A carrier-grade cloud is a cloud platform or infrastructure suitable for deployment, with stringent availability, reliability, QoS and security requirements which are fundamental for real-time applications in Telecoms, Automotive, Banking (Stock Trading) and the Energy (Smart-Grid) sector.
These industries operate under regulations that can prevent data sharing in many circumstances. Additionally, companies are reluctant to share market-sensitive data that could give away economic advantage. Data traversing the cloud must be secured, meeting all compliance requirements, so that they cannot be used by unintended parties. A carrier-grade cloud must provide adequate data sanitization and filtering capabilities to protect application or sensor data.
While such requirements are traditionally met with SLA’s, a mere contractual enforcement isn’t enough. A carrier-grade XaaS must heavily invest in technology in order to meet security and privacy requirements if their offer is to be accepted by customers. Carrier-grade clouds must provide built in mechanisms to enforce these requirements to meet regulatory industry requirements.
Identity and privacy-management in location aware systems, as well as communication and data security are some of the most sensitive areas with respect to cloud security. Generally these risks (aka. The Notorious 9) affect all cloud computing solutions and must be mitigated:
1. Data Breaches
2. Data Loss
3. Account Hijacking
4. Insecure APIs
5. Denial of Service
6. Malicious Insiders
7. Abuse of Cloud Services
8. Insufficient Due Diligence
9. Shared Technology Issues
Several additional aspects require special consideration in carrier grade environments:
- in Telecommunications, handling and storage of data about the customer, is subject to different legal requirements varying from country to country (e.g. what data must be stored (for how long) or may not be stored, as well as where the storage is done. These requirements correlate with the fact that telco operators implementing clouds must concentrate on reducing the cost of network-latency/traffic and proximity within their design and hence treat computing+network assets as a single pool of resources.
- SLA’s aren’t sufficient to maintain strict identity and trust management. Large organizations rely on the security of their communication infrastructure and may never be exposed to rogue employees of the cloud infrastructure provider.
- Securing traceability requirements, imposed by regulatory bodies must undergo additional analysis to reduce risks of abuse.
Rather than enforced solely through SLA’s, a carrier grade IaaS/PaaS must provide mechanisms to manage the legal constraints on data accessibility, readability and localization, part of the system.
Identity and communication data must be as safe (or safer) as when managed in-house and isolated from other users of the infrastructure. While isolation is already a core aspect of virtualization, a carrier-grade implementation must guarantee to preserve it. Therefore carrier-grade architectures must guarantee that data at rest or snapshots of a VM image can never be decrypted without the presence of the customer.
Using compartmentalization and limiting computation of data to encrypted datasets (or its metadata) and moving computation of decrypted contents to a private cloud is one option but currently lack proper standardization. On the transport level, packets must be secured and tamper-resistant, preferably offering control of the routing-policies as a value added services to customer to let them opt-in/out to avoid data transversing jurisdictions with weak privacy laws or notorious for openly spying.
Carrier grade cloud services must fulfill independent certification requirements to guarantee providers can restore operations and data. To provide a coherent security framework suitable for a carrier clouds, we need a schema that defines different security requirements for each layer (networking, hardware, hypervisor, virtual machines, OS and middleware) and the interactions between them.
To fill these gaps in existing standardization and architecture requirements, additional policies are needed. But instead of reinventing the wheel, carrier-grade clouds should build on existing security standards targeted at cloud computing such as ISO270172, PCI-DSS, NIST, CSA, etc., and auditing standards (ISO27001) which seem to be completely missing until now for cloud-computing. Such a framework/schema should also consider telco specific requirements on data storage (location) and compliance with local legal requirements (on privacy, retention) or by consolidating the framework to adhere to the rules of the strictest jurisdiction.
MOFO Changes to SAS 70: http://media.mofo.com/files/Uploads/Images/101227-Changes-to-SAS.pdf