP/RPC connections from Root OS
Handling Attacks by a Tenant Not dependent on the security of Windows Instead, dependent on the security of the Hypervisor and the exposed network and disk drivers C: D: and E:are not really disks. They are VHD files in the root OS’s file system. Attack surface is minimized by accepting few commands and supporting only a few hardware devices
Windows Azure Storage Runs on separate hardware with no network connectivity to compute except (logically) through Internet Requests run over HTTP and optionally over SSL with server authentication Storage is organized into storage accounts A single customer may have many storage accounts A single secret key controls all access to a storage account
Access Control Some accommodation to more fine-grained access controls: Some data can be marked as world-readable Shared access signatures supports some forms of limited delegation A customer wanting fine-grained access controls can implement a front end compute tenant that has full access to the storage account but mediates access to data items
Windows Azure Storage Scalability To reduce the need for locks when dealing with a conventional file system, Windows Azure storage implements the primitives: blobs, tables, and queues. For backwards compatibility, it also implements an virtual drive with disk semantics for applications that have not been converted. The customer is responsible for coordinating the assignment of virtual drives to VMs. A virtual drive can only be open for write from one VM at a time.
Windows Azure Storage Security Access to data in a specific account is only granted to entities having the secret key for that account Storage keys are randomly generated when the storage account is created (or later at the request of the customer) A storage account may have two active keys at any given time to support key rollover Storage keys are used to HMAC sign each access request
SQL Azure As with storage, runs on separate hardware with no connectivity to compute except (logically) over the Internet Developer portal can create databases and set an administrator password SQL administrator can create additional user accounts, each authenticated with a password
Threats Customer Still Must Worry About Users Customer Admin Windows Azure Customer Tenant
Abuse of Privilege by a Customer Administrator Customer administrators are authorized to update the code and access the data belonging to any customer tenant Customer administrators are authenticated with cryptographic keys that the customer must protect Customers should implement deployment practices as carefully as they would for applications in their own data centers Customer Admin Windows Azure Customer Tenant
Attacks on a Customer’s Tenant A tenant is much like a physical server. If there are bugs in its code, it can be compromised over the network MS can look for symptoms in some cases, but it is ultimately the customer’s responsibility Users Windows Azure Customer Tenant
Securing the Front Door Identity Management and Access Control Windows Identity Foundation Active Directory Federation Services 2.0 Windows Azure AppFabric Access Control Service
Authenticating Users
Identity Providers Your Application ACS AppFabricACS SAML SWT Browser-based WS-Federation ADFS2 . WS-Federation Rich Client SAML WS-Trust ADFS2 . WS-Trust Server 2 Server SWT OAuth WRAP/2.0 Service Identities
Gatekeeper Design Pattern
Multi Key Design Pattern
Example of Architecture Worker Role Web Role Input Queue (Work Items) Worker Role Web Role Storage Queue Worker Role Web Role Worker Role
Namespace Configuration Issues Avoid using *servicename*.cloudapp.net domain name - use a custom domain name instead. cloudapp.net namespace is inherently less trusted than the domain namespace of a single enterprise Don’t create code that requires users to place cloudapp.net in the trusted sites list in their web browser. Never scope cookies or document.domain to cloudapp.net. Instead, scope to the service subdomain (such as contoso.cloudapp.net, for example or, better, www.contoso.com).
Data Security Generate Shared Access Signatures with the most restrictive set of ACLs possible that still grant the access required by the trusted party. Use the shortest lifetime possible. Use HTTPS in the request URL so the token cannot be snooped on the wire. Remember that these tokens are only used for temporary access to non-public blob storage – as with passwords, it’s a bad idea to use the same ones over and over
Handling Secret Information Encrypt data offsite then upload encrypted payload to blob storage Should not upload the key or any keying material to Windows Azure Storage Should not store private keys associated with SSL/TLS certificates in Windows Azure Storage. Instead, upload them through the Developer Portal and access them via thumbprint references in the Service Configuration. Windows Azure will securely provision them into the certificate stores of the service’s web roles upon boot
Auditing and Logging Events are not written to application, security, or audit event logs Logged to Windows Azure Storage through the Monitoring and Diagnostics Agent via trace listeners in web application code. Then stored long-term in Windows Azure Storage via scheduled transfers performed by the Monitoring Agent. Not encrypted - Do not write sensitive information to any events stored in Windows Azure Table Storage Choose HTTP or HTTPS to retrieve logs
Request Throttling / Input Sanitization Developers must do application-level throttling of incoming requests for any kind of complex, time-intensive operation. Fuzz test any new parsers deployed as part of a web service. Fuzz test it to ensure the code can correctly accommodate malformed input. Microsoft currently applies to “boxed-product” software fuzzing requirement : 100,000 iterations of each new format or protocol without crashing, or runs non-stop for 24 hours
Other Security Considerations Secure design Attack surface reduction Defense in depth Principle of least privilege Threat modeling Secure coding Cross-site scripting SQL injection Managed code security (transparency, code access security, assembly strong naming, etc.)
Today’s Promotion FREE* for first 5 customers only! Email promotion code “AZURE6M” with your contact details to sales@azaas.com to register. Special package worth S$3800 6 months of Windows Azure Platform DAE 6 months of aZaaS Cloud Application Engine subscription 2 man-days of services to create your cloud application Offer is only valid till 30 April 2011 *Credit card required for sign-up. Any monthly usage in excess of the stated amounts will be charged at the standard rates. After 6 months, all usage will then be charged at the standard rates. Testimonial regarding services from Microsoft and aZaaS will be required.
Microsoft Cloud Day

Recommandé

Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...Microsoft Private Cloud
 
منصة شليلة
منصة شليلةمنصة شليلة
منصة شليلةssuser81f53f
 
Azure for beginners series session 4
Azure for beginners series session 4Azure for beginners series session 4
Azure for beginners series session 4Lalit Rawat
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest
 
Active Directory and Virtualization
Active Directory and VirtualizationActive Directory and Virtualization
Active Directory and VirtualizationAniket Pandey
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat Security Conference
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 

Recommandé

Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...Microsoft Private Cloud
 
منصة شليلة
منصة شليلةمنصة شليلة
منصة شليلةssuser81f53f
 
Azure for beginners series session 4
Azure for beginners series session 4Azure for beginners series session 4
Azure for beginners series session 4Lalit Rawat
 
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...
Chained Enforceable Re-authentication Barrier Ensures Really Unbreakable Secu...Toshiharu Harada, Ph.D
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest
 
Active Directory and Virtualization
Active Directory and VirtualizationActive Directory and Virtualization
Active Directory and VirtualizationAniket Pandey
 
BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat v17 || Securing Windows Defender Application Guard
BlueHat v17 || Securing Windows Defender Application Guard BlueHat Security Conference
 
Windows Azure Security Features And Functionality
Windows Azure Security Features And FunctionalityWindows Azure Security Features And Functionality
Windows Azure Security Features And Functionalityvivekbhat
 
Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure
 
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure Symantec
 
Scada strange love uwn-stuxnet
Scada strange love uwn-stuxnetScada strange love uwn-stuxnet
Scada strange love uwn-stuxnetPositive Hack Days
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
ReCertifying Active Directory
ReCertifying Active DirectoryReCertifying Active Directory
ReCertifying Active DirectoryWill Schroeder
 
Intel vmcs-shadowing-paper
Intel vmcs-shadowing-paperIntel vmcs-shadowing-paper
Intel vmcs-shadowing-paperAhmed Sallam
 
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseDEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseFelipe Prado
 
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat Security Conference
 
Cloud security
Cloud securityCloud security
Cloud securityinsoonjo
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password SynchronizationPortalGuard dba PistolStar, Inc.
 
Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...IBM222
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGA SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGijcsit
 
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully BlueHat Security Conference
 
Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved SolarWinds
 
Windows Malware Techniques
Windows Malware TechniquesWindows Malware Techniques
Windows Malware TechniquesLee C
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Todd Deshane
 
Virtualization concepts in cloud computing
Virtualization concepts in cloud computingVirtualization concepts in cloud computing
Virtualization concepts in cloud computingIntegral university, India
 
Certified Pre-Owned
Certified Pre-OwnedCertified Pre-Owned
Certified Pre-OwnedWill Schroeder
 
Windows Azure
Windows AzureWindows Azure
Windows AzureJohn Alioto
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 

Contenu connexe

Tendances

Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure
 
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure Symantec
 
Scada strange love uwn-stuxnet
Scada strange love uwn-stuxnetScada strange love uwn-stuxnet
Scada strange love uwn-stuxnetPositive Hack Days
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureMongoDB
 
ReCertifying Active Directory
ReCertifying Active DirectoryReCertifying Active Directory
ReCertifying Active DirectoryWill Schroeder
 
Intel vmcs-shadowing-paper
Intel vmcs-shadowing-paperIntel vmcs-shadowing-paper
Intel vmcs-shadowing-paperAhmed Sallam
 
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseDEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseFelipe Prado
 
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat Security Conference
 
Cloud security
Cloud securityCloud security
Cloud securityinsoonjo
 
Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...IBM222
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Softwaredefconmoscow
 
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGA SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGijcsit
 
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully BlueHat Security Conference
 
Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved SolarWinds
 
Windows Malware Techniques
Windows Malware TechniquesWindows Malware Techniques
Windows Malware TechniquesLee C
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Paula Januszkiewicz
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Todd Deshane
 

Tendances (20)

Microsoft Azure Security Infographic
Microsoft Azure Security InfographicMicrosoft Azure Security Infographic
Microsoft Azure Security Infographic
 
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
Best Practices for Running Symantec Endpoint Protection 12.1 on Microsoft Azure
 
Scada strange love uwn-stuxnet
Scada strange love uwn-stuxnetScada strange love uwn-stuxnet
Scada strange love uwn-stuxnet
 
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More SecureLow Hanging Fruit, Making Your Basic MongoDB Installation More Secure
Low Hanging Fruit, Making Your Basic MongoDB Installation More Secure
 
ReCertifying Active Directory
ReCertifying Active DirectoryReCertifying Active Directory
ReCertifying Active Directory
 
Intel vmcs-shadowing-paper
Intel vmcs-shadowing-paperIntel vmcs-shadowing-paper
Intel vmcs-shadowing-paper
 
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defenseDEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
DEF CON 23 - Sean - metcalf - red vs blue ad attack and defense
 
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
BlueHat v17 || Dangerous Contents - Securing .Net Deserialization
 
Cloud security
Cloud securityCloud security
Cloud security
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...Identifying and analyzing security threats to virtualized cloud computing inf...
Identifying and analyzing security threats to virtualized cloud computing inf...
 
1.3. (In)security Software
1.3. (In)security Software1.3. (In)security Software
1.3. (In)security Software
 
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTINGA SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
A SURVEY ON SECURITY CHALLENGES OF VIRTUALIZATION TECHNOLOGY IN CLOUD COMPUTING
 
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
BlueHat v17 || Out of the Truman Show: VM Escape in VMware Gracefully
 
Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved Common WSUS Errors Codes - Decoded and Resolved
Common WSUS Errors Codes - Decoded and Resolved
 
Windows Malware Techniques
Windows Malware TechniquesWindows Malware Techniques
Windows Malware Techniques
 
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...Microsoft Ignite session: Explore adventures in the underland: forensic techn...
Microsoft Ignite session: Explore adventures in the underland: forensic techn...
 
Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808Atc ny friday-talk_slides_20080808
Atc ny friday-talk_slides_20080808
 
Virtualization concepts in cloud computing
Virtualization concepts in cloud computingVirtualization concepts in cloud computing
Virtualization concepts in cloud computing
 
Certified Pre-Owned
Certified Pre-OwnedCertified Pre-Owned
Certified Pre-Owned
 

Similaire à MS Cloud day - Understanding and implementation on Windows Azure platform security

[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL EstelaJeffery653
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Louis Göhl
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyAmazon Web Services
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricSpiffy
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureSonatype
 
040711 webcast securing vmachine
040711 webcast securing vmachine 040711 webcast securing vmachine
040711 webcast securing vmachine Erin Banks
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanNCCOMMS
 
Isolation of vm
Isolation of vmIsolation of vm
Isolation of vmHome
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Paula Januszkiewicz
 
Virtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The GiantsVirtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The Giantseblake
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilitiesphanleson
 
Microsoft Operating System Vulnerabilities
Microsoft Operating System VulnerabilitiesMicrosoft Operating System Vulnerabilities
Microsoft Operating System VulnerabilitiesInformation Technology
 
Microsoft OS Vulnerabilities
Microsoft OS VulnerabilitiesMicrosoft OS Vulnerabilities
Microsoft OS VulnerabilitiesSecurityTube.Net
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEcscpconf
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security ChallengesSTO STRATEGY
 
Windows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxWindows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxadolphoyonker
 

Similaire à MS Cloud day - Understanding and implementation on Windows Azure platform security (20)

Windows Azure
Windows AzureWindows Azure
Windows Azure
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL
CHAPTER 26 WINDOWS SECURITY 26.1 FUNDAMENTAL
 
Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]Security best practices for hyper v and server virtualisation [svr307]
Security best practices for hyper v and server virtualisation [svr307]
 
