Preservation of Security Configurations in the Cloud

The dynamic and elastic nature of cloud computing introduces new security challenges when it comes to maintaining consistent security configurations. This is emphasized by the fact that virtual machines are abruptly migrated between physical hosts, in the same or even in different data centers under different security policies. If security is not correctly enforced at the destination locations, and not properly updated in the source locations, security of the migrating virtual machine as well as the co-located machines can be compromised. In this paper, we intend to tackle this problem, specifically for intrusion detection/prevention and VPN/IPsec as main security mechanisms. More precisely, we propose a systematic verification approach to check the compliance of security configurations. To this end, we first elaborate on two properties, namely intrusion monitoring configuration preservation and VPN/IPsec protection configuration preservation. Then, we derive a set of formulas that compare security configurations before and after migration. This allows reasoning on whether the aforementioned security properties hold. To this end, we encode these formulas as constraint satisfaction problems. The obtained constraints are then submitted to a constraint solver, namely Sugar, in order to verify the properties and to pinpoint potential misconfiguration problems.