Rapid, automated, *secure* deployment of cloud servers

The cloudefigo.org innovation

cloudefigo

At Defcon this year, two researchers -- Nir Valtman and Moshe Ferber -- gave a talk entitled "From 0 To Secure In 1 Minute — Securing IAAS". This really caught my attention because it is exactly what I mean by 'convenient security'. 

They proposed a model and released a set of tools to deliver rapid, automated deployment of secure cloud servers using Amazon Web Services, leveraging a variety of free service providers.  (Their example was in AWS, but the beauty of this is that you can follow the model to do this for other cloud providers.)

What I really like about this is that it gets away from the traditional secure server deployment approach of creating a gold image replacing it with a process that creates a brand new, fully updated, encrypted, secure server on-the-fly, each time it is needed.

The automation script does all of the following steps for you in minutes:

  1. Creates a dynamic IAM role that has all the permissions required to perform the following steps (and *only* those permissions).
  2. Creates a new instance and provisions it with the dynamic IAM role. 
  3. Spins up the new instance, and connects it to a configuration management and monitoring tool.
  4. Installs any software prerequisites and performs a full OS and software update.
  5. Attaches a new drive volume and fully encrypts it. The encryption keys can be stored on HSM, S3 or you can store them yourself. (This last approach means that any court order for information has to come to you, not the cloud vendor.)
  6. Performs a vulnerability scan! (Their script uses Nessus, but you can use something else if you have it). If the scan results do not contain medium risks and above, then the instance moved to the production security group.
  7. Once everything is installed, up-to-date, encrypted, scanned, and shown to be secure, the authorizations of the dynamic IAM role are reduced to only allow access to the full disk encryption key on S3 so it cant be used as an attack vector
  8. Releases the production-ready server to the customer.

Clean, easy, secure.

You can read more about Nir and Moshe's model and download their script at www.cloudefigo.org.

Gentlemen,  my thanks. this is exactly the kind of thinking we need. These are the kinds of capabilities we need to be developing so we can offer our customers more convenient security.

This article is published as part of the IDG Contributor Network. Want to Join?

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Related:
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.