Operations: Security
Operations: SecurityOperations: Security
Operations: Security
 
Operations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your CompanyOperations: Security Crash Course — Best Practices for Securing your Company
Operations: Security Crash Course — Best Practices for Securing your Company
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
There is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless ArchitectureThere is No Server: Immutable Infrastructure and Serverless Architecture
There is No Server: Immutable Infrastructure and Serverless Architecture
 
040711 webcast securing vmachine
040711 webcast securing vmachine 040711 webcast securing vmachine
040711 webcast securing vmachine
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa ToromanO365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
 
Isolation of vm
Isolation of vmIsolation of vm
Isolation of vm
 
Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018Gartner Security & Risk Management Summit 2018
Gartner Security & Risk Management Summit 2018
 
Virtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The GiantsVirtual Desktop Battle Of The Giants
Virtual Desktop Battle Of The Giants
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
Microsoft Operating System Vulnerabilities
Microsoft Operating System VulnerabilitiesMicrosoft Operating System Vulnerabilities
Microsoft Operating System Vulnerabilities
 
Microsoft OS Vulnerabilities
Microsoft OS VulnerabilitiesMicrosoft OS Vulnerabilities
Microsoft OS Vulnerabilities
 
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVEDEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
DEVELOPING APPLICATION FOR CLOUD – A PROGRAMMER’S PERSPECTIVE
 
AWS Security Challenges
AWS Security ChallengesAWS Security Challenges
AWS Security Challenges
 
Azure security
Azure securityAzure security
Azure security
 
Windows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docxWindows Hardening RecommendationsScenarioAs a security adm.docx
Windows Hardening RecommendationsScenarioAs a security adm.docx
 

Plus de Spiffy

01 server manager spiffy
01 server manager spiffy01 server manager spiffy
01 server manager spiffySpiffy
 
Active Directory Upgrade
Active Directory UpgradeActive Directory Upgrade
Active Directory UpgradeSpiffy
 
Checking the health of your active directory enviornment
Checking the health of your active directory enviornmentChecking the health of your active directory enviornment
Checking the health of your active directory enviornmentSpiffy
 
Agile in Action - Act 2: Development
Agile in Action - Act 2: DevelopmentAgile in Action - Act 2: Development
Agile in Action - Act 2: DevelopmentSpiffy
 
Agile in Action - Act 3: Testing
Agile in Action - Act 3: TestingAgile in Action - Act 3: Testing
Agile in Action - Act 3: TestingSpiffy
 
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?Spiffy
 
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)Spiffy
 
MS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatMS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatSpiffy
 
MS TechDays 2011 - NUI, Gooey and Louie
MS TechDays 2011 - NUI, Gooey and LouieMS TechDays 2011 - NUI, Gooey and Louie
MS TechDays 2011 - NUI, Gooey and LouieSpiffy
 
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7Spiffy
 
MS TechDays 2011 - Generate Revenue on Azure
MS TechDays 2011 - Generate Revenue on AzureMS TechDays 2011 - Generate Revenue on Azure
MS TechDays 2011 - Generate Revenue on AzureSpiffy
 
MS TechDays 2011 - HTML 5 All the Awesome Bits
MS TechDays 2011 - HTML 5 All the Awesome BitsMS TechDays 2011 - HTML 5 All the Awesome Bits
MS TechDays 2011 - HTML 5 All the Awesome BitsSpiffy
 
MS TechDays 2011 - Cloud Computing with the Windows Azure Platform
MS TechDays 2011 - Cloud Computing with the Windows Azure PlatformMS TechDays 2011 - Cloud Computing with the Windows Azure Platform
MS TechDays 2011 - Cloud Computing with the Windows Azure PlatformSpiffy
 
MS TechDays 2011 - Simplified Converged Infrastructure Solutions
MS TechDays 2011 - Simplified Converged Infrastructure SolutionsMS TechDays 2011 - Simplified Converged Infrastructure Solutions
MS TechDays 2011 - Simplified Converged Infrastructure SolutionsSpiffy
 
MS TechDays 2011 - SCDPM 2012 The New Feature of Data Protection
MS TechDays 2011 - SCDPM 2012 The New Feature of Data ProtectionMS TechDays 2011 - SCDPM 2012 The New Feature of Data Protection
MS TechDays 2011 - SCDPM 2012 The New Feature of Data ProtectionSpiffy
 
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid Deployment
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid DeploymentMS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid Deployment
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid DeploymentSpiffy
 
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...Spiffy
 
MS TechDays 2011 - Cloud Management with System Center Application Controller
MS TechDays 2011 - Cloud Management with System Center Application ControllerMS TechDays 2011 - Cloud Management with System Center Application Controller
MS TechDays 2011 - Cloud Management with System Center Application ControllerSpiffy
 
MS TechDays 2011 - Virtualization Solutions to Optimize Performance
MS TechDays 2011 - Virtualization Solutions to Optimize PerformanceMS TechDays 2011 - Virtualization Solutions to Optimize Performance
MS TechDays 2011 - Virtualization Solutions to Optimize PerformanceSpiffy
 
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...Spiffy
 

Plus de Spiffy (20)

01 server manager spiffy
01 server manager spiffy01 server manager spiffy
01 server manager spiffy
 
Active Directory Upgrade
Active Directory UpgradeActive Directory Upgrade
Active Directory Upgrade
 
Checking the health of your active directory enviornment
Checking the health of your active directory enviornmentChecking the health of your active directory enviornment
Checking the health of your active directory enviornment
 
Agile in Action - Act 2: Development
Agile in Action - Act 2: DevelopmentAgile in Action - Act 2: Development
Agile in Action - Act 2: Development
 
Agile in Action - Act 3: Testing
Agile in Action - Act 3: TestingAgile in Action - Act 3: Testing
Agile in Action - Act 3: Testing
 
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?
Agile in Action - Keynote: Becoming and Being Agile - What Does This Mean?
 
