脅威モデリングで考える Kubernetes セキュリティ / CloudNative Days Tokyo 2021 #CNDT2021 #CNDT2021_B

Transcript

1. ,PIFJ
   .PSJUB
   
   (.0
   1FQBCP
   *OD
   
   $MPVE/BUJWF
   %BZT
   5PLZP
    ڴҖϞσϦϯάͰߟ͑Δ
   ,VCFSOFUFT
   ηΩϡϦςΟ

2. (.0
   1FQBCP
   *OD
   4FOJPS
   &OHJOFFS ,PIFJ
   .PSJUB
   
   !NSUD ηΩϡϦςΟରࡦࣨ CMPHTTSGJO
   
   NSUD!TTSGJO

3. .Z
   SFDFOU
   "DUJWJUJFT DPOUBJOFSTFDVSJUZEFW HJUIVCDPNNSUDCPVIFLJ

4. "HFOEB  ڴҖϞσϦϯάͱ͸
    طଘͷ
   ,VCFSOFUFT
   ڴҖϞσϦϯά
    ڴҖϞσϦϯά͔ΒݟΔ
   ,VCFSOFUFT
   Ϋϥελͷ
   "UUBDL
   4VSGBDFT

5. ,VCFSOFUFT
   4FDVSJUZ
   JT
   )BSE ,VCFSOFUFT
   
   ίϯςφ
   
   ίϯςφΠϝʔδ
   
   $*ɾ$%
   ύΠϓϥΠϯ
   
   ιϑτ΢ΣΞ
   
   FUD ɾෳࡶͳͷͰʮͲ͜ΛकΔ΂͖͔ʯʮԿ͔ΒकΔ΂͖͔ʯ͕෼͔Γʹ͍͘ɺ೉͘͠ײͯ͡͠·͏ cc ,VCFSOFUFT
   Ϋϥελ
   

   ɾίϯςφ͚ͩΛηΩϡΞʹͯ͠΋ɺଞͷͱ͜Ζʹ͕݀͋Ε͹ɺΫϥελΛঠѲ͞Εͯ͠·͏ NJTDPOpHSBUJPO
   4VQQMZ
   $IBJO
   7VMOFSBCJMJUJFT
   FUD

6. Կ͔ΒकΔ͔ɺԿΛकΔ͔ ɾγεςϜ͕ʮͲͷΑ͏ʹ߈ܸ͞ΕΔ͔ʯΛཧղ͢Δ͜ͱ͸๷ޚͷجຊ Կ͔ΒकΔͷ͔
   
   εΫϦϓτΩσΟ
   ߴ౓ͳ߈ܸ
   ಺෦൜ߦ ԿΛकΔͷ͔
   
   ػີσʔλ
   αʔόʔ
   ΞϓϦέʔγϣϯ ɾγεςϜɾΞʔΩςΫνϟͷཧղ ԿΛ͢ΔͨΊͷιϑτ΢ΣΞ

   
   αʔϏε ηΩϡϦςΟཁ݅͸ ͲͷΑ͏ͳػີ৘ใΛѻ͏
   ͦͷσʔλ΁ͷΞΫηεํ๏͸ σʔλ͸ͲͷίϯϙʔωϯτͰॲཧ͢Δ

7. ڴҖϞσϦϯάͱ͸ γεςϜͷજࡏతͳڴҖΛ༧ଌ͢ΔͨΊͷϞσϧΛ࡞੒͢Δϓϩηε γεςϜΛந৅Խͯ͠શମ૾Λ၆ᛌ͢Δ͜ͱͰɺڴҖ ϦεΫͱͳΔཁҼ Λݟ͚ͭΔ ڴҖϞσϦϯά
   㱩
   ڴҖ෼ੳͰ͋Γɺຊདྷ͸ڴҖͷநग़ͷΈΛߦ͍·͕͢ɺຊηογϣϯͰ͸ରࡦ౳ʹ͍ͭͯ΋৮Ε·͢ɻ

8. ڴҖϞσϦϯάͷϑϨʔϜϫʔΫ 453*%& 1"45" 5SJLF 33" ݫີʹ͸
   33"
   ͸ηΩϡϦςΟͷͨΊͷڴҖ෼ੳΛߦ͏ख๏Ͱ͸͋Γ·ͤΜ͕ɺ.P[JMMB
   
   ,VCFSOFUFT
   Ͱ΋ར༻͞Ε͍ͯΔख๏ͳͷͰࡌ͍ͤͯ·͢ɻ ΋ͪΖΜɺ্هҎ֎ͷख๏΋͋Γ·͢ɻ

9. 453*%& ڴҖ ҙຯ ྫ 4QPPpOH ͳΓ͢·͠ ଞϢʔβʔ΁ͷͳΓ͢·͠
   ωοτϫʔΫ্Ͱͷผ୺຤΁ͷͳΓ͢·͠ 5BNQFSJOH վ᜵ɺσʔλͷมߋ

