Cloud Computing Security Quiz

Questions and Answers

What is the primary goal of maintaining confidentiality in cloud computing?

• Encryption of data to prevent access by unauthorized parties (correct)
• Monitoring data usage across the cloud environment
• Ensuring data is available to all network users
• Regularly backing up data to prevent loss

Which method is commonly used to ensure data integrity in cloud computing?

• Implementing a digital signature or MAC (correct)
• Data replication across multiple servers
• Regularly deleting old data
• Using encryption to protect data

What does the command 'clflush' do in the context of memory operations?

• It modifies the contents of a memory location
• It reads data from a specified memory address
• It encrypts the data at the specified address
• It clears the cache for a specified address (correct)

What effect does the instruction 'mfence' have in a code execution context?

It ensures memory writes are completed before continuing (C)

What does the instruction 'jmp code1a' signify in the provided code snippet?

It jumps to another location in the code for repeated execution (D)

What is considered a major concern regarding data in cloud computing?

Centralization of sensitive data (B)

Which aspect does NOT significantly contribute to vulnerabilities in cloud computing?

High trust in cloud providers (C)

What security measure is considered important at the application level in cloud security?

Authentication (D)

Which of the following poses a privacy threat for cloud providers?

Local laws such as the PATRIOT Act (A)

What is a significant risk associated with the horizontal co-location of resources in cloud computing?

Wider attack surface (A)

Why is it essential for cloud providers to be trustworthy?

They safeguard large amounts of sensitive data. (D)

What specific aspect should cloud computing security focus on?

Security implications unique to cloud systems (C)

Which type of security is critical for ensuring system integrity in cloud services?

Application-level security (C)

What is the purpose of the function process_request in the enclave construction?

To process an incoming message and return a response. (A)

Which statement about the enclave's contents is true?

The contents can be inspected while in untrusted memory. (A)

What is a critical issue that arises from using untrusted memory for enclave content?

There is a risk of tampering with the enclave's integrity. (C)

What happens if the verify_MAC function returns false in process_request?

Execution will terminate and return an error code. (B)

Which instruction is used to add contents to the enclave?

EADD (B)

What is the primary responsibility of dedicated security experts in cloud platforms?

To follow security updates and best practices (C)

What type of attacks can be conducted on cloud systems?

Remote attacks that exploit software vulnerabilities (C)

What is NOT a type of vulnerability commonly exploited in cloud computing?

Unintentional memory leaks in HTML (C)

What distinguishes the attack surface in cloud computing?

It includes the entire software stack, including BIOS and drivers (C)

What is the function of isolation provided by protected mode in modern operating systems?

To protect applications from OS tampering (C)

Which of the following represents a component of the trusted computing base (TCB) in cloud platforms?

All software and hardware components of the system (B)

Which example is classified as a direct hardware attack on cloud systems?

Spectre and Meltdown on Intel CPUs (D)

What is a significant limitation of protected mode regarding application security?

It allows malicious applications to exploit flaws to gain full privileges (B)

What is the primary encryption method used by CryptDB for efficient query processing?

Symmetric-key encryption (A)

What is a disadvantage of standard encryption methods like AES in database queries?

They prevent any type of query. (C)

In the context of CryptDB, what does the term 'indistinguishability' refer to?

It prevents known-plaintext attacks. (B)

What is the outcome of the randomization used in CryptDB's encryption approach?

The same plaintext values yield different ciphertexts. (B)

Which type of attack does the randomization in CryptDB aim to prevent?

Known-plaintext attack (D)

What query capability does deterministic encryption in CryptDB allow?

Equality search functionality (B)

Which of the following is NOT an encryption characteristic of CryptDB?

Uses solely fully homomorphic encryption (C)

What kind of trade-offs does CryptDB present when it comes to encryption methods?

Privacy versus expressiveness of queries (D)

What is the purpose of the function verify_MAC in the trusted code?

To ensure the integrity of the input message (C)

What will happen if the return value of EENTER is less than zero?

The system will log a corrupted message error (A)

Which function is responsible for decrypting the message before processing?

decrypt_msg (D)

In the main loop, what type of operation does receive perform on request_buf?

It populates the buffer with incoming requests (C)

What is the role of send in the enclave code?

To relay the response back to the requester (D)

Which part of the provided application is untrusted code?

The main function (D)

What does the process_msg function do?

Encrypts the output after processing (B)

What does the EEXIT function signify in the code?

