Project Document 1 COIT2054 Information Systems Project Draft Improving Data security for Software as a Service (SaaS): Case of Amazon AWS Project Document 2 Executive Summary Providing security to the SaaS model of Amazon AWS is the goal of this project. Amazon AWS security by design is the main concept considered for this project, where the proposed model of security is modeled from the design of the web services level itself. Security by Design (SbD) is explored and the required level of security modeling and recommendations are done in this project. This approach will consider the AWS SaaS accounts and implements the security model in terms of the automatic security controls and auditing requirements. Required security controls will be built within the AWS IT management process, where this will be done using the security standards and compliances required to protect the SaaS delivery model of cloud computing. Security issues in cloud computing like Authentication and Authorization, availability, virtual machine security, data confidentiality, information security and network security will be considered for this proposed Security by Design approach. Project Document 3 Table of Contents Executive Summary ...................................................................................................................................... 2 Introduction ................................................................................................................................................... 4 Project Management Overview..................................................................................................................... 4 Statement of Work .................................................................................................................................... 4 Objectives ................................................................................................................................................. 5 Constraints ................................................................................................................................................ 6 Team Members and Responsibilities ........................................................................................................ 6 Project schedule ........................................................................................................................................ 8 Strategic Alignment Plan ............................................................................................................................ 12 Description of current system ..................................................................................................................... 13 Issues ....................................................................................................................................................... 13 Problems ................................................................................................................................................. 14 Constraints .............................................................................................................................................. 14 Stakeholder Analysis and Management Plan .............................................................................................. 15 Requirements Elicitation Methodology ...................................................................................................... 17 Proposed Requirements Statement.............................................................................................................. 20 UML diagram.......................................................................................................................................... 24 Risk Analysis and Risk Management Strategies......................................................................................... 26 Mitigation steps....................................................................................................................................... 27 Conclusion and Recommendations ............................................................................................................. 27 References ................................................................................................................................................... 28 Project Document 4 Introduction As mentioned, providing security to the Cloud SaaS delivery model is the goal of this project and for this instance case of Amazon AWS SaaS is considered. Infrastructure of AWS is composed of high available resources, where top propriety is given to the privacy and security of the customer information. The AWS infrastructure has been designed to provide the highest availability of the deployed systems and resources via the AWS cloud and it manages the basic roles and responsibilities of the infrastructure access. Four important main goals of Amazon AWS are Customer Demand, Operational Efficiency, and increased agility and expand their market and global reach. So in this context, AWS security should be implemented at two important aspects as listed Security for the AWS environment Security for the hosts and applications ("Security by Design - Amazon Web Services (AWS)", 2018) Project Management Overview Statement of Work Security for the AWS environment provides protection and security to the AWS accounts, where the features and configuration used to build this are considered here. Encryption functions, logging functions and identifies and rules used to build the AWS environment are considered to Project Document 5 manage the security for AWS. Security for the hosts and applications include the databases on the disks, operating systems and the applications as accessed by the customers ("Cloud Security – Amazon Web Services (AWS)", 2018) Tools and techniques are customized as per the customer application and process needs. From these two aspects, proposed Security by Design approach is modeled and implemented to the