   ϑΝΠϧ΍
   %#ɺωοτϫʔΫܦ࿏ͷվ᜵ 3FQVEJBUJPO ൱ೝɺ߈ܸ͍ͯ͠ͳ͍͜ͱΛओுͰ͖Δɻ ϩάͱͯ͠ه࿥͕࢒Βͳ͍ *OGPSNBUJPO
   %JTDMPTVSF ެ։͞ΕΔ΂͖Ͱͳ͍৘ใ͕Ӿཡ͞ΕΔ Τϥʔϝοηʔδ΍ϩάʹൿಗ͢΂͖৘ใؚ͕·ΕΔ
   "$-
   ͷෆඋ %FOJBM
   PG
   4FSWJDF αʔϏε๦֐ɺਖ਼ৗʹαʔϏεΛఏڙͰ͖ͳ͍ɻ ॲཧͷॏ͍ΤϯυϙΠϯτͷଘࡏ
   େྔͷΞΫηεɺσΟεΫ༰ྔͷѹഭ &MFWBUJPO
   PG
   1SJWJMFHF ݖݶঢ֨ɺҙਤͨ͠Ҏ֎ͷݖݶΛऔಘ͞ΕΔɻ ೚ҙͷίʔυΛ࣮ߦͰ͖Δ࢓૊Έͷଘࡏ
   ೝূɾೝՄͷෆඋ

10. %'%
    %BUB
    'MPX
    %JBHSBN ڴҖϞσϧର৅ͷίϯϙʔωϯτΛྻڍ͠ɺσʔλͷྲྀΕ΍ͲͷΑ͏ͳσʔλΛѻ͏͔هࡌ͢Δ

11. %'%
    %BUB
    'MPX
    %JBHSBN ϓϩηε
    
    σʔλͷೖग़ྗΛߦ͏΋ͷɻ
    8FC
    αʔϏε΍
    04
    ϓϩηεͳͲ σʔλετΞ
    
    ӬଓɾҰ࣍هԱྖҬɻΩϟογϡ΍
    %#
    ͳͲ ֎෦ΤϯςΟςΟ
    
    ௚઀੍ޚͰ͖ͳ͍΋ͷɻϢʔβʔɺ֎෦αʔϏεͳͲ σʔλϑϩʔ
    
    ֎෦ΤϯςΟςΟɺϓϩηεɺσʔλετΞؒͷσʔλͷྲྀΕ ৴པڥք
    
    Կ͔Λ੍ޚ͢Δͱ͜ΖʹҾ͘ڥքઢɻωοτϫʔΫɺϗετɺ૊৫ ڥքઢΛ௒͑Δ
    
    ߈ܸʹࡽ͞ΕΔՄೳੑ͕ߴ͍ͱ͜Ζ

12. %'%
    %BUB
    'MPX
    %JBHSBN $/$'
    'JOBODJBM
    6TFS
    (SPVQ
    
    453*%&
    IUUQTHJUIVCDPNDODGpOBODJBMVTFSHSPVQUSFFNBTUFSQSPKFDUTLTUISFBUNPEFM

13. ڴҖͷಛఆ ڴҖͷಛఆΛ؆୯ʹ͢ΔͨΊʹ
    453*%&
    7BSJBOUT
    ͕͋Δ 453*%&QFS&MFNFOU %'%
    ͷ͢΂ͯͷཁૉʹରͯ͠ɺ9
    ͷνΣοΫϚʔΫ͕͋Δ
    453*%&
    ͷڴҖΛಋग़͢Δ 453*%&QFS*OUFSBDUJPO ৴པڥքͱަࠩ͢Δσʔλϑϩʔʹண໨͠ɺڴҖΛಋग़͢Δ γεςϜͷن໛΍ෳࡶ౓ʹΑͬͯ
    1SPT
    
    $POT
    ͋Δ

14. "UUBDL
    5SFF ൃݟͨ͠ڴҖʹ͍ͭͯɺ۩ମతͳ߈ܸख๏Λྻڍ͢Δ FH
    ผͷϢʔβʔʹͳΓ͢·͠Ͱ͖ΔڴҖ
    4QPPpOH FH
    ผͷϢʔβʔʹͳΓ͢·͠Ͱ͖ΔڴҖ
    4QPPpOH 
    ͳΓ͢·͢ख๏ͱͯ͠ʮෆਖ਼ϩάΠϯʯʮ౪ௌʯ͕ߟ͑ΒΕΔ 
    ʮෆਖ਼ϩάΠϯʯΛ໨తͱͨ͠৔߹ɺͦͷख๏ͱͯ͠
    ʮ૯౰Γ߈ܸʯʮϦετܕ߈ܸʯ͕ߟ͑ΒΕΔ ໨తͱखஈΛ໦ߏ଄Ͱදݱ͍ͯ͘͜͠ͱͰɺ

    ߈ܸύλʔϯΛ၆ᛌͰ͖ɺ
    ߈ܸ͕Ͱ͖ͳ͘ͳΔ৚݅Λಋग़Ͱ͖Δ

15. "UUBDL
    5SFF "UUBDL
    5SFF
    ͷ࡞੒ʹ͸߈ܸख๏ʹؔ͢Δ஌͕ࣝඞཁͱ͞ΕΔ ˠ
    ࡞੒ऀͷ஌ࣝ΍ܦݧʹґଘͯ͠͠·͏ "UUBDL
    -JCSBSZ
    ͳͲɺ߈ܸύλʔϯΛ