It ends the enclave session successfully (A)

Flashcards

Why are cloud platforms vulnerable?

Cloud computing platforms and services are attractive targets for attackers due to the large amount of data stored centrally, the availability of online access, the limited control over hardware and software, and the multi-tenancy model that allows for attackers to potentially exploit multiple companies' data and resources.

Why is cloud security important?

The security of cloud computing systems is essential because they store and process sensitive data. This includes ensuring that data is kept confidential, intact, and available only to authorized users.

What is a primary motive for attacks on cloud platforms?

The potential for financial gain by selling or trading stolen data is a major motivator for attackers targeting cloud platforms.

How does limited control over hardware and software impact cloud security?

Cloud computing environments often offer limited control over the hardware and software stack, particularly in PaaS models, making it more difficult to implement and manage security controls.

How does multi-tenancy impact cloud security?

The multi-tenancy nature of cloud computing, where multiple organizations operate within the same platform, increases the attack surface. Vulnerability in one service can potentially affect others.

What are the trust concerns associated with cloud providers?

The need to trust cloud providers with sensitive data raises concerns about their trustworthiness and potential vulnerabilities to regulatory pressures.

What specific security measures are needed for cloud environments?

Focusing on cloud-specific security measures is crucial, as application and operating system security alone might not be sufficient.

How does cloud security require a comprehensive approach?

To secure cloud environments, it is essential to address both application-level security measures (authentication, authorization) and OS-level security best practices (patches, security policies).

Malicious Application

A malicious software program that exploits vulnerabilities in a system's software, aiming to gain full privileges and compromise the system's integrity.

Protected Mode

A security mechanism that isolates applications from each other and protects the operating system from application-level attacks.

Privileged Code Attacks

Attacks that target the core software components of a system, including the operating system, virtual machine monitor (VMM), drivers, and BIOS.

Attack Surface

The entire software stack of a system, including applications, operating systems, drivers, and hardware components.

Hardware Attacks

Attacks that exploit vulnerabilities in hardware components, such as CPUs.

Trusted Computing Base (TCB)

The set of components that are essential for a system's security, including software and hardware.

Software Vulnerability Exploitation

Attacks that exploit vulnerabilities in software, such as memory safety violations or API flaws.

Exploiting Vulnerabilities

Exploiting vulnerabilities in code to gain unauthorized access or control.

Confidentiality in Cloud Security

Information is protected from unauthorized access or disclosure, typically achieved through encryption.

Integrity in Cloud Security

Data remains unaltered and can be verified as authentic. Techniques include Message Authentication Codes (MACs) and digital signatures.

Sandbox Escape

A type of attack that exploits vulnerabilities in a system's memory management to gain unauthorized access or control.

Corrupted Page Table

A technique where an attacker manipulates the page table to redirect memory access to a specific location, potentially allowing them to execute malicious code.

Memory Protection

A security measure that prevents unauthorized memory access or control. It also ensures data integrity by preventing unauthorized modifications.

Cache

A technique for improving memory access speeds by storing frequently used data in a faster cache.

Memory Management

A memory management mechanism that ensures that a process accessing memory does not interfere with other processes.

Cache Flush

A technique used to invalidate the data in a cache, ensuring that data is refreshed from the main memory.

MFENCE

A CPU instruction used to ensure that all memory operations are executed before proceeding to the next instruction.

Memory Leak

A type of memory leak occurs when a program fails to properly release memory after it is no longer in use, potentially causing the program to crash or slow down.

Enclave

A secure, isolated region of memory within a system where sensitive operations can be performed.

Enclave Construction

The process of setting up and configuring an enclave, including loading code and data into it.

Enclave Page Cache (EPC)

A memory region that is specifically designed to hold the enclave's code and data.

EADD Instruction

A mechanism for moving data between untrusted memory and the enclave.

Enclave Integrity

The challenge of ensuring that the enclave's code and data remain secure and tamper-proof, even when initially loaded from untrusted memory.

Verify MAC

The process of validating the integrity of a message by verifying the presence of a Message Authentication Code (MAC). This helps ensure that the message hasn't been tampered with during transmission.

Decrypt Message

The process of decoding a message to make it readable. It reverses the encryption process used to protect the data during transmission.

Trusted Code

A secure storage location within the enclave. It protects sensitive data and information from unauthorized access, even within the trusted environment.

Process Request

A function that processes and manipulates data within the trusted enclave. It ensures the secure execution of operations by only allowing authorized access to sensitive information.