AWS environment level security requirements. End to end security for all the functions, services, applications and data in AWS are considered for this project, where the required level of security is provided to the operational accessibility and visibility. Objectives To understand the AWS environment level security requirements which includes the security controls, policies, functions and services Draft the AWS functions and services based on the secure environment requirements and this includes the design of configurations, encryptions, resource permissions, logging requirements, authorizations and environment security controls Design the service catalog with the standard templates and thus enforce the AWS service design to use the secure environment controls. Create user groups and roles for access management Network segmentation to the entire AWS environment by creating different subnets for different user groups or roles like development, production, and configurations using the ACLs (Access Control Lists) Project Document 6 Constraints Gathering the auditing requirements Understanding the cloud aware functions and services required for AWS environment level security Resources required to evaluate the AWS customer functions and services in modeling the Security by Design solution Team Members and Responsibilities Student name Role Responsibilities (Student name) Project Manager Responsible to gather the current security issues and challenges of the Amazon AWS SaaS Project Document 7 Student name Role Responsibilities (Student name) AWS reviewer Responsible to review the cloud SaaS of AWS in terms of the challenges like data, information and network security (Student name) Policy writer Responsible to draft the security policies and standards based on the current limitations identified with the Amazon AWS SaaS (Student name) Security Designer Responsible to model a secured design model and environment with the functions with high secured environment and access controls Project Document 8 Student name Role Responsibilities (Student name) Testing Responsible to test the security by design approach in terms of the outcomes like access management, network segmentation, resource control and monitoring and data encryption (Student name) Responsible to develop Content writer the security by design templates and perform validation activities Project schedule Task Name Duration Start Finish 50 days Mon 12-03-18 Fri 18-05-18 Amazon AWS Security by Design Model Project Document 9 1.Analysis of Cloud Deployment and Delivery 13 days Mon 12-03-18 Wed 28-03-18 models 1.1 Analysis of Cloud 2 days Mon 12-03-18 Tue 13-03-18 4 days Wed 14-03-18 Mon 19-03-18 4 days Tue 20-03-18 3 days Mon 26-03-18 Wed 28-03-18 12 days Mon 26-03-18 Tue 10-04-18 4 days Mon 26-03-18 Thu 29-03-18 3 days Fri 30-03-18 SaaS Requirements 1.2 Review of Security challenges of SaaS 1.3 Identification of major security challenges Fri 23-03-18 and threats 1.4 Categorizing the security challenges of SaaS 2. Review of Amazon AWS SaaS 2.2 Documenting the Amazon AWS Architecture 2.3 Evaluating the Security architecture of Amazon AWS SaaS Tue 03-04-18 Project Document 10 2.4 Limitations of Security architecture of 2 days Wed 04-04-18 Thu 05-04-18 5 days Wed 04-04-18 Tue 10-04-18 Controls implementation 8 days Wed 11-04-18 Fri 20-04-18 Amazon AWS 2.5 Documenting the challenges and issues of Amazon AWS Security architecture 3. Development of matrix 3.1 Drafting the controls 3 days Wed 11-04-18 Fri 13-04-18 1 day Mon 16-04-18 Mon 16-04-18 2 days Tue 17-04-18 Wed 18-04-18 2 days Thu 19-04-18 Fri 20-04-18 9 days Mon 23-04-18 Thu 03-05-18 and security policies 3.2 Review of the standards and controls 3.3 Drafting the control requirements 3.4 Drafting the implementation guidelines 4. Modeling the Secure Project Document 11 by Design approach 4.1 Access management 2 days Mon 23-04-18 Tue 24-04-18 3 days Wed 25-04-18 Fri 27-04-18 4 days Mon 30-04-18 Thu 03-05-18 4 days Fri 04-05-18 Wed 09-05-18 2 days Fri 04-05-18 Mon 07-05-18 2 days Tue 08-05-18 Wed 09-05-18 7 days Thu 10-05-18 Fri 18-05-18 accepted audits and quality 3 days Thu 10-05-18 Mon 14-05-18 Tue 15-05-18 Fri 18-05-18 design model 4.2 Network segmentation modeling 4.3 Data encryption modeling 5. Preparing the templates 5.1 Preparing the service catalog 5.2 Drafting the CloudFormation Templates 6. Final Validation Activities 6.1 Test the general controls 6.2 Enable AWS 4 days Project Document 12 Configuration design services Strategic Alignment Plan Strategic alignment plan for the proposed project is given below Alignment perspective Strategy execution Description Project manager will gather the current security issues and challenges of the Amazon AWS SaaS AWS reviewer will review the cloud SaaS of AWS in terms of the challenges like data, information and network security Technological potential Policy writer will draft the security policies and standards based on the current limitations identified with the Amazon AWS SaaS Security designer will to model a secured design model and environment with the functions with high secured environment and access controls Project Document Competitiveness Potential 13 Project manager will identify the competitive SaaS provides and evaluate the security models used by them IT manager will implement the Security by Design approach and market the solution to build the required competitive potential Service level Testing team will test the security by design approach in terms of the outcomes like access management, network segmentation, resource control and monitoring and data encryption Policy writing team and content writing team will develop the security by design templates and perform validation activities Description of current system Issues SaaS (Software as a Service) Security challenges are considered for this research and the current solutions for the Amazon AWS services are reviewed. Research problem is to protect the Amazon AWA Software as Service architecture. Currently Amazon AWS are secured with Project Document 