Guys from Amazon posts in Amazon Web Services Blog interesting document – AWS Security White Paper.
Main points –

  • there’s no backup for data ( EBS, S3, anything), but all data redundantly stored in multiple physical locations
  • for EC2 they have four security levels – host OS ( access : only AWS administrators ),  guest OS ( access : only customers, AWS admins can’t log onto guest OS ),  Firewall ( indirectly configured by customers, AWS admins also have access ) , Amazon EC2 API ( access : only customers ).
  • all guest OS running by hypervisor XEN – so instances have no direct access to hardware resources, and can’t read-write any data which owned another instances – including network packets, disk devices and memory.
  • network traffic ( for different instances ) can not be sniffed, external DDoS secured by firewal, port scanning inside network prohibited by Acceptable Use Policy ( customer will be blocked for this, I suppose ), instances can’t use IP spoofing ( because of hypervisor Xen :-). Anyway, Amazon reccomend to use SSL for network connections.
  • Security in S3 and SimpleDB based in ACL ( access control list ) – only data owner may edit access permission.
  • All data in S3 and SimpleDB stored ‘as is’ without any encryption. If you want to be more secure – you should store encrypted data – “Encrypting before sending to SimpleDB guarantees that no party, including AWS, has access to sensitive customer data”.  Once you delete data from S3 or SimpleDB all external links to them will be unaccessible – “area is then made available only for write operations and the data is overwritten by newly stored data”.  S3 and SimpleDB nodes use SSL for network connection, so there’s no chances for Man-In-The-Middle attack.

Leave a Reply