Page 177 - How Cloud Computing Is Transforming Business and Why You Cant Afford to Be Left Behind
P. 177
D ANGERS ABOUND: SECURITY IN THE C L O UD
exploitable vulnerability is found in the kick start image of
AMIs, then the security of a considerable amount of resources
and data will be at stake.”A solution, he suggests, is for cus-
tomers to build their own AMIs and then move them into the
cloud under conditions where Amazon Web Services doesn’t
have the right to review them. This approach is sometimes re-
ferred to as a zero-knowledge-based solution and insists on
keeping the cloud owner’s hands off the user’s clean version
of an AMI.
The cloud’s nightmare scenario, however, is that a skilled
hacker finds a way to access the “ec2-terminate-instance” serv-
ice, a command to halt a running virtual machine, “and finds
a way to apply it to all instances in its zone.” Widespread vir-
tual machine interruptions and damage might result. “Such a
vulnerability could be abused to black out the Amazon cloud,”
Dhanjani wrote on April 27, 2008.
The Cloud Security Alliance, in an April 2009 white paper,
agreed: “IaaS providers make a vast number of virtual machine
images available to their customers. [A virtual image] should
undergo the same level of security verification and hardening
as it would for hosts within the enterprise,” it warned. In other
words, if you take what a cloud vendor gives you, upgrade it to
the same degree of hardness and protections that you would
implement in-house before using it.
Then it suggests something that I believe will become a
best practice in the design of virtual machines (sometimes re-
ferred to as virtual appliances) to run in the cloud. Both the
application and its operating system should be stripped down
to the essentials needed to do the job intended for a specific
157
