18-06-2013, 11:37 AM
Is the future Web more insecure?
future Web more.pdf (Size: 506.47 KB / Downloads: 128)
Abstract
The world of information and communication technology is experiencing changes that, regardless of some skepticism, are bringing to life the concept of \utility computing". The nostalgics observed a parallel between the emerging paradigm of cloud computing and the traditional time-sharing era, depicting clouds as the modern reincarnation of mainframes available on a pay-per-use basis, and equipped with virtual, elastic, disks-as-a-service that replace the old physical disks with quotas. This comparison is fascinating, but more importantly, in our opinion, it prepares the ground for constructive critiques regarding the security of such a computing paradigm and, especially, one of its key components: web services. In this paper we discuss our position about the current countermeasures (e.g., intrusion detection systems, anti-malware), developed to mitigate well-known web security threats. By reasoning on said affinities, we focus on the simple case study of anomaly-based approaches, which are employed in many modern protection tools, not just in intrusion detectors.
INTRODUCTION
The emerging concept of cloud computing is both widespread and puzzling [44]. Indeed, it has been talked, blogged, written and discussed about as an unprecedented paradigmatic change in the information and communication technology world. As it often happens, this also brought forth confusion in new terms and buzzwords such as “public cloud", “private cloud", “*-as-a-service", etc. As noted in [8], the lack of a widely-accepted definition may indeed distract users and experts. In [1], the authors have begun to shed some light on this new concept. According to their definitions, cloud computing enables organizations to run web applications (often referred to as services) on a pay-as-you-go basis on top of reliable, highly-available, scalable software and hardware infrastructures referred to as clouds. This is also, in general, the widespread perception shared by users and developers. In some sense, clouds can be seen as modern, large mainframes [30] with virtually infinite resources, and the term cloud computing refers to the use of such resources to deliver web services.
Data confidentiality
The obvious and, in general, effective measure to protect data confidentiality is encryption. However, encryption is not always a feasible solution, especially for data-intensive applications that require high I/O throughput (note that, in [1], the relatively low speed of the Internet has been al- ready identified as a concerning obstacle). Although homomorphic encryption [18] can be exploited for limiting decryptions and re-encryptions when data needs to be transformed, in its current stage this solution requires significant efforts to be adopted in high-speed, real-world deployments. In addition, encryption is not straightforward when data is distributed. Also, this solution may have a low acceptance rate and, more importantly, raises the issue of data property.
Auditability
When disasters occur, reconstructing a “picture" of the system's status is vital. From a purely forensic point of view, monitoring and keeping track of a system's activity is as important as debugging. Unfortunately, this might in turn be very difficult in large-scale, service-based systems, since data and processes are distributed rather than contained within well-defined boundaries. Even simple tasks such as collecting logs are naturally more challenging when applications are distributed and provided by different sources (e.g., mash-ups). In case of successful exploitation, a likely event in immature systems, the risk is that the compromised applications might leave insufficient or unreachable tamper evidence.
The HTTP is the TCP
The practice of using application protocols, mainly HTTP, to encapsulate a wide spectrum of data types (e.g., binary files, streams of videos, chunks of data with well-defined semantics such as RDF) is becoming very popular. In some sense, HTTP is playing the role of a transport layer, that is, encapsulating a payload and sending it. Complex (even proprietary) protocols offer transparent communication layers between services over HTTP. A simple example is the Web-DAV protocol (adopted, for instance, by the popular Google Calendar web service), which relies on HTTP to interface calendar clients and servers (actually, services). As we all know, HTTP sits on top of a real transport layer; but since TCP is so transparent, reliable and highly-available, to some extent it can be considered as a network (or even physical) layer. In our opinion, the spreading of web services and cloud computing modifies the way the Internet networking stack is used by software, as shown in Figure 1.
What’s new about security?
From a security perspective, with this observation we suggest that, in the need of designing a network monitoring system, a further layer of inspection is desirable to effectively detect those threats that leverage the actual communication protocol employed by a service. In fact, since the networking stack is evolving, the protection mechanisms (especially those that inspect the application layer) should step up as well, as exemplified in the following.
CONCLUSION
In this paper, we have discussed some key points that, in our opinion, motivate a constructive reconsideration of the current security measures.
The simple observation that paradigmatic changes (e.g., from thin client connected to a mainframe, to powerful workstations, to, once again, thin clients connected to a cloud) induce parallel changes in the security world, suggests a broad approach to the \novel" security issues. In the approach that we envision, the stack offered by the cloud computing paradigm needs to be mapped to the well-known hardware and software stack. In principle, this would help at mapping also the patterns of the traditional security issues onto the new stack. Examples of the insights that we believe this will make possible are outlined in Sections 4.1 and 4.2. Obviously, this mapping will not, by itself, lead to a complete description of the new threats. Rather, it will point out key areas to develop and refine, in a much similar way to what the periodic table did for the discovery of unknown chemical elements. Similarly, for some areas, this approach will indicate that many issues can be solved through an appropriate “porting" of the traditional security countermeasures to the cloud computing paradigm.