Security Considerations for Cloud Computing (Part 6) – Metered Services

If you would like to read the other parts in this article series please go to:

Introduction

In the first five parts of this series on private cloud security, we talked about some basic factors you have to consider that are specific to security issues in the private cloud# These issues are key to the essential characteristics of cloud computing and this sets them apart from the typical security considerations you would deal with in a traditional datacenter# We’ve talked about how virtualization, broad network access, resource pooling and on-demand self-service affect security decisions that you make in a private cloud environment# Last time, we turned our attention to another essential characteristic of cloud computing, that of rapid elasticity#

And that leads us, in this sixth part of our series on private cloud security, to the final essential characteristic of cloud computing: metered services# It might well be the most controversial one, as well# In the past, the metered services concept has gotten a bad rap# Many folks in the general public, especially in the U#S#, associate it with limitations and restrictions on usage# The phrase reminds them of the “old model” of Internet connectivity, when they paid $25 an hour to use CompuServe, or the “new model” of capped bandwidth recently imposed by cable companies and phone companies on their formerly “unlimited” customers#

Why metered services?

Metered services is also often referred to as “pay per use#” In the enterprise, metering services is a means of accountability# Metered services is necessary to the “utility” aspect of cloud computing# People understand that they “pay per use” for true utilities such as electricity and water# The number of kilowatt hours or gallons of water you consume is measured by a meter that keeps track and each month the amount is reported back to the service provider, either through remote access #via so-called “smart meters”# or by a meter reader who manually inspects the meter and records the amount used#

Unlike in a traditional data center, where your main job is to “keep the lights on”, a private cloud environment is about providing services# You don’t want to merely keep the lights on; you want to keep the services running# This is all part of the private cloud principle of thinking of yourself as a service provider# And one of the major responsibilities that you have as a service provider is to be transparent about how much of the shared infrastructure a particular tenant uses, and the cost of that usage#

The cloud characteristic of metered service is critical because, as a service provider, part of your job is to help your tenants be good stewards of the shared pool of cloud resources# Those resources include the shared pool of compute, networking and storage resources# If the tenant has no awareness of the costs that are involved in obtaining resources from the shared pool, there will be no motivation on the tenant’s part to constrain the use of the resources and wastage is bound to occur#

This also motivates the consumers of the cloud services to think about what they actually need, instead of what they think they might need# For example, let’s take the example of uptime# Uptime is often expressed in terms of “9s#” So 99#99% is called “four nines,” 99#999% is “five nines,” and so forth# When you ask the typical tenant how many “9s” of uptime they need, they’ll invariably tell you “well, I need five 9s”# But do they really need those five 9s? What the person might not know is that, in order to provide that level of availability, the costs increase significantly and it puts a much greater strain on the shared pool of resources#

The essential characteristic of metered services is what enables you to provide the consumer of cloud services information with what the exact costs of five 9s turns out to be# Then the tenant can take those costs into consideration and compare that with what they calculate they would lose if they only had three 9s availability# It might turn out that the amount of money you lose with five nines availability is less than the cost of obtaining that level of availability# In that case, the tenant would be willing to accept a lower level of service because the overall cost is lower#

How metered services work in the private cloud

In a private cloud environment, you will need to track all chargeable use of the cloud services used by the tenants so that you can bill them# In some cases, mostly in enterprise environments, you won’t actually charge the tenants; instead you will do something called “show back”, whereby you provide reports of cloud service usage and what the services cost, but you don’t actually receive any money from the private cloud tenants# Even though the tenants aren’t actually paying in dollars, they are still accountable for the amount of resources they use#

From a security perspective, you need to ensure that tenants will not be able to bypass your monitoring systems in any way, just as the electric company invokes measures to prevent customers from tampering with the meters that are installed on their premises# One of the risks of bypassing the monitoring system is that the tenants might be able to reduce the amounts that they pay by adjusting the data to indicate that they are using less of the cloud infrastructure than they are actually using# This “cheating” isn’t just about money; it could potentially lead to a denial of services situation, since the tenant that is bypassing the monitoring system can acquire increasing amounts of cloud resources without any limit# If this happens, it might get to the point of exhaustion of the resource pool and then other tenants will not be able to obtain the resources they need when they need them#

While it is unlikely that a group within your organization would try to steal cloud services from the enterprise private cloud in this way, there is always the risk that someone could try to use the private cloud resources for unapproved purposes# Insider attacks are among the most common of security breaches, according to many studies, so it’s not unreasonable to imagine that a disgruntled employee might try to take advantage of the resources provided by the private cloud# Alternately, the employee might not even be disgruntled – it might just be someone who wants to use the resources for personal gain and avoid paying for them# Consider the scenario where an employee runs a private web server in the corporate cloud as a “side business” #perhaps hosting salacious content or copyrighted material## If someone found out that the company was hosting this kind of material use corporate cloud resources, it could lead to adverse publicity for the company and a loss of material and brand equity#

Of course, outside attacks can take place against the cloud infrastructure, as well# An attacker from outside the company might gain access to the private cloud in order to run a mail server# The attacker might use the mail server as a launch pad for spam or email based attacks, or even attempt to run a private commercial mail server to make money, all without paying for any component of the infrastructure# Of course, to make this a success, the intruder would have to avoid detection# In order to avoid detection, the intruder using the private cloud resources would have to bypass the monitoring and billing systems that are being used by the private cloud# Another alternative would be for the attacker to arrange for his unauthorized use to be paid for by a legitimate client, such as a business unit# These charges could even be spread out over a large number of tenants, so that the charges could go virtually unnoticed by the legitimate tenants of the private cloud# A good metering mechanism will help to prevent this#

You also need to think about other areas where the measured service characteristic of private clouds affects the overall availability of the components of the private cloud shared resource pool# When you meter and charge for the use of private cloud resources, you motivate tenants to release resources to the pool when they have finished with them# This helps prevent an inadvertent denial of service secondary to running out of cloud resources# Remember the principle of incenting desired behavior# Without a cost incentive, consumers of the cloud services may retain resources they no longer need, even though they are not using them, thus reducing the overall availability of the private cloud’s resource pool#

Record keeping

Because metered services are so critical to the performance and availability of the cloud infrastructure, you need to ensure that all monitoring and logging facilities that measure and report on resource usage are protected from compromise# Logging must always be accurate and must always correctly identify who is using the resource# You need to ensure that access controls, which include role based access controls, are employed throughout your monitoring and reporting infrastructure#

You should provide tenants access to their billing information through the financial management systems you deploy in your private cloud, and they should include enough detail to enable your tenants to identify any possible unauthorized usage of resources on their behalf# You should also put into a place a system whereby it is easy for the tenants to report to you if they find anomalies or inconsistencies# Finally, the cost of obtaining resources from the shared pool should provide a powerful incentive for consumers of your cloud services to monitor their resource usage#

Summary

In this six-part series, we took a look at security considerations for private cloud# While the private cloud shares many characteristics with a traditional data center when it comes to security, there are some key differences in several areas that you need to think about perhaps change your focus and emphasis# One way to approach the security issues with the private cloud is to use the five essential characteristics of cloud computing as a pivot point# In this series, we discussed many of the key security considerations you should make when securing the private cloud, by looking at security concerns as they relate to broad network access, resource pooling, self-service, rapid elasticity, and metered services# I hope that you enjoyed this series and it helped you gain some insight into the issues you need to consider when you plan and design security for your private cloud#

If you would like to read the other parts in this article series please go to:

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top