Abstract
© 2019 IEEE.We initiate an effort to provide a rigorous, holistic and modular security analysis of OpenStack. OpenStack is the prevalent open-source, non-proprietary package for managing cloud services and data centers. It is highly complex and consists of multiple inter-related components which are developed by separate, loosely coordinated groups. All of these properties make the security analysis of OpenStack both a worthy mission and a challenging one. We base our modeling and security analysis in the universally composable (UC) security framework. This allows specifying and proving security in a modular way-a crucial feature when analyzing systems of such magnitude. Our analysis has the following key features: 1) It is user-centric: It stresses the security guarantees given to users of the system in terms of privacy, correctness, and timeliness of the services. 2) It considers the security of OpenStack even when some of the components are compromised. This departs from the traditional design approach of OpenStack, which assumes that all services are fully trusted. 3) It is modular: It formulates security properties for individual components and uses them to prove security properties of the overall system. Specifically, this work concentrates on the high-level structure of OpenStack, leaving the further formalization and more detailed analysis of specific OpenStack services to future work. Specifically, we formulate ideal functionalities that correspond to some of the core OpenStack modules, and then proves security of the overall OpenStack protocol given the ideal components. As demonstrated within, the main challenge in the high-level design is to provide adequately fine-grained scoping of permissions to access dynamically changing system resources. We demonstrate security issues with current mechanisms in case of failure of some components, propose alternative mechanisms, and rigorously prove adequacy of then new mechanisms within our modeling.
Original language | English |
---|---|
Title of host publication | Proceedings - 2019 IEEE Secure Development, SecDev 2019 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 20-33 |
ISBN (Electronic) | 9781538672891 |
DOIs | |
Publication status | Published - 1 Sept 2019 |
Externally published | Yes |
Event | 2019 IEEE Secure Development, SecDev 2019 - McLean, United States Duration: 25 Sept 2019 → 27 Sept 2019 |
Conference
Conference | 2019 IEEE Secure Development, SecDev 2019 |
---|---|
Country/Territory | United States |
City | McLean |
Period | 25/09/19 → 27/09/19 |
Funding
This work is supported by the National Science Foundation as part of the MACS Frontier project under NSF grants 1413996 and 1414119 (https://www.bu.edu/macs/). Ran Canetti is also supported by ISF grant 1523/14 and is a member of CPIIS.
Funders | Funder number |
---|---|
National Science Foundation | 1739000, 1718135 |
National Sleep Foundation | 1413996, 1414119 |
Iowa Science Foundation | 1523/14 |