Tuesday, January 3, 2017

IPSEC  for Cloud 
“The term spaghetti code is universally understood as an insult. All good computer scientists worship the god of modularity, since modularity brings many benefits, including the all-powerful benefit of not having to understand all parts of a problem at the same time in order to solve it.”  - David Clark, MIT 
Modularity manifests in hardware and software. From small applications to datacenters, there is increasing reorganization for improving modularity. Unfortunately cloud computing is a domain where different vendors, technologies, fabrics, infrastructures and even platforms compete and collaborate with one another. Many private datacenters have evolved by tossing in everything with regard for security almost as an afterthought.  
Fortunately, computer networking evolved in similar competitive environment where standards emerged in virtually every aspect. IPSEC became a framework as opposed to a single protocol or system for providing all the security services. It provided three degrees of freedom. First, it is highly modular, allowing users to select from a variety of encryption algorithms and specialized security protocols. Second, IPSEC allows users to select from a large menu of security services, including access control, integrity, authentication, protection against replay and confidentiality. Third IPSEC allows users to control the granularity with which the security services are applied 
IPSEC =  (     AH      +       ESP     )     +        ISAKMP
               (header)   +      (payload)         (key management)
I argue that the principles of IPSEC can be used to add an additional layer over cloud networking to improve its security by design.  
Moreover I discuss that IPSEC is used directly in Cloud Networking today to secure virtual private networks (VPNs) but we can use its principles for securing native cloud artifacts. 
Finally, I argue that public cloud providers tout security in the form of certifications such as 
ISO 27001 
ISO 27017 
ISO 27018 
SOC 2/3 
FedRAMP 
These certifications evaluate  
  1. Infrastructure as a multi-tenant distributed environment 
  1. Chunking of data and replicating over multiple systems 
  1. Data storage, access and transfer controls 
  1. Data centers and their redundancy for robustness and fault tolerance 
  1. Authentication and Access  
I argue from the principles based on which the IPSEC was constituted that we could improve these certifications with the following 
  1. Modularity 
  1. Interoperability 
  1. Rules  
Specifically, I want to stress on provable security model. We discuss it from the intruder’s perspective such as how security protocols were designed both from formal as well as cryptographic styles of analysis. A framework that encompasses both aspects, say the modeling capability with the probability and complexity of cryptography, would be more rigorous.
#codingexercise
Given a tree and a sum, return true if there is a path from the root down to a leaf, such that adding up all the values along the path equals the given sum.
bool hasPathSum(Node root, int sum)
{
  if (root == NULL)
  {
     return (sum == 0);
  }else
  {
    int newsum = sum - root.data; 

    if (newsum > sum) throw Exception("underflow")
    if ( newsum == 0 && root.left == null && root.right == null)
      return true;
    if(root.left && hasPathSum(root.left, newsum))

       return true;
    if(root.right && hasPathSum(root.right, newsum))

       return true;
    return false;
  }
}
 the buffer underflow check could return value as false instead of throwing exception

No comments:

Post a Comment