14 multiple third party authorized audit security system (ISO/IES-27002 control frame work). This framework provides information security and there are some loopholes in terms of providing the required data security due to large data synchronization services being done every day on the Cloud servers (Moore, 2016) Problems Security for AWS is limited to the problems as listed below due to the third party service providers Biggest security risk with Amazon AWS is associated with the small business organizations, as they do not understand, where and how the security responsibilities being and end with the provider AWS handles the security for its services and platforms and doesn’t concern about the security needs of the customers or business units infrastructure Security responsibilities defined by AWS are unclear to the organizations or customers as they don’t have domain level knowledge of designing different AWS cloud solutions Insufficient and infrequent system patches offered by AWS Poor firewall and network security implementation (Poremba, 2017) Constraints Gathering the auditing requirements Project Document 15 Understanding the cloud aware functions and services required for AWS environment level security Resources required to evaluate the AWS customer functions and services in modeling the Security by Design solution Stakeholder Analysis and Management Plan Stakeholder analysis and management plan is given with the following stakeholders map Stakeholder Interest Influence Description AWS Customer High High AWS Customer requirements in term of the functions, services and resources are considered to model the Security by Design solution to provide the security for AWS Web Service providers Low High AWS Service providers has high influence in modeling the proposed solution Project Document 16 i.e. Security by Design. Functional and service level components used for the design and development of the SaaS and Web service components are considered to provide the security at the environment and design level System developers High Low AWS Security by Design developers will have high interest in modeling the proposed solution. Required functions, services, logging activities, infrastructure and resource requirements are considered to Project Document 17 model the proposed security model Competitors High High Competitors of the security providers will high interest and influence in the proposed Security by Design model. As this model uses the functional and service level design and environment constraints to protect the SaaS of Amazon, other security and third party service providers plays a prominent role here. Requirements Elicitation Methodology Reviewed the Cloud computing delivery models i.e. SaaS, PaaS and IaaS Project Document 18 Drafted the security standards and policies to protect the SaaS Reviewed the Amazon AWS SaaS and understood its current security architecture Prepare the security standards and policies to protect the data security services of AWS Modeled security for SaaS right from the service design level Drafted the security by design templates for the customer’s security needs as provided by Amazon AWS These templates were prepared by considering the customer level usage factors like AWS account design, automatic security control requirements and security auditing requirements Drafted the security by design principles and these include the following o Design for failure of the services o Plan for breach o Design for cost o Security for every layer of service or application Data related to the security by design concept as proposed to the AWS customers is collected from the Introduction to Security by Design Concepts, whitepaper published by Amazon Design by Security is the basic security related service provided by Amazon to secure their code and design level interfaces and functions To develop the proposed information system useful to the customer in understanding and using the security by design controls and security audits of AWS, two levels of security are considered and they include Project Document 19 o Security of the AWS environment o Security of hosts and applications Security by design follows the basic concepts of Quality of Design proposed by Joseph M. Juran Security by design considers the following items while proposing the required level of security to the AWS customers o Infrastructure o Operating system o Applications running on AWS Required security and compliances of the AWS are developed using the four phase approach as given below Understand the business or AWS customer needs and inherit the required AWS audits and security controls Build a secure environment as per the business needs of the customer using the configurations that match with the default security configurations provided by AWS AWS provides AWS CloudFormation templates and the users will be enforced to use the same security templates within their organization to analyze their security needs These templates contain the most required security controls, frameworks and leading best practices Project Document 20 Performing the validation activities is the final step of implementing the security by design, where the customers can use the templates and configurations of AWS to control their security configurations and audits Proposed Requirements Statement Required templates for the basic AWS security be design concepts are available from the website https://aws.amazon.com/compliance/nist/ This template is downloaded and the data across the various worksheets of excel is analyzed Secure by design covers the four types of security controls and audits to protect the customer services and they include o Identification o Protection o Detection o Response o Recovery Each of the worksheet as mentioned has different number of columns as listed o Category, which contains the security scenarios, conditions and events as per the AWS security controls and measures Project Document 21 o Subcategory contains the detailed list of security items or threats under the categories as