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)
Agile in Action - Act 1 (Set Up, Planning, Requirements and Architecture)
 
MS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for ThatMS TechDays 2011 - WCF Web APis There's a URI for That
MS TechDays 2011 - WCF Web APis There's a URI for That
 
MS TechDays 2011 - NUI, Gooey and Louie
MS TechDays 2011 - NUI, Gooey and LouieMS TechDays 2011 - NUI, Gooey and Louie
MS TechDays 2011 - NUI, Gooey and Louie
 
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7
MS TechDays 2011 - Mango, Mango! Developing for Windows Phone 7
 
MS TechDays 2011 - Generate Revenue on Azure
MS TechDays 2011 - Generate Revenue on AzureMS TechDays 2011 - Generate Revenue on Azure
MS TechDays 2011 - Generate Revenue on Azure
 
MS TechDays 2011 - HTML 5 All the Awesome Bits
MS TechDays 2011 - HTML 5 All the Awesome BitsMS TechDays 2011 - HTML 5 All the Awesome Bits
MS TechDays 2011 - HTML 5 All the Awesome Bits
 
MS TechDays 2011 - Cloud Computing with the Windows Azure Platform
MS TechDays 2011 - Cloud Computing with the Windows Azure PlatformMS TechDays 2011 - Cloud Computing with the Windows Azure Platform
MS TechDays 2011 - Cloud Computing with the Windows Azure Platform
 
MS TechDays 2011 - Simplified Converged Infrastructure Solutions
MS TechDays 2011 - Simplified Converged Infrastructure SolutionsMS TechDays 2011 - Simplified Converged Infrastructure Solutions
MS TechDays 2011 - Simplified Converged Infrastructure Solutions
 
MS TechDays 2011 - SCDPM 2012 The New Feature of Data Protection
MS TechDays 2011 - SCDPM 2012 The New Feature of Data ProtectionMS TechDays 2011 - SCDPM 2012 The New Feature of Data Protection
MS TechDays 2011 - SCDPM 2012 The New Feature of Data Protection
 
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid Deployment
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid DeploymentMS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid Deployment
MS TechDays 2011 - Microsoft Exchange Server and Office 365 Hybrid Deployment
 
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
MS TechDays 2011 - How to Run Middleware in the Cloud Story of Windows Azure ...
 
MS TechDays 2011 - Cloud Management with System Center Application Controller
MS TechDays 2011 - Cloud Management with System Center Application ControllerMS TechDays 2011 - Cloud Management with System Center Application Controller
MS TechDays 2011 - Cloud Management with System Center Application Controller
 
MS TechDays 2011 - Virtualization Solutions to Optimize Performance
MS TechDays 2011 - Virtualization Solutions to Optimize PerformanceMS TechDays 2011 - Virtualization Solutions to Optimize Performance
MS TechDays 2011 - Virtualization Solutions to Optimize Performance
 
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...
MS TechDays 2011 - Automating Your Infrastructure System Center Orchestrator ...
 

Dernier

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Dernier (20)

DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

MS Cloud day - Understanding and implementation on Windows Azure platform security

