In a new paper, the Cloud Security Alliance (CSA) and the Software Assurance Forum for Excellence in Code (SAFECode) joined forces to help developers navigate the sometimes troubled waters of application security. The report focuses on security considerations for platform-as-a-service (PaaS), though the authors say their advice is relevant to software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) as well.
"Among all of the cloud security challenges, this report is focused on the challenges faced by software developers who are developing applications for the cloud," says Eric Baize, senior director of the product security office with EMC. "Most of the activities required to develop secure software for the cloud are identical to the fundamental security practices required for any software. However, cloud has some unique characteristics that demand some customization of these practices."
The most notable among these is multi-tenancy, Baize says. Multi-tenancy, the report explains, allows multiple consumers or tenants to maintain a presence in a cloud service provider’s environment in a manner where the computations and data of one tenant are isolated from other tenants.
Cloud providers should model all of their application's interfaces with threats to multi-tenancy in mind, such as information disclosure and privilege escalation, the report advises. In addition, providers should use a "separate schema" database design when building multi-tenant applications as opposed to adding a "TenantID" column to each table.
"APIs are the front door into any application, and it is critical that they are properly secured," the report states. "In many ways, API security for cloud applications is similar to API security for web applications hosted in data centers. Traditional application layer security risks, such as the OWASP Top 10, are still present when deploying your application to the cloud."
To secure APIs, the report recommends determining whether the APIs can be restricted so that only trusted hosts can call them and ensure that interservice communication is securely authenticated. Also, testing should be used to validate security monitoring and alerting capabilities.
The paper touches on a number of other topics as well, including the use of trusted compute pools and the challenges of dealing with authentication and identity management. The focus is on mitigating the primary threats to cloud computing: data breaches, data leakage, denial-of-service, and insecure application interfaces.
The report can be viewed as a set requirements and capabilities that PaaS should be providing to developers, says Steve Orrin, chief technologist for Intel Federal.
"To that end, organizations and their developers need to evaluate the security capabilities and services that their PaaS provides and then ensure they adopt these security capabilities and/or demand their availability from their provider," he says.
Security, Baize adds, has increasingly become an integral part of the design process.
"CSA cloud security recommendations are widely used by cloud practitioners, and SAFECode secure software development practices are increasingly part of standard software engineering processes," he says. "What this report provides is the connection between these two sets of practices by translating cloud-specific security requirements into security practices for software developers."
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.