Viktor Engström, Pontus Johnson, Robert Lagerström, Erik Ringdahl, Max Wällstedt
{"title":"Amazon Web服务环境的自动安全评估","authors":"Viktor Engström, Pontus Johnson, Robert Lagerström, Erik Ringdahl, Max Wällstedt","doi":"https://dl.acm.org/doi/10.1145/3570903","DOIUrl":null,"url":null,"abstract":"<p>Migrating enterprises and business capabilities to cloud platforms like Amazon Web Services (AWS) has become increasingly common. However, securing cloud operations, especially at large scales, can quickly become intractable. Customer-side issues such as service misconfigurations, data breaches, and insecure changes are prevalent. Furthermore, cloud-specific tactics and techniques paired with application vulnerabilities create a large and complex search space. Various solutions and modeling languages for cloud security assessments exist. However, no single one appeared sufficiently cloud-centered and holistic. Many also did not account for tactical security dimensions. This paper, therefore, presents a domain-specific modeling language for AWS environments. When used to model AWS environments, manually or automatically, the language automatically constructs and traverses attack graphs to assess security. Assessments, therefore, require minimal security expertise from the user. The modeling language was primarily tested on four third-party AWS environments through securiCAD Vanguard, a commercial tool built around the AWS modeling language. The language was validated further by measuring performance on models provided by anonymous end users and a comparison with a similar open source assessment tool. As of March 2020, the modeling language could represent essential AWS structures, cloud tactics, and threats. However, the tests highlighted certain shortcomings. Data collection steps, such as planted credentials, and some missing tactics were obvious. Nevertheless, the issues covered by the DSL were already reminiscent of common issues with real-world precedents. Future additions to attacker tactics and addressing data collection should yield considerable improvements.</p>","PeriodicalId":56050,"journal":{"name":"ACM Transactions on Privacy and Security","volume":"191 1","pages":""},"PeriodicalIF":3.0000,"publicationDate":"2022-11-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Automated Security Assessments of Amazon Web Service Environments\",\"authors\":\"Viktor Engström, Pontus Johnson, Robert Lagerström, Erik Ringdahl, Max Wällstedt\",\"doi\":\"https://dl.acm.org/doi/10.1145/3570903\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Migrating enterprises and business capabilities to cloud platforms like Amazon Web Services (AWS) has become increasingly common. However, securing cloud operations, especially at large scales, can quickly become intractable. Customer-side issues such as service misconfigurations, data breaches, and insecure changes are prevalent. Furthermore, cloud-specific tactics and techniques paired with application vulnerabilities create a large and complex search space. Various solutions and modeling languages for cloud security assessments exist. However, no single one appeared sufficiently cloud-centered and holistic. Many also did not account for tactical security dimensions. This paper, therefore, presents a domain-specific modeling language for AWS environments. When used to model AWS environments, manually or automatically, the language automatically constructs and traverses attack graphs to assess security. Assessments, therefore, require minimal security expertise from the user. The modeling language was primarily tested on four third-party AWS environments through securiCAD Vanguard, a commercial tool built around the AWS modeling language. The language was validated further by measuring performance on models provided by anonymous end users and a comparison with a similar open source assessment tool. As of March 2020, the modeling language could represent essential AWS structures, cloud tactics, and threats. However, the tests highlighted certain shortcomings. Data collection steps, such as planted credentials, and some missing tactics were obvious. Nevertheless, the issues covered by the DSL were already reminiscent of common issues with real-world precedents. Future additions to attacker tactics and addressing data collection should yield considerable improvements.</p>\",\"PeriodicalId\":56050,\"journal\":{\"name\":\"ACM Transactions on Privacy and Security\",\"volume\":\"191 1\",\"pages\":\"\"},\"PeriodicalIF\":3.0000,\"publicationDate\":\"2022-11-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Privacy and Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/https://dl.acm.org/doi/10.1145/3570903\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Privacy and Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/https://dl.acm.org/doi/10.1145/3570903","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
将企业和业务功能迁移到像Amazon Web Services (AWS)这样的云平台已经变得越来越普遍。然而,确保云操作的安全,尤其是大规模的云操作,可能很快就会变得棘手。客户端问题(如服务配置错误、数据泄露和不安全更改)非常普遍。此外,与应用程序漏洞相结合的特定于云的策略和技术创建了一个庞大而复杂的搜索空间。存在用于云安全评估的各种解决方案和建模语言。然而,没有一个单一的方案能够充分以云为中心和整体。许多也没有考虑到战术安全层面。因此,本文为AWS环境提供了一种特定于领域的建模语言。当用于对AWS环境进行手动或自动建模时,该语言会自动构建和遍历攻击图以评估安全性。因此,评估对用户的安全专业知识要求最低。建模语言主要通过securiCAD Vanguard(一个围绕AWS建模语言构建的商业工具)在四个第三方AWS环境中进行了测试。通过在匿名最终用户提供的模型上测量性能,并与类似的开源评估工具进行比较,进一步验证了该语言。到2020年3月,建模语言可以代表基本的AWS结构、云策略和威胁。然而,测试也凸显了某些缺点。数据收集步骤(如植入凭证)和一些遗漏的策略是显而易见的。尽管如此,DSL所涵盖的问题已经让人想起现实世界先例中的常见问题。未来对攻击者策略和处理数据收集的补充应该会产生相当大的改进。
Automated Security Assessments of Amazon Web Service Environments
Migrating enterprises and business capabilities to cloud platforms like Amazon Web Services (AWS) has become increasingly common. However, securing cloud operations, especially at large scales, can quickly become intractable. Customer-side issues such as service misconfigurations, data breaches, and insecure changes are prevalent. Furthermore, cloud-specific tactics and techniques paired with application vulnerabilities create a large and complex search space. Various solutions and modeling languages for cloud security assessments exist. However, no single one appeared sufficiently cloud-centered and holistic. Many also did not account for tactical security dimensions. This paper, therefore, presents a domain-specific modeling language for AWS environments. When used to model AWS environments, manually or automatically, the language automatically constructs and traverses attack graphs to assess security. Assessments, therefore, require minimal security expertise from the user. The modeling language was primarily tested on four third-party AWS environments through securiCAD Vanguard, a commercial tool built around the AWS modeling language. The language was validated further by measuring performance on models provided by anonymous end users and a comparison with a similar open source assessment tool. As of March 2020, the modeling language could represent essential AWS structures, cloud tactics, and threats. However, the tests highlighted certain shortcomings. Data collection steps, such as planted credentials, and some missing tactics were obvious. Nevertheless, the issues covered by the DSL were already reminiscent of common issues with real-world precedents. Future additions to attacker tactics and addressing data collection should yield considerable improvements.
期刊介绍:
ACM Transactions on Privacy and Security (TOPS) (formerly known as TISSEC) publishes high-quality research results in the fields of information and system security and privacy. Studies addressing all aspects of these fields are welcomed, ranging from technologies, to systems and applications, to the crafting of policies.