  • 1. Microsoft Cloud Day Tan ChoonNgeeDirector, aZaaS Pte Ltd Understanding and implementation Windows Azure platform security ChoonNgee has more than 10 years of IT Sales, Marketing and Consulting experience with leading organizations like JP Morgan and Crimson Logic. He has developed several businesses focussed purely on Microsoft Technologies during this period. This session focuses on the security challenges and recommended approaches to design and develop more secure applications for Microsoft’s Windows Azure platform.
  • 2. Understanding and implementation Windows Azure platform security Microsoft Corporation Authors Andrew Marshall (Senior Security Program Manager, Security Engineering) Michael Howard (Principal Security Program Manager, Security Engineering) Grant Bugher (Lead Security Program Manager, OSSC) Brian Harden (Security Architect, OSSC) Contributors Charlie Kaufman (Principal Architect) Martin Rues (Director, OSSC) Vittorio Bertocci (Senior Technical Evangelist, Developer and Platform Evangelism
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Responsibility for Threat Mitigation There are many threats to a traditional server There are some additional threats in the case of cloud computing Some threats are handled by Windows Azure; others remain the responsibility of the customer
  • 11. Windows Azure Security Certifications ISO/IEC 27001:2005 certification SAS 70 Type 1 and II attestations PCI Data Security Standard compliance Sarbanes–Oxley Act compliance Health Insurance Portability and Accountability Act compliance
  • 12. External Verification Microsoft contracted two top-tier penetration testing firms Conduct security assessments on different elements of the Windows Azure architecture Examined hardened virtualization boundaries and Probed for side-channel or I/O thrashing attacks Six professional penetration testers working over the course of seven weeks were unable to mount a successful attack against this design.
  • 13. Threats Handled by Azure Physical Attacks On Servers Central Admin Users Customer Admin Windows Azure Customer Tenant External Web Site
  • 14. Attacks against Windows Azure A successful attack on the infrastructure could compromise all of our customers Windows Azure must secure its facilities against unauthorized access Windows Azure must secure its interfaces against attacks over the network Customer tenants breaking out of their VMs Attackers successfully impersonating customer administrators or Windows Azure administrators Customer administrators affecting other than their own tenants Physical Attacks On Servers Users Customer Admin Windows Azure Customer Tenant
  • 15. Abuse of Privilege by Windows Azure Administrators Windows Azure administrators could make unauthorized access to customer data Procedures involving customer consent when such access is necessary Separation of Duty to prevent abuse by a single rogue administrator Auditing to assure that unauthorized access will be discovered Central Admin Windows Azure Customer Tenant
  • 16. Using Windows Azure as a Platform for Attacking Others MS will receive complaints of misbehavior by Windows Azure tenants MS proactively monitor outbound access to detect common cases (port scans, spam) If a good customer’s tenant has been compromised (botted), MS work with the customer to resolve the problem If a customer intentionally attacks others, MS ban them Windows Azure Customer Tenant External Web Site
  • 17. Defenses Inherited by Windows Azure Tenants Spoofing Tampering & Disclosure Elevation of Privilege Denial of Service Load-balanced Infrastructure Network bandwidth throttling CiscoGuard enabled on Storage nodes Configurable scale-out VM switch hardening Certificate Services Shared-Access Signatures HTTPS Sidechannel protections Partial Trust Runtime Hypervisor custom sandboxing Virtual Service Accounts VLANs Top of Rack Switches Custom packet filtering Port Scanning/ Service Enumeration Service Definition file, Windows Firewall, VM switch packet filtering
  • 18. Windows Azure Security Layers 18 Network ACLs: dedicated VLANS for tenant nodes
  • 19. How does it work? For Windows Azure Storage and SQL Azure, like any other shared service Storage or SQL account owned by some customer who sets access policy Access policy is enforced by the code that parses and satisfies requests For Windows Azure Compute, MS create customer owned VMs, isolated by a hypervisor
  • 20. Underlying Hardware Rack mounted servers Each rack has a collection of identical nodes Each node (currently) has 2 CPU chips with 4 cores each 16 Gig of memory Disks for local storage Network Interface to a Top of Rack Switch
  • 21. Hypervisor & VM Sandbox Guest VM Guest VM Guest VM Guest VM Guest VM Guest VM Guest VM Root VM Hypervisor Network/Disk All Guest access to network and disk is mediated by Root VM (via the Hypervisor)
  • 22. Managing it all through the Fabric Controllers
  • 23. What does the world look like to a Guest VM? 1, 2, 4, or 8 CPUs; up to 14 GB or memory Three disk drives: C:(for temps; initially populated with config file) D:(for OS code; initially as supplied by Windows Azure) E:(for application code; initially as supplied by customer admin) Network connectivity to Internet via NAT and to other VMs of same tenant Guest agent accepts incoming HTTP/RPC connections from Root OS
  • 24. Handling Attacks by a Tenant Not dependent on the security of Windows Instead, dependent on the security of the Hypervisor and the exposed network and disk drivers C: D: and E:are not really disks. They are VHD files in the root OS’s file system. Attack surface is minimized by accepting few commands and supporting only a few hardware devices
  • 25. Windows Azure Storage Runs on separate hardware with no network connectivity to compute except (logically) through Internet Requests run over HTTP and optionally over SSL with server authentication Storage is organized into storage accounts A single customer may have many storage accounts A single secret key controls all access to a storage account
  • 26. Access Control Some accommodation to more fine-grained access controls: Some data can be marked as world-readable Shared access signatures supports some forms of limited delegation A customer wanting fine-grained access controls can implement a front end compute tenant that has full access to the storage account but mediates access to data items
  • 27. Windows Azure Storage Scalability To reduce the need for locks when dealing with a conventional file system, Windows Azure storage implements the primitives: blobs, tables, and queues. For backwards compatibility, it also implements an virtual drive with disk semantics for applications that have not been converted. The customer is responsible for coordinating the assignment of virtual drives to VMs. A virtual drive can only be open for write from one VM at a time.
  • 28. Windows Azure Storage Security Access to data in a specific account is only granted to entities having the secret key for that account Storage keys are randomly generated when the storage account is created (or later at the request of the customer) A storage account may have two active keys at any given time to support key rollover Storage keys are used to HMAC sign each access request
  • 29. SQL Azure As with storage, runs on separate hardware with no connectivity to compute except (logically) over the Internet Developer portal can create databases and set an administrator password SQL administrator can create additional user accounts, each authenticated with a password
  • 30. Threats Customer Still Must Worry About Users Customer Admin Windows Azure Customer Tenant
  • 31. Abuse of Privilege by a Customer Administrator Customer administrators are authorized to update the code and access the data belonging to any customer tenant Customer administrators are authenticated with cryptographic keys that the customer must protect Customers should implement deployment practices as carefully as they would for applications in their own data centers Customer Admin Windows Azure Customer Tenant
  • 32. Attacks on a Customer’s Tenant A tenant is much like a physical server. If there are bugs in its code, it can be compromised over the network MS can look for symptoms in some cases, but it is ultimately the customer’s responsibility Users Windows Azure Customer Tenant
  • 33. Securing the Front Door Identity Management and Access Control Windows Identity Foundation Active Directory Federation Services 2.0 Windows Azure AppFabric Access Control Service
  • 35. Identity Providers Your Application ACS AppFabricACS SAML SWT Browser-based WS-Federation ADFS2 . WS-Federation Rich Client SAML WS-Trust ADFS2 . WS-Trust Server 2 Server SWT OAuth WRAP/2.0 Service Identities
  • 37. Multi Key Design Pattern
  • 38. Example of Architecture Worker Role Web Role Input Queue (Work Items) Worker Role Web Role Storage Queue Worker Role Web Role Worker Role
  • 39. Namespace Configuration Issues Avoid using *servicename*.cloudapp.net domain name - use a custom domain name instead. cloudapp.net namespace is inherently less trusted than the domain namespace of a single enterprise Don’t create code that requires users to place cloudapp.net in the trusted sites list in their web browser. Never scope cookies or document.domain to cloudapp.net. Instead, scope to the service subdomain (such as contoso.cloudapp.net, for example or, better, www.contoso.com).
  • 40. Data Security Generate Shared Access Signatures with the most restrictive set of ACLs possible that still grant the access required by the trusted party. Use the shortest lifetime possible. Use HTTPS in the request URL so the token cannot be snooped on the wire. Remember that these tokens are only used for temporary access to non-public blob storage – as with passwords, it’s a bad idea to use the same ones over and over
  • 41. Handling Secret Information Encrypt data offsite then upload encrypted payload to blob storage Should not upload the key or any keying material to Windows Azure Storage Should not store private keys associated with SSL/TLS certificates in Windows Azure Storage. Instead, upload them through the Developer Portal and access them via thumbprint references in the Service Configuration. Windows Azure will securely provision them into the certificate stores of the service’s web roles upon boot
  • 42. Auditing and Logging Events are not written to application, security, or audit event logs Logged to Windows Azure Storage through the Monitoring and Diagnostics Agent via trace listeners in web application code. Then stored long-term in Windows Azure Storage via scheduled transfers performed by the Monitoring Agent. Not encrypted - Do not write sensitive information to any events stored in Windows Azure Table Storage Choose HTTP or HTTPS to retrieve logs
  • 43. Request Throttling / Input Sanitization Developers must do application-level throttling of incoming requests for any kind of complex, time-intensive operation. Fuzz test any new parsers deployed as part of a web service. Fuzz test it to ensure the code can correctly accommodate malformed input. Microsoft currently applies to “boxed-product” software fuzzing requirement : 100,000 iterations of each new format or protocol without crashing, or runs non-stop for 24 hours
  • 44. Other Security Considerations Secure design Attack surface reduction Defense in depth Principle of least privilege Threat modeling Secure coding Cross-site scripting SQL injection Managed code security (transparency, code access security, assembly strong naming, etc.)
  • 45. Today’s Promotion FREE* for first 5 customers only! Email promotion code “AZURE6M” with your contact details to sales@azaas.com to register. Special package worth S$3800 6 months of Windows Azure Platform DAE 6 months of aZaaS Cloud Application Engine subscription 2 man-days of services to create your cloud application Offer is only valid till 30 April 2011 *Credit card required for sign-up. Any monthly usage in excess of the stated amounts will be charged at the standard rates. After 6 months, all usage will then be charged at the standard rates. Testimonial regarding services from Microsoft and aZaaS will be required.
  • 46.

