security & trust in a services world - goto conference · security & trust in a services...
TRANSCRIPT
![Page 1: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/1.jpg)
Security & Trust in a Services World
Aaron Bedra Chief Scientist, Jemurai @abedra keybase.io/abedra
![Page 2: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/2.jpg)
In the beginning…
![Page 3: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/3.jpg)
![Page 4: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/4.jpg)
![Page 5: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/5.jpg)
![Page 6: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/6.jpg)
![Page 7: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/7.jpg)
Does this change the way we approach security?
![Page 8: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/8.jpg)
It certainly should!
![Page 9: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/9.jpg)
In fact, it makes it “easier”
![Page 10: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/10.jpg)
| Class | Package | Subclass | Subclass | World | | |(same pkg)|(diff pkg)| ————————————+———————+—————————+——————————+——————————+———————— public | + | + | + | + | + ————————————+———————+—————————+——————————+——————————+———————— protected | + | + | + | + | ————————————+———————+—————————+——————————+——————————+———————— no modifier | + | + | + | | ————————————+———————+—————————+——————————+——————————+———————— private | + | | | |
+ : accessible blank : not accessible
![Page 11: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/11.jpg)
With a service architecture we can draw our
relationships as they truly are
![Page 12: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/12.jpg)
But we’ve got a lot to consider when it comes
to security
![Page 13: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/13.jpg)
Trust
![Page 14: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/14.jpg)
noun 1. reliance on the integrity, strength, ability, surety, etc., of a person or thing; confidence. 2. confident expectation of something; hope.
![Page 15: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/15.jpg)
Trust != Authentication
![Page 16: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/16.jpg)
Authentication speaks to identity
![Page 17: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/17.jpg)
But does not address trust
![Page 18: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/18.jpg)
![Page 19: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/19.jpg)
Some things to get out of the way
![Page 20: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/20.jpg)
![Page 21: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/21.jpg)
Trust is multivalent
![Page 22: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/22.jpg)
In real life, once you learn someone’s name, do you trust them with everything forever?
![Page 23: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/23.jpg)
Of course not!
![Page 24: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/24.jpg)
Our systems shouldn’t either
![Page 25: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/25.jpg)
Trust is momentary and depends on context
![Page 26: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/26.jpg)
And most importantly, it can change
![Page 27: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/27.jpg)
We will talk about classification later, but
there are also levels of trust
![Page 28: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/28.jpg)
Consider the following
![Page 29: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/29.jpg)
Interesting questions• Date of last penetration test?
• Vulnerable dependencies?
• Vulnerable container images?
• Known unmitigated findings?
• Deviations in behavior?
![Page 30: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/30.jpg)
We should create layers of trust based on
information available
![Page 31: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/31.jpg)
This requires a more comprehensive security
program
![Page 32: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/32.jpg)
Yeah, but what do we do with it?
![Page 33: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/33.jpg)
If someone you didn’t know asked you a deeply personal
question, would you answer it?
![Page 34: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/34.jpg)
What about someone you have known for years?
![Page 35: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/35.jpg)
What if that person started asking really strange questions?
![Page 36: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/36.jpg)
![Page 37: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/37.jpg)
Would you alter your notion of trust?
![Page 38: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/38.jpg)
![Page 39: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/39.jpg)
Let’s pull it back to technology
![Page 40: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/40.jpg)
We can shift to momentary trust
![Page 41: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/41.jpg)
More questions?
• Who performed authentication?
• Do they agree you are who you say you are?
• What else do we know about you?
• Based on what we know, to what degree can we trust you?
![Page 42: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/42.jpg)
{ "last_penetration_date": "2017-04-26T16:24:44+00:00", "open_findings": true, "repository": "github.com/company/service", "dependency_file": "package.json", "vulnerable_dependencies": true, "current_container": "registry.local/service/latest", "container_vulnerabilities": true, "build_status": "failing", "classification": "private", "service_dependencies": ["sheep", "cheese"], }
![Page 43: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/43.jpg)
This information can and will change
![Page 44: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/44.jpg)
Use it to determine if they meet your criteria for delivering information
![Page 45: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/45.jpg)
In fact, publish your requirements as part of your service definition
![Page 46: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/46.jpg)
Publishing trust requirements helps prevent
unintended interruptions
![Page 47: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/47.jpg)
Yeah, yeah, that’s nice, but you’re insane. We
can’t do this!
![Page 48: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/48.jpg)
Good point
![Page 49: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/49.jpg)
I’m not here to convince you to improve security
![Page 50: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/50.jpg)
I’ll read about you in the news someday
![Page 51: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/51.jpg)
Please stop thinking about this as a security
exercise
![Page 52: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/52.jpg)
It’s a design exercise
![Page 53: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/53.jpg)
Because it’s what you do once you have this that
truly matters
![Page 54: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/54.jpg)
Service Classification
![Page 55: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/55.jpg)
What types of data pass through a service?
![Page 56: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/56.jpg)
Types of Data• Public
• PCI
• HIPAA
• PII
• Internal
• Confidential
![Page 57: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/57.jpg)
A service should be classified by the most sensitive data
that passes through it
![Page 58: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/58.jpg)
A service doesn’t need to store data to be classified
![Page 59: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/59.jpg)
It just has to have access to it
![Page 60: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/60.jpg)
How do we record classifications?