mentioned o Customer responsibility in handling the required security or audit requirements are defined in another column o AWS Implementation/Enablers/Processes o AWS Services and Responsibility Huge data is provided or maintained within this security by design template provided by AWS Scanning the required security situations or conditions and checking for the recommendations proposed by AWS is one of the challenging task End users with limited knowledge on the AWS roles, responsibilities, controls and audits to be followed in case of any event or threat cant get their right action or responsibility to implement Also, changing the event or category or subcategory of the security control or audit will automatically changes the respective AWS responsibilities or recommendations and customer recommendations Understanding and making decision on the right customer responsibility to protect their infrastructure or network or application against the AWS recommendations is the major challenge here Project Document 22 Thus the goal of this application is to enable the customer with a rich user interface application that can handle huge of amount of data related to the AWS security by design templates All the data available with these templates will be stored a relational database management system like MySQL Business logic to access the security conditions or categories and displaying the exact AWS recommendations and customer responsibilities will be modeled as the required business logic in the proposed information system JSP based user interface and Servlets based business and database connectivity will be used for the Security by design application This application will contain the user roles and responsibilities saved in the database as per the information available or provided by AWS Whenever the end user or the AWS customer selects the desired situation they encounter in terms of security compliance or audit, the respective information and steps with the details of AWS security measures, services, responsibilities and customer responsibilities will be displayed With the proposed model, SaaS functions of AWS will designed with user level and network level access restrictions Data categories from the security by design excel templates will be saved to MySQL server database Project Document 23 Java application will enable the users to view, act and update on the required AWS security controls and audits as per the predefined template definitions Display of the AWS recommendations, responsibilities and the customer responsibilities is provided to the users via a rich user interface Thus, selecting and implementing the required AWS security and control will be easy to the users, when compared to using the unstructured templates provided by AWS Templates as mentioned for implementing the proposed security by design are shown below Project Document UML diagram 24 Project Document 25 CV Analysis Issue AWS guidelines «uses» «uses» Implement the AWS security guidelines «uses» «uses» Security by Design expert «uses» Categorize the user level security requirements AWS «uses» «uses» «uses» «uses» Define the user roles Define the functional access Prepare the Security by design templates Customer «uses» Develop JSP user interface to select the desired security issue Display appropriate template Review and use the templates «uses» Project Document 26 Risk Analysis and Risk Management Strategies Few risks identified for model the secure by design approach to secure the Amazon AWS SaaS are given below Risk ID Risk Probability Consequences Impact Mitigation R1 Configuration High High Required Risk R2 Cloud Low Configuration services those security should be standards, enabled after control and the design for policies should services might be clearly draft fail, with the before the standards are Config files are not followed created AWS Cloud High Characteristics environment environment of the AWS risk might not SaaS should be respond while analyzed deploying the upfront to avoid secure by this risk design model Project Document 27 Mitigation steps Mitigation steps to evaluate the QoS of proposed secure by design approach is as discussed Independent audits are prepared and reviewed as per the public and generally accepting standards Audit quality objectives will be tested as per the design used to model the services Point-in-time architecture will be used to test the AWS Config process Conclusion and Recommendations Providing security to the Cloud SaaS is the main goal of this research. For this project, case of Amazon AWS SaaS is considered and the current security challenges and the solutions used by Amazon will be reviewed. Based on the security challenges and limitations with the AWS SaaS, a design by model is proposed to improve the security for the Amazon Services. Design is done by establishing a reliable control and standards policy. Templates are created using the technical scripting standards and the service design is done using these templates and standards. Based on the proposed approach security to the AWS customer environments are created and proposed Project Document 28 References Moore, L. (2016). The Top 7 AWS Security Issues: What You Need to Know – Threat Stack. Threatstack.com. Retrieved 25 April 2018, from https://www.threatstack.com/blog/whatyou-need-to-know-about-the-top-7-aws-security-issues/ Poremba, S. (2017). Biggest AWS Security Risks and What You Can Do. Tom's IT Pro. Retrieved 26 April 2018, from http://www.tomsitpro.com/articles/aws-security-risks,1-3580.html Cloud Security – Amazon Web Services (AWS). (2018). Amazon Web Services, Inc.. Retrieved 26 April 2018, from https://aws.amazon.com/security/ Bennage, C. (2017). Azure and AWS services compared multicloud. Docs.microsoft.com. Retrieved 26 April 2018, from https://docs.microsoft.com/enus/azure/architecture/aws-professional/services Security by Design - Amazon Web Services (AWS). (2018). Amazon Web Services, Inc.. Retrieved 26 April 2018, from https://aws.amazon.com/compliance/security-by-design