Notes de l'éditeur

  1. Twitter template
  2. As a service provider, Microsoft must comply with regulatory requirements of the governmental entities within whose jurisdictions Azure operates, along with industry regulations that cover many companies in specific fields. Microsoft's compliance framework is designed to address this challenge. The security for Microsoft's cloud infrastructure is managed by the Online Services Security and Compliance team, which maintains the security control framework and develops policies and programs for ensuring compliance and managing security risks.The Microsoft cloud undergoes annual audits for PCI DSS, SOX and HIPAA compliance, as well as internal assessments throughout the year. The Microsoft cloud has obtained ISO/IEC 27001:2005 certification and SAS 70 Type 1 and II attestations. Note:ISO/EC 27001:2005 is a standard that specifies requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System. You can find out more about it here.Note #2:Statement on Auditing Standards (SAS) 70 is an auditing standard developed by the American Institute of Certified Public Accountants, which provides guidance for independent auditors to issue an opinion on a service or organization’s disclosure of its control of activities and processes. Find out more about it here.
  3. Spoofing identity. An example of identity spoofing is illegally accessing and then using another user's authentication information, such as username and password.Tampering with data. Data tampering involves the malicious modification of data. Examples include unauthorized changes made to persistent data, such as that held in a database, and the alteration of data as it flows between two computers over an open network, such as the Internet.Repudiation. Repudiation threats are associated with users who deny performing an action without other parties having any way to prove otherwise—for example, a user performs an illegal operation in a system that lacks the ability to trace the prohibited operations. Nonrepudiation refers to the ability of a system to counter repudiation threats. For example, a user who purchases an item might have to sign for the item upon receipt. The vendor can then use the signed receipt as evidence that the user did receive the package. Information disclosure. Information disclosure threats involve the exposure of information to individuals who are not supposed to have access to it—for example, the ability of users to read a file that they were not granted access to, or the ability of an intruder to read data in transit between two computers.Denial of service. Denial of service (DoS) attacks deny service to valid users—for example, by making a Web server temporarily unavailable or unusable. You must protect against certain types of DoS threats simply to improve system availability and reliability.Elevation of privilege. In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access to compromise or destroy the entire system. Elevation of privilege threats include those situations in which an attacker has effectively penetrated all system defenses and become part of the trusted system itself, a dangerous situation indeed.Port Scanning/ Service EnumerationThe only ports open and addressable (internally or externally) on a Windows Azure VM are those explicitly defined in the Service Definition file. Windows Firewall is enabled on each VM in addition to enhanced VM switch packet filtering, which blocks unauthorized traffic Denial of Service Windows Azure’s load balancing will partially mitigate Denial of Service attacks from the Internet and internal networks. This mitigation is done in conjunction with the developer defining an appropriate Service Definition VM instance count scale-out. On the Internet, Windows Azure VMs are only accessible through public Virtual IP Addresses (VIPs). VIP traffic is routed through Windows Azure’s load-balancing infrastructure. Windows Azure monitors and detects internally initiated Denial of Service attacks and removes offending VMs/accounts from the network. As a further protection, the root host OS that controls guest VMs in the cloud is not directly addressable internally by other tenants on the Windows Azure network and the root host OS is not externally addressable.Windows Azure is also reviewing additional Distributed Denial of Service (DDoS) solutions available from Microsoft Global Foundation Services to help further protect against Denial of Service attacks.SpoofingVLANs are used to partition the internal network and segment it in a way that prevents compromised nodes from impersonating trusted systems such as the Fabric Controller. At the Hypervisor VM Switch, additional filters are in place to block broadcast and multicast traffic, with the exception of what is needed to maintain DHCP leases. Furthermore, the channel used by the Root OS to communicate with the Fabric Controller is encrypted and mutually authenticated over an HTTPS connection, and it provides a secure transfer path for configuration and certificate information that cannot be intercepted.Eavesdropping / Packet SniffingThe Hypervisor’s Virtual Switch prevents sniffer-based attacks against other VMs on the same physical host. Top-of-rack switches will be used to restrict which IP and MAC addresses can be used by the VMs and therefore mitigate spoofing attacks on internal networks. To sniff the wire inside the Windows Azure cloud environment, an attacker would first need to compromise a VM tenant in a way that elevated the attacker to an administrator on the VM, then use a vulnerability in the hypervisor to break into the physical machine root OS and obtain system account privileges. At that point the attacker would only be able to see traffic inbound to the compromised host destined for the dynamic IP addresses of the VM guests controlled by the hypervisor. Multi-tenant hosting and side-channel attacksInformation disclosure attacks (such as sniffing) are less severe than other forms of attack inside the Windows Azure datacenter because virtual machines are inherently untrusted by the Root OS Hypervisor. Microsoft has done a great deal of analysis to determine susceptibility to side-channel attacks. Timing attacks are the most difficult to mitigate. With timing attacks, an application carefully measures how long it takes some operations to complete and infers what is happening on another processor. By detecting cache misses, an attacker can figure out which cache lines are being accessed in code. With certain crypto implementations involving lookups from large tables, knowing the pattern of memory accesses - even at the granularity of cache lines - can reveal the key being used for encryption. While seemingly far-fetched, such attacks have been demonstrated under controlled conditions. There are a number of reasons why side-channel attacks are unlikely to succeed in Windows Azure: An attack works best in the context of hyper-threading, where the two threads share all of their caches. Many current CPUs implement fully independent cores, each with a substantial private cache. The CPU chips that Windows Azure runs on today have four cores per chip and share caches only in the third tier.Windows Azure runs on nodes containing pairs of quad-core CPUs, so there are three other CPUs sharing the cache, and seven CPUs sharing the memory bus. This level of sharing leads to a great deal of noise in any signal from one CPU to another because actions of multiple CPUs tend to obfuscate the signal.Windows Azure generally dedicates CPUs to particular VMs. Any system that takes advantage of the fact that few servers keep their CPUs busy all the time, and implements more logical CPUs than physical CPUs, might open the possibility of context switches exposing cache access patterns. Windows Azure operates differently. VMs can migrate from one CPU to another, but are unlikely to do so frequently enough to offer an attacker any information.
  4. Services are isolated from other servicesCan only access resources declared in the service model .Local node resources – temp storageNetwork end-pointsIsolation using multiple mechanismsMuch of the traditional infrastructure security moves to the platform and application layersNetwork Access Control Lists and Firewalls become host packet filters and virtual firewallsMultiple, privileged accounts become pre-defined agent accounts controlled by the systemPlatform and network level encryption will still play a role, but the application developer becomes more responsible for defining how encryption is used end-to-endServices are isolated from other servicesCan only access resources declared in the service model .Local node resources – temp storageNetwork end-pointsIsolation using multiple mechanismsAutomatic application of windows security patchesRolling operating system image upgrades