Copy Message

A process used to securely transmit data between the enclave and the untrusted environment. It ensures the confidentiality and integrity of the message while transferring it across the boundary.

Encrypt Message

A security measure that encrypts data to protect it from unauthorized access during transmission or storage. It transforms the information into an unreadable format, making it secure.

Trusted Environment

A secure environment within the enclave that allows for trusted code to execute and handle sensitive data. The trusted environment is isolated from the un-trusted environment.

Why are standard encryption methods like AES unsuitable for querying encrypted data?

Standard encryption like AES (Advanced Encryption Standard) makes it impossible to execute queries on encrypted data. Each identical value is encrypted differently, preventing even simple equality comparisons. This intentional randomization helps prevent attackers from using known plaintext to decipher the encryption.

What is the basic idea behind deterministic encryption and its limitations?

Deterministic encryption methods allow for equality searches, meaning you can find data based on exact matches. While it offers limited query functionality, it sacrifices some security, as knowledge of one encrypted value can reveal others with the same original value.

How does CryptDB address the trade-off between security and query expressiveness?

CryptDB employs a layered approach to encryption, offering different levels according to specific security and expressiveness needs. This approach allows for fine-grained control over data privacy and query functionality.

What are the security strengths and limitations of random encryption?

Random encryption, like AES, is strong against attacks due to its unpredictability. It ensures that the original data cannot be deciphered even if the encrypted form is known (IND-CPA). However, it doesn't allow any queries, making it suitable for sensitive data where retrieval is not required.

What are the security weaknesses and querying capabilities of deterministic encryption?

Deterministic encryption allows limited query functionality. It enables searching for exact matches based on encrypted values. However, it is more vulnerable as anyone with knowledge of one encrypted value can deduce others sharing the same original value.

What are the key encryption techniques used by CryptDB and their benefits?

CryptDB is designed for efficient query processing by relying primarily on symmetric-key encryption, which is generally faster than asymmetric-key encryption. It also uses fully homomorphic encryption for specific operations, which lets you perform calculations on encrypted data without decryption.

How does CryptDB enhance security by linking encryption keys to user passwords?

CryptDB addresses security concerns by implementing a chain of keys associated with user passwords. This means that even if an external attacker gains access to an encryption key, it's useless without knowing the user's password, providing an extra layer of protection.

Study Notes

Cloud Computing - Lesson 9 : Security

Course Information

• Course Title: Cloud Computing
• Course Code: LINFO2145
• Lesson: 9 - Cloud Security
• Instructor: Pr. Etienne Rivière
• Contact: [email protected]

Announcements

• Quiz 3: Lectures 5 and 6, results available after this lecture
• Quiz 4: Lectures 7 and 8, available after this lecture, Due: Nov 27, 10:45
• Reviews: Dec 4, 10:45

Lecture Objectives

• Introduce security concerns from cloud computing
• Overview of data and computation integrity protection in cloud
• Describe new approaches for confidential data processing in the cloud

Introduction (1)

• Cloud computing platforms and applications are tempting attack targets
• Large amounts of data are stored centrally
• Sensitive data is often publicly available, making it an attractive target for malicious activity
• Limited control of software stacks, particularly in PaaS.
• Multi-tenancy creates larger attack surfaces
• Co-location of resources creates new attack opportunities.
• Single point of failure within one service can affect other services

Introduction (2)

• High trust required of cloud providers
• Cloud providers need to comply with local privacy regulations (e.g. PATRIOT Act)
• Security concerns are specific to cloud systems
• Application-level and OS-level security practices remain important

Why is Cloud Security Important?

• Major breaches like the Yahoo (1 billion accounts) and Dropbox (68 million) hacks, and the 2012 LinkedIn breach highlight the need for robust cloud security

The Provider Perspective

• Cloud providers must protect their customers from malicious actors
• Hypervisor-based isolation provides a limited security guarantee
• One-way protection: the provider does not protect the customer from the provider

The Client Perspective

• Cloud tenants must trust their providers, including personnel and software components
• Ideally, clients would only trust their portion of the service

Multi-tenancy and Security

• Resource sharing in virtualization creates new security threats
• Hypervisors and VMs are vulnerable to attacks impacting all tenants
• Access to the hypervisor gives access to all VM memory, including the kernel and page tables.
• Dedicated security experts and best practices are important.

