NIST SP 800-209 (Draft) Security Guidelines for Storage Infrastructure
こんにちは、丸山満彦です。
NISTがストレージ基盤のためのセキュリティガイドラインのドラフトを公表し、コメントを求めていますね。コメントは2020.08.31までです。
NISTは、情報技術(IT)の3つの基盤として、
- コンピューティング(OSとホストのハードウェア)
- ネットワーク
- ストレージ
と考えているようですね。
このうち、コンピューティングとネットワークについては十分に議論されているが、データ侵害等の問題が注目されているにもかかわらずストレージ基盤についてのセキュリティガイドラインがなかったので、このガイドラインを作ったようですね。
したがって、このガイドラインはストレージ基盤についての包括的なセキュリティ対策の推奨事項が含まれているようです。また、具体的には、
- 物理的セキュリティ
- 認証と認可
- 変更管理
- 構成管理
- インシデン対応と復旧
など、IT基盤全体に共通するものだけでなく、ストレージ基盤に固有の領域である、
- データ保護
- 隔離
- 復元保証
- データ暗号化
などにも言及されているようですね。
・2020.07.21 SP 800-209 (Draft) Security Guidelines for Storage Infrastructure
・[PDF] SP 800-209 (Draft)
Abstract
Storage technology, just like its computing and networking counterparts, has evolved from traditional storage service types, such as block, file, and object. Specifically, the evolution has taken two directions: one along the path of increasing storage media capacity (e.g., tape, HDD, SSD) and the other along the architectural front, starting from direct attached storage (DAS) to the placement of storage resources in dedicated networks accessed through various interfaces and protocols to cloud-based storage resource access, which provides a software-based abstraction over all forms of background storage technologies. Accompanying the evolution is the increase in management complexity, which subsequently increases the probability of configuration errors and associated security threats. This document provides an overview of the evolution of the storage technology landscape, current security threats, and the resultant risks. The main focus of this document is to provide a comprehensive set of security recommendations that will address the threats. The recommendations span not only security management areas that are common to an information technology (IT) infrastructure (e.g., physical security, authentication and authorization, change management, configuration control, and incident response and recovery) but also those specific to storage infrastructure (e.g., data protection, isolation, restoration assurance, and encryption).
Executive Summary
Storage, computing, and networking form the three fundamental building blocks of an information technology infrastructure. Just like computing and network technologies, the storage technology has also evolved over the years. Higher capacity storage media and storage system architecture are the two fronts on which the storage technology has evolved. The developments on the second front have enabled the storage services to support many new and evolving computing use cases but have also introduced storage management complexity and many security challenges.
Just like computing and networking, the current landscape of storage infrastructure consists of a mixture of legacy and advanced systems. With this in mind, this document provides an overview of the storage technology landscape, including traditional storage services (e.g., block, file, and object storage), storage virtualization, storage architectures geared for virtualized server environments, and storage resources hosted in the cloud. Descriptions of various threats to the storage resources are also included, as well as analysis of the risks to storage infrastructure and the impacts of these threats.
The primary purpose of this document is to provide a comprehensive set of security recommendations for the current landscape of the storage infrastructure. The security focus areas span those that are common to the entire IT infrastructure, such as physical security, authentication and authorization, change management, configuration control, incident response, and recovery. Within these areas, security controls that are specific to storage technologies, such as network-attached storage (NAS) and storage area networks (SAN), are also covered. In addition, security recommendations specific to storage technologies are provided for the following areas of operation in the storage infrastructure:
- Data protection
- Isolation
- Restoration assurance
- Encryption
-----
* Executive Summary
1 Introduction
1.1 Scope
1.2 Target Audience
1.3 Relationship to other NIST Guidance Documents
1.4 Organization of this Document
2 Data Storage Technologies: Background
2.1 Block Storage Service
2.2 File Storage Service
2.3 Object Storage Service
2.4 Content-addressable Storage (CAS) Service
2.5 Higher-level Data Access Service
2.6 Software-defined Storage
2.7 Storage Virtualization
2.8 Storage for Virtualized Servers
2.9 Converged and Hyper-Converged Storage
2.10 Storage Infrastructure in Cloud
2.11 Storage Management
2.11.1 Data Classification or Categorization
2.11.2 Data Sanitization
2.11.3 Data Retention
2.11.4 Data Protection
2.11.5 Enhancing Performance – Data Reduction
2.11.6 Security Controls
3 Threats, Risks, and Attack Surfaces
3.1 Threats
3.1.1 Credential Theft
3.1.2 Cracking Encryption
3.1.3 Infection of Malware and Ransomware
3.1.4 Backdoors and Unpatched Vulnerabilities
3.1.5 Privilege Escalation
3.1.6 Human Error and Deliberate Misconfiguration
3.2 Risks to Storage Infrastructure
3.2.1 Data Breach
3.2.2 Data Exposure
3.2.3 Unauthorized Data Alteration and Addition
3.2.4 Data Corruption
3.2.5 Compromising Backups
3.2.6 Data Obfuscation and Encryption
3.2.7 Data Availability and Denial of Service
3.2.8 Tampering of Storage-Related Log and Audit Data
3.2.9 Mapping of Threats to Risks
3.3 Attack Surfaces
3.3.1 Physical Access
3.3.2 Access to Storage OS
3.3.3 Access to Management Hosts
3.3.4 Management APIs, Management Software, In-band Management
3.3.5 Storage Clients
3.3.6 Storage Network (Tap Into, Alter to Gain Access)
3.3.7 Compute Environment of Key Individuals – Storage Admins
3.3.8 Electricity Network
4 Security Guidelines for Storage Deployments
4.1 Physical Storage Security
4.2 Data Protection
4.2.1 Data Backup and Recovery
4.2.2 Replication
4.2.3 Point-in-Time Copies and Snapshots
4.2.4 Continuous Data Protection
4.3 Authentication and Data Access Control
4.3.1 Authentication Recommendations
4.3.2 Password Recommendations
4.3.3 Account Management Recommendations
4.3.4 Privilege and Session Management Recommendations
4.3.5 SAN-Specific Recommendations
4.3.6 File and Object Access Recommendations
4.4 Audit Logging
4.5 Preparation for Data Incident Response and Cyber Recovery
4.6 Guidelines for Network Configuration
4.6.1 SAN
4.6.2 IP Network
4.6.3 Protocols
4.7 Isolation
4.8 Restoration Assurance
4.9 Encryption
4.10 Administrative Access
4.11 Configuration Management
5 Summary and Conclusions
* References
Comments