![Page 61: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/61.jpg)
Use a service registry!
![Page 62: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/62.jpg)
apiVersion: v1 kind: Service metadata: name: user-service labels: classification: private spec: type: LoadBalancer ports: - port: 8888 selector: app: user
![Page 63: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/63.jpg)
This is a simple example, but you can plug this idea into any registry
![Page 64: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/64.jpg)
What do we do with it?
![Page 65: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/65.jpg)
Restrict the flow of data based on classification
![Page 66: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/66.jpg)
Scenario
![Page 67: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/67.jpg)
The cardholder data service is classified as
PCI
![Page 68: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/68.jpg)
The profile service is classified as PII
![Page 69: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/69.jpg)
Should the cardholder data service return PCI
scoped data?
![Page 70: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/70.jpg)
NO!
![Page 71: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/71.jpg)
It should only pass what it is allowed to based on
the caller’s classification
![Page 72: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/72.jpg)
Using only a single interface
![Page 73: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/73.jpg)
This means filtering responses based on
classification
![Page 74: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/74.jpg)
DEMO
![Page 75: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/75.jpg)
func buildResponse(classification string, user User) User { switch classification { case "public": return User{ Username: user.Username, First: user.First, Last: user.Last, Email: user.Email} case "private": return User{ ID: user.Id, Username: user.Username, First: user.First, Last: user.Last, Email: user.Email, Password: user.Password}
} }
![Page 76: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/76.jpg)
How do we know the classification of the
caller?
![Page 77: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/77.jpg)
func getServiceClassification(service string) string { fmt.Println("Getting classification for", service) config, err := rest.InClusterConfig() if err != nil { log.Fatal(err) return "public" }
clientset, err := kubernetes.NewForConfig(config) if err != nil { log.Fatal(err) return "public" }
s, err := clientset.Core().Services(“default") .Get(service, metav1.GetOptions{}) if err != nil { log.Fatal(err) return "public" }
return s.GetLabels()["classification"] }
![Page 78: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/78.jpg)
Yeah, but how do we know the classification of
the caller?
![Page 79: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/79.jpg)
This is where trust comes into play
![Page 80: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/80.jpg)
Without some level of authentication this is very
difficult
![Page 81: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/81.jpg)
Or potentially impossible
![Page 82: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/82.jpg)
You could use JWT
![Page 83: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/83.jpg)
{ "typ": "JWT", "alg": "HS256" } { "iss": "token-service", "service": "frontend", "jti": "1e7e906b-9c78-47dd-bc50-4b1d77ccab55", "iat": 1524758983, "exp": 1524762583 }
![Page 84: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/84.jpg)
{ "typ": "JWT", "alg": "HS256" } { "iss": "token-service", "service": "frontend", "jti": "1e7e906b-9c78-47dd-bc50-4b1d77ccab55", "iat": 1524758983, "exp": 1524762583 }
![Page 85: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/85.jpg)
Or pass the token of the caller to a lookup service
![Page 86: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/86.jpg)
func getApplication(conf *conf, token *string) (string, error) { var application string query := "SELECT application from tokens where api_token=?" stmt, err := conf.Connection.Prepare(query) err = stmt.QueryRow(token).Scan(&application) if err != nil { return nil, err }
return application, nil }
![Page 87: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/87.jpg)
Once you have identified the classification you can produce
the appropriate response
![Page 88: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/88.jpg)
Make sure you log everything about how you produced the information
![Page 89: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/89.jpg)
What does this provide
• An audit trail of calls with the classification of the caller
• An audit trail of the classification of data that was returned by the callee to the caller
• A guarantee that data of specific classifications only reached designated locations
![Page 90: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/90.jpg)
Why is this important?
![Page 91: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/91.jpg)
If you don’t understand the flow of data, how can you
protect against attack?
![Page 92: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/92.jpg)
If you don’t understand the flow of data, how can you determine
the depth of a breach?
![Page 93: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/93.jpg)
If you log accurately, you can produce precise data
flow models
![Page 94: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/94.jpg)
{ "timestamp": “2018-04-26T16:24:44+00:00”, "caller": "frontend-service", "callee": "user-service", "caller-classification": "public", "response-classification": "public", "source": "jwt" }
![Page 95: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/95.jpg)
Which lets you build accurate threat models
![Page 96: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/96.jpg)
But also provides evidence for auditors
![Page 97: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/97.jpg)
As you can see, we’ve got some work to do
![Page 98: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/98.jpg)
![Page 99: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/99.jpg)
A lot of these ideas have yet to materialize
![Page 100: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/100.jpg)
But if we want to start taking security seriously, this type of discipline is important
![Page 101: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/101.jpg)
If we do this right more than security falls out
![Page 102: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/102.jpg)
Doing this right benefits architecture, operations, and business intelligence
![Page 103: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/103.jpg)
Parting thoughts
![Page 104: Security & Trust in a Services World - GOTO Conference · Security & Trust in a Services World Aaron Bedra Chief Scientist, Jemurai ... Our systems shouldn’t either. Trust is momentary](https://reader036.vdocument.in/reader036/viewer/2022070714/5ed58ecee4e9005a3e7b0b82/html5/thumbnails/104.jpg)
Questions?