Protected Mode Not Sufficient

• Protected mode (rings) is insufficient to prevent exploits
• Malicious applications can exploit flaws, gaining full privileges and potentially compromising the operating system or other applications
• Attack surface includes the entire software stack, comprising applications, OS, VMM, drivers, and BIOS

Example of Protection Rings in Microsoft Hypervisor

• Depicts layers of isolation for different components within a hypervisor
• Emphasizes the separation of different parts of the hypervisor

Attacking the Cloud

• Attacks are performed by executing software on the victim's computer, including remote execution
• Most attacks exploit vulnerabilities in software components, including exploitable memory safety vulnerabilities in C/C++
• Malicious APIs target services and infrastructure management interfaces
• Hardware vulnerabilities like Spectre and Meltdown, and RowHammer attacks are also possible

The Software Stack

• Cloud platforms utilize enormous amounts of code that must be trusted
• Examples of codebases include Linux, KVM, and OpenStack

Bugs are a Reality

• More code generally means more bugs
• Exploited vulnerabilities can lead to complete disclosure of sensitive data
• Xen hypervisor and Linux kernel have a significant number of reported vulnerabilities (e.g., 184 for Xen, 721 for Linux kernel in a given time period)

Examples of Software Attacks

• Control-flow hijacking: Goal is to execute arbitary code.
• Code injection attacks: Overwriting addresses to inject code
• Return-oriented programming: Stack corruption to execute existing instructions

Example: Heartbleed Bug

• Serious vulnerability in OpenSSL
• Widely used; targets web servers, email, chat, and VPNs
• Buffer overrun in heartbeat message handling resulting in exposure of memory
• Exploited to read server memory, including sensitive data like passwords, private keys, etc.

Other Examples

• "All your clouds are belong to us" (2011): attacks targeting EC2 management APIs
• Colocation attacks: targeting VMs on public clouds
• Attacks at hypervisor, OS and CPU level
• Exploit bugs to gain access to cached content from VMs, perform bus sniffing, obtain memory communication or perform cold boot attacks.

Hardware Attacks in the Cloud

• Hardware based attacks may or may not require direct physical access to the host
• With physical access, attacks include bus sniffing, and obtaining memory communication in DRAM
• Cold boot attacks obtain memory values during power cycles using short-lived memory state

Remote Hardware Attacks: "Row Hammer"

• Attacking physical memory to flip bits in neighboring memory
• Can cause sandbox escapes and corrupted page tables

Goals: Security in the Cloud

• Confidentiality: Protecting data from unauthorized access.
• Integrity: Protecting data from unauthorized modification

Tools: Cryptographic Hash Function

• Algorithm mapping arbitrary inputs into fixed-size outputs
• Infeasible inversion. Collision resistant
• More computationally intensive compared to generic hashes

Tools: Symmetric Cryptography

• Shared secret key for encryption and decryption
• Example: Advanced Encryption Standard (AES)

Tools: Symmetric Cryptography - MAC

• Message authentication code (MAC)
• Integrity and authenticity checking of messages
• Key required to produce a MAC
• Does not offer confidentiality

Tools: Asymmetric Cryptography

• Each party has a public and private key pair
• Public key used for encryption; private key for decryption
• Example: Rivest-Shamir-Adleman (RSA)

Tools: Asymmetric Cryptography - MAC (Digital Signature)

• Digital signature in asymmetric cryptography
• Signed using the sender's private key, verified with public key
• Ensures message integrity and authenticity

Ensuring Data Confidentiality

• Data-at-rest protection: Encrypting data directly on disk (e.g., full-disk encryption and encrypted file systems)
• Data-in-flight protection: Using end-to-end encryption mechanisms like TLS

Ensuring Data Confidentiality - TPM (Trusted Platform Module)

• Hardware security chip
• Generates and stores cryptographic keys
• Provides remote attestation

Ensuring Data Confidentiality – In-use Data

• Decrypting data before processing to maintain confidentiality in-use
• Confidentiality required during computations in the cloud

Securing Data During Computation

• Searchable data while protecting against security attacks on data distribution
• Privacy-utility-performance tradeoff consideration when applying security measures

Tools

• Software-Level Encryption
• Specific and generic encryption mechanisms
• Hardware support for trusted computing
• Homomorphic encryption

Encrypted Data Processing - Homomorphic Encryption

• Allows computation on encrypted data without decryption
• Enables operations like addition and multiplication on encrypted data; maintains confidentiality throughout computation.
• Example: Fully homomorphic encryption