  5. let's introduce another architectural role, the federation provider. The FP is, like the IP, implemented with an STS; however instead of authenticating users this STS transforms input tokens in output tokens. AN FP is typically placed on boundaries, so that it can decouple applications from the IPs and vice versa. The application can be configured to only accept tokens issued by the FP, which in turn will accept tokens form the actual IPs. As we will see, this arrangement brings great advantages to the application developer. Let's run through the scenario with this new element.<click>the blue user accesses the application, a nd this time there are no longer any doubts: <click> he gets redirected to the intermediary. It is now the FP's responsibility to handle the HDR problem <click>. The user picks his one IP <click> authenticates and sends the resulting token to the FP. Here the FP processes the token, applying whatever transformation to it and reissuing the results in a new token <click>. Note that in the easiest case there are no transformations and the input values are rewritten in output as is.The new token is then returned to the client <click> which sends it to the application.Let's run through the other IP. The user gets to the app <click>, get redirected to the FP <click> get prompted for the HDR <click> pick its onw and authenticates <click>, get the token and send it to the FP <click>.This time the FP transforms the incoming token, normalizing its claim types to match the other token <click>. The token gets back to the user <click> and is sent to the application <click>. As you can see, the application is no longer on point to account for differences between tokens: the FP took care of normalizing it, decoupling the app from changes.One way in which you can implement a FP is by using the access control service. the ACS can host an STS for you and allows you to specify your trust relationships and transformation logic via an easy portal or a comprehensive set of management APIs. ACS also helps you with the HDR problem, both by automatically generating pages for the explicit selection or by offering more subtle mechanisms such as extracting the domain form the email of the user and redirecting to the appropriate IP without having to list all the possible options. You already heard about this in the AppFabric introduction, hence I am going straight to a demonstration.
  6. The ACS would deserve multiple sessions on its own right to be properly covered, here I'm just giving you a quick sampler.What we have seen so far is just a small part of its surface. The schema here shows the ws-federation subsystem, what is normally used for browser-based, session-oriented application types. We've been playing only with ADFS IP types, but in fact <click> there are many out of the box popular IPs you can use right away with your application sticking to the same protocol <click> and a browser<click>.ACS can also do WS-Trust, a high-security protocol for SOAP web services, accepting identities from ADFS2 ws-trust endpoints or bare credentials registered in ACS for management purposes.<click> the same sources can be used within OAuth2.0 calls. OAuth is the current state of the art for securing REST calls: it is still in draft state, hence expect changes, but you can already experiment with it.<click> Both protocols can be used for rich client application types and in general <click> server 2 server interactions.Not shown here there are the management endpoints, the other portion of ACS' development surface, which can be used instead or alongside the portal for managing the namespace.
  7. Isolate web roles and separate duties of individual roles in order to maximize the use of Windows Azure Partial Trust. The Trust Levels Appendix C illustrates a subset of Partial Trust Policy Restrictions. The complete listing of restrictions is available in “Windows Azure Partial Trust Policy Reference.” The impact of these security restrictions illustrates the value of using Windows Azure Partial Trust to help secure Windows Azure services, especially externally-facing web roles. Most access to the local environment variables, file system and registry is restricted. Socket and Web connection permissions are also locked down. Use the “Gatekeeper” design pattern to separate role duties and isolate privileged access A Gatekeeper is a design pattern in which access to storage is brokered so as to minimize the attack surface of privileged roles by limiting their interaction to communication over private internal channels and only to other web/worker roles. These roles are deployed on separate VMs. In the event of a successful attack on a web role, privileged key material is not compromised. The pattern can best be illustrated by the following example which uses two roles:  The GateKeeper – this is a web role that services requests from the Internet. Since these requests are potentially malicious, the Gatekeeper is not trusted with any duties other than validating the input it receives. The GateKeeper is implemented in managed code and runs with Windows Azure Partial Trust. The service configuration settings for this role do not contain any Shared Key information for use with Windows Azure Storage.  The KeyMaster – this is a privileged backend worker role that only takes inputs from the Gatekeeper and does so over a secured channel (an internal endpoint, or queue storage – either of which can be secured with HTTPS). The KeyMaster handles storage requests fed to it by the GateKeeper, and assumes that the requests have been sanitized to some degree. The KeyMaster, as the name implies, is configured with Windows Azure Storage account information from the service configuration to enableretrieval of data from Blob or Table storage. Data can then be relayed back to the requesting client. Nothing about this design requires Full Trust or Native Code, but it offers the flexibility of running the KeyMaster in a higher privilege level if necessary.
  8. Use multiple storage keys to restrict access to privileged information where the Gatekeeper pattern does not apply. In scenarios where a partial-trust Gatekeeper cannot be placed in front of a full-trust role, a multi-key design pattern can be used to protect trusted storage data. An example case of this scenario might be when a PHP web role is acting as a front-end web role, and placing a partial trust Gatekeeper in front of it may degrade performance to an unacceptable level. Up to five storage keys can be assigned to one Windows Azure subscription. This diversity can be used to minimize exposure of a particular key to theft by placing lower-trust keys on lower-trust roles and higher-trust keys on higher-trust roles. ”Untrusted web role A” in the figure below has access to only one storage account, and it is not trusted to do anything but parse incoming requests and log them to storage account „A‟. “Trusted Role B” (in the background) has the account keys for both storage „A‟ and „B‟, but is not exposed to potentially-malicious, malformed inputs. “Trusted Role B” processes and filters requests from the untrusted role via storage „A,‟ but expects a specific structure or format. „B‟ never fully trusts „A,‟ allowing for the “real” storage key of value (account „B‟) to be protected even in the event of a fully compromised, externally-facing, untrusted role. As with the Gatekeeper pattern, the trusted role should not provide unfettered access to the trusted store on behalf of Web Role „A.‟ Instead, only a subset of legitimate commands should be serviced (such as read, but not create/update/delete in certain cases). The multi-key design pattern has some advantages over the Gatekeeper/KeyMaster pattern:  Providing separation of duty for storage accounts. In the event of Web Role A‟s compromise; only the untrusted storage account and associated key are lost.  No internal service endpoints need to be specified. Multiple storage accounts are used instead.  Windows Azure Partial Trust is not required for the externally-facing untrusted web role. Since PHP does not support partial trust, the Gatekeeper configuration is not an option for PHP hosting.
