Wayne Jansen

Guidelines on Security and Privacy in Public Cloud Computing

NIST Special Publication 800-144 - Cloud computing can and does mean different things to different people. The common characteristics most interpretations share are on-demand scalability of highly available and reliable pooled computing resources, secure access to metered services from nearly anywhere, and displacement of data and services from inside to outside the organization. While aspects of these characteristics have been realized to a certain extent, cloud computing remains a work in progress. This publication provides an overview of the security and privacy challenges pertinent to public cloud computing and points out considerations organizations should take when outsourcing data, applications, and infrastructure to a public cloud environment.~

Cloud Hooks: Security and Privacy Issues in Cloud Computing

In meteorology, the most destructive extratropical cyclones evolve with the formation of a bent-back front and cloud head separated from the main polar-front, creating a hook that completely encircles a pocket of warm air with colder air. The most damaging winds occur near the tip of the hook. The cloud hook formation provides a useful analogy for cloud computing, in which the most acute obstacles with outsourced services (i.e., the cloud hook) are security and privacy issues. This paper identifies key issues, which are believed to have long-term significance in cloud computing security and privacy, based on documented problems and exhibited weaknesses.

Countermeasures for mobile agent security

Security is an important issue for the widespread deployment of applications based on software agent technology. It is generally agreed that without the proper countermeasures in place, use of agent-based applications will be severely impeded. However, not all applications require the same set of countermeasures, nor can they depend entirely on the agent system to provide them. Instead, countermeasures are applied commensurate with the anticipated threat profile and intended security objectives for the application. While countermeasures typically include any action, device, procedure, technique, or other measure that reduces the vulnerability of or threat to a system, our focus here is specifically on technical mechanisms, as opposed to procedural or non-technical measures. Such countermeasures can be integrated directly into an agent system, or incorporated into the design of an agent to supplement the capabilities of an underlying agent system. This paper gives an overview of the threats associated with software agent systems and their technical countermeasures, including the strengths and weaknesses of the techniques involved. Emphasis is on mobile software agents, since they typically face a more severe set of threats than do static agents and, therefore, demand more rigorous countermeasures.

Intrusion detection with mobile agents

Implementing an effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, we argue that mobile agent technology goes a long way toward realizing the ideal behavior desired in an intrusion detection system (IDS). This paper discusses various ways in which mobile agents could be applied to the problem of detecting and responding to intrusions. The paper looks not only at the benefits derived from mobility, but also at those associated with software agents in general. After exploring these benefits, we outline a number of ways to apply mobile agent technology in addressing the shortcomings of current IDS designs and implementations, and delineate the associated security issues involved. We also look at several new approaches for automated responses to an intrusion, once detected.

Overcoming Impediments to Cell Phone Forensics

Cell phones are an emerging but rapidly growing area of computer forensics. While cell phones are becoming more like desktop computers functionally, their organization and operation are quite different in certain areas. For example, most cell phones do not contain a hard drive and rely instead on flash memory for persistent storage. Cell phones are also designed more as special-purpose appliances that perform a set of predefined tasks using proprietary embedded software, rather than general-purpose extensible systems that run common operating system software. Such differences make the application of classical computer forensic techniques difficult. Also complicating the situation is the state of the art of present day cell phone forensic tools themselves and the way in which tools are applied. This paper identifies factors that impede cell phone forensics and describes techniques to address two resulting problems in particular: the limited coverage of available phone models by forensic tools, and the inadequate means for validating the correct functioning of forensic tools.

Determining privileges of mobile agents

This paper describes a method for controlling the behavior of mobile agent-system entities through the allocation of privileges. Privileges refer to policy rules that govern the access and use of computational resources and services by mobile agents. Our method is based on extending the platform processing environment, using the capabilities present in most mobile agent systems, and applying two forms of privilege management certificates: attribute certificates and policy certificates. Privilege management certificates are digitally signed objects that allow various policy-setting principals to govern the activities of mobile agents through selective privilege assignment. The approach overcomes a number of problems in existing agent systems and provides a means for attaining improved interoperability of agent systems designed and implemented independently by different manufacturers. The paper also describes the application of the scheme to Java-based agent systems.

An overview and analysis of PDA forensic tools

Mobile handheld devices are becoming evermore affordable and commonplace in society. When they are involved in a security incident or crime, forensic specialists require tools that allow proper extraction and speedy examination of any digital evidence present. This paper gives an overview of forensic software tools for Personal Digital Assistants (PDA). A set of generic scenarios was devised to simulate evidentiary situations and applied to a set of target devices to gauge how selected tools react under various situations. The paper summarizes those results, giving a snapshot of the capabilities and limitations of present day tools, and also provides background information on PDA hardware and software.

A Location-Based Mechanism for Mobile Device Security

While mobile handheld devices, such as cell phones and PDAs, provide productivity benefits, they also pose new risks. A vital safeguard against unauthorized access to a device’s contents is authentication. This paper describes a location-based authentication mechanism that employs trusted servers called policy beacons, which are used to provide location data and control device behavior. Mobile devices determine their proximity to available policy beacons and upon validation assume the designated organizational policy. The mechanism is designed to take advantage of Bluetooth functionality built into many current handheld devices used in organizational settings.

Mobile Forensic Reference Materials: a Methodology and Reification

This National Institute of Standards and Technology report, NIST IR 7617, Mobile Forensic Reference Materials: A Methodology and Reification concerns the theoretical and practical issues with automatically populating mobile devices with reference test data for use as reference materials in validation of forensic tools. It describes an application and data set developed to populate identity modules and highlights subtleties involved in the process. Intriguing results attained by recent versions of commonly-used forensic tools when used to recover the populated data are also discussed. The results indicate that reference materials can be used to identify a variety of inaccuracies that exist in present-day forensic tools.~

On the unification of access control and data services

A primary objective of enterprise computing (via a data center, cloud, etc.) is the controlled delivery of data services (DS). Typical DSs include applications such as email, workflow, and records management, as well as system level features, such as file and access control management. Although access control (AC) currently plays an important role in imposing control over the execution of DS capabilities, AC can be more fundamental to computing than one might expect. That is, if properly designed, a single AC mechanism can simultaneously implement, control, and deliver capabilities of multiple DSs. The Policy Machine (PM) is an AC framework that has been designed with this objective in mind. This paper describes the PM features that provide a generic AC mechanism to implement DS capabilities, and comprehensively enforces mission tailored access control policies across DSs.