Homomorphic Encryption - HELib

• Open-source homomorphic encryption library developed by IBM
• Designed to make homomorphic encryption more practical
• Low-level routines (addition, multiplication, etc.)
• Performance improvements but still requires significant resources, far from being practical in terms of computation time

Specific Encryption Schemes

• Homomorphic encryption (generic but costly)
• Specific schemes for targeted operations (e.g., exact match, nearest match, range, equality)
• Example: CryptDB (encrypted SQL database)

CryptDB: Encrypted SQL Database

• Proxy between the client and the database to handle query rewrites and data encryption/decryption.
• Prevents exposure of sensitive data to the untrusted zone of the cloud environment (especially in servers or proxy)
• Provides standard encryption (AES) but prevents from arbitrary query execution in non-trusted environment

CryptDB: Encryption Levels (1)

• Random encryption (e.g., AES): No data query possible
• Deterministic encryption (e.g., Pseudorandom permutation): Equality searches possible but maintains ciphertext integrity
• Order-preserving encryption: Enables range queries

CryptDB Encryption Levels (2)

• Summation homomorphic: Enables summation operations on encrypted data
• Joins: Enables joins across encrypted data; encryption key may be different
• Word Search: Limited full-word functionality but vulnerable with known frequency attacks

Onion Layers Encryption

• Multi-level encryption layer structure
• Security and privacy depend on how a specific level of encryption can be handled and how many levels of encryption an application requires

CryptDB Performance

• Performance of CryptDB can vary depending on the workload and number of cores
• Performance can be slower by an order of magnitude compared to non-encrypted databases due to the increased processing tasks from encryption/decryption
• Additional proxy server cost

Towards Hardware Support

• Software-based confidentiality or data protections have limited applicability and performance limitations
• The trusted computing base traditionally encompasses hardware and software stack, but there is a need to reduce this trusted code base to allow application enclaves

Intel SGX

• "Software Guard Extensions" in Intel CPUs (e.g. Skylake, Kaby Lake)
• Provides hardware-level protection for code and data in untrusted environments
• Platform owner considered malicious
• Only the CPU chip and isolated enclave are considered trusted

Enclaves

• Isolated memory regions (enclaves) for code and data
• Enclave content is protected by the hardware (Memory Encryption Engine [MEE])
• Plaintext secrets are prevented from being directly stored in main memory
• Enclave memory accessible only by enclave code, protecting against privilege escalation attacks

Enclave Memory

• Enclave memory is not accessible to other software
• Enclaves can access memory within the process
• Application can protect its secrets, reducing attack surface

Enclave Memory APIs

• ECALLs are enclave interface functions, providing input to the enclave
• OCALLs are enclave calls for returning results outside of the enclave

SGX Execution Model

• Trusted execution environment within a process, with dedicated code and data
• Controlled entry points
• Confidentiality and integrity provisioned
• Multiple threads support
• Full access to application memory

Enclave Page Cache (EPC)

• Physical memory region protected by the MEE
• EPC holds enclave contents
• Shared resource for all enclaves on the platform
• Content encryption in DRAM; decryption when brought to CPU
• Larger EPC sizes available in newer versions

SGX Limitations

• Memory limit for enclaves
• Security not absolute (vulnerabilities may exist)
• Performance is generally impacted compared to other approaches (enclave entry/exit, paging are costly)
• Legacy code, and application partitioning considerations

Conclusion

• Cloud security requires both general security practices and new techniques specific to cloud architectures (e.g., attacks on colocated and trusted code)
• Encryption of data in the cloud is beneficial
• Trusted Execution Environments (HW support) offer a way to reduce the trusted code base and trust only the required application enclaves

References (1/2) and (2/2)

• Includes a large list of academic papers which are relevant to cloud security practices

SGX Primer

• Introduction to writing SGX applications

1. Define Interface

• Enclave definition language (myenclave.edl) for function declarations
• untrusted and trusted sections for separating function declarations

2. Write Code

• Application (application.c) code and enclave (myenclave.c) code example (including main() and compute()) functions
• Demonstrate the sgx_initialize_enclave and ecall_compute calls

3. Compile Code

• Compilation of application.c, myenclave.c to generate myenclave.so and a.out
• gcc, different compiler flags

4. Sign Code and Run

• Signing myenclave.so using SGX specific tool (sgx_sign, private_key.pem)
• Execution and results from the application