  9. Avoid using *servicename*.cloudapp.net domain name - use a custom domain name instead. An important distinction between the enterprise and the cloud is that the cloudapp.net namespace is shared among all Azure customers while the namespace Microsoft.com is wholly-owned and controlled by Microsoft. This means that the cloudapp.net namespace is inherently less trusted than the domain namespace of a single enterprise because one customer of Windows Azure does not automatically trust all other customers in that domain namespace. Don‟t create code that requires users to place cloudapp.net in the trusted sites list in their web browser. Never scope cookies or document.domain to cloudapp.net. Instead, scope to the service subdomain (such as contoso.cloudapp.net, for example or, better, www.contoso.com). For most content, only interactions with content from the same domain are allowed. For example, a typical page on www.microsoft.com can freely script content on any other page on www.microsoft.com, but it cannot script to pages that are located on a different Web domain. The DHTML Object Model uses the document.domain property to enforce this restriction. Only pages with identical domain properties are allowed free interaction. The protocol of the URL must also match. For example, an HTTP page cannot access HTTPS content. Important: Any attempt to broaden document.domain access can leave a service open to scripting attacks from the entire cloudapp.net domain namespace. IIS7 sets document.domain to the full subdomain by default (like contoso.cloudapp.net or www.microsoft.com), but the scoping is so often changed by web developers that it warrants mention.
  10. Data Security When designing Web Role interactions with Windows Azure Storage, Shared Access Signatures can be a powerful tool. Shared Access Signatures are effectively access tokens that bestow a set of rights against a blob or blob container that normally would not be set public. Since web applications are responsible for generating these tokens, they are also responsible for securely distributing them. In the event that one of these tokens is compromised, developers can either update the blob/container metadata to invalidate the token, or simply create a new container for the blob data. However, this is still a reactive measure taken after damage could have already been done. Outlined, below are guidelines for minimizing risk while using Shared Access Signatures.  Generate Shared Access Signatures with the most restrictive set of ACLs possible that still grant the access required by the trusted party.  Use the shortest lifetime possible.  Use HTTPS in the request URL so the token cannot be snooped on the wire.  Remember that these tokens are only used for temporary access to non-public blob storage – as with passwords, it‟s a bad idea to use the same ones over and over. Windows Azure table storage provides a simple structured storage environment and is not SQL-based, so common SQL injection vulnerabilities do not apply to an application that uses it. However, applications using SQL Azure or other relational database services still need to mitigate traditional SQL injection threats. Table storage requests are either made directly, using HTTP GET and POST requests, or they are translated into these requests by the SDK and LINQ. Since HTTP requests are text, if this request string were constructed based on data gathered from users, then the user‟s strings could possibly change the semantics of the request (e.g. by inserting carriage returns or & characters.) To avoid injection attacks, do not base any container names, blob names, blocks, block IDs, or table names on data gathered from users. When constructing a REST query that involves user data, help ensure the data‟s safety by URL encoding before concatenating it into the query.
  11. Handling Secret Information Currently there is no support for Data Protection API (DPAPI)-like persistence of secret data in Windows Azure Storage. If a service must encrypt secret data at rest within Windows Azure Storage, then it needs to encrypt that data offsite, and before uploading the encrypted payload to blob storage. This can be done easily with an AES key generated on a client machine or elsewhere within the enterprise. Also, developers should not upload the key or any keying material to Windows Azure Storage, regardless of how careful they are about hiding it. If any computer or storage services were compromised, it could lead to encryption keys being exposed. Microsoft recommends using 256-bit AES keys for symmetric encryption. Developers also should not store private keys associated with SSL/TLS certificates in Windows Azure Storage. Instead, upload them through the Developer Portal and access them via thumbprint references in the Service Configuration. Windows Azure will not only store these certificates encrypted at all times, but also securely provision them into the certificate stores of the service‟s web roles upon boot. Developers should not attempt to store certificates anywhere on their own as these actions would constitute re-inventing a protection already supplied by the platform. Sample code that shows how to install certificates in Windows Azure is available at http://blogs.msdn.com/jnak/archive/2010/01/29/installing-certificates-in-windows-azure-vms.aspx.
  12. Auditing and Logging Local VM disk access by Windows Azure roles should be considered temporary and not reliable for anything more than temp files and caching. On Windows Azure, events are not written to application, security, or audit event logs as they are on Windows servers. Instead, events data is logged to Windows Azure Storage through the Monitoring and Diagnostics Agent via trace listeners in web application code. The logs are then stored long-term in Windows Azure Storage via scheduled transfers performed by the Monitoring Agent. Windows Azure Table Storage is used to log certain types of events, including Windows Event and Diagnostics Logs, Windows Azure Logs and performance counters. Windows Azure does not currently support encryption-at-rest of table storage information, so developers should not write sensitive information to any events stored in Windows Azure Table Storage. Refer to “Handling Secret Information” on page 8 for more information about encrypting sensitive data. Developers must decide to use HTTP or HTTPS depending on the contents of the logs. If an application is logging a large amount of data that won‟t be of interest to outside parties or eavesdroppers, then HTTP can be used for a faster transfer. However, Microsoft recommends protecting all log data in transit to Windows Azure Storage by using HTTPS.
  13. Request Throttling / Input Sanitization Developers must do application-level throttling of incoming requests for any kind of complex, time-intensive operation. It is also important to fuzz test any new parsers deployed as part of a web service. The Microsoft Security Development Lifecycle (SDL) portal at http://www.microsoft.com/sdl provides resources on fuzzing parsers. If a service is parsing a proprietary file or request format (perhaps encapsulated inside HTTP), then fuzz test it to ensure the code can correctly accommodate malformed input. Generally speaking, an automated fuzzing framework that fuzzes 100,000 iterations of each new format or protocol without crashing, or runs non-stop for 24 hours, will give developers a good indication of threat resistance. This is the fuzzing requirement that Microsoft currently applies to “boxed-product” software.
  14. Attack surface reduction The basic strategies of attack surface reduction are to reduce the amount of code running, reduce entry points available to untrusted users, reduce privilege levels as much as possible, and eliminate services requested by relatively few users.Defense in depth Defense in depth is an information assurance (IA) strategy in which multiple layers of defense are placed throughout an information technology (IT) system. It addresses security vulnerabilities in personnel, technology and operations for the duration of the system's life cycle.Principle of least privilegegiving a user only those privileges which are absolutely essential to do his/her workThreat modeling define many separate threat models for one computer system. Each model defines a narrow set of possible attacks to focus on. A threat model can help to assess the probability, the potential harm, the priority etc., of attacks, and thus help to minimize or eradicate the threats. Cross-site scripting (XSS) is a type of computer securityvulnerability typically found in web applications that enables malicious attackers to injectclient-side script into web pages viewed by other usersDevelopers must mitigate cross-site scripting attacks by encoding and validating inputs to their services with the Microsoft Anti-Cross-Site-Scripting library or other similar libraries, especially if that input is displayed back to the user in a web page. Cross-site request forgery (CSRF) attacks must also be mitigated by setting a hidden session token in client requests and setting Page.ViewStateUserKey to the current session ID. SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literalescape characters embedded in SQL statements or user input is not strongly typed and thereby unexpectedly executed. It is an instance of a more general class of vulnerabilities that can occur whenever one programming or scripting language is embedded inside another. SQL injection attacks are also known as SQL insertion attacks.[
  15. Twitter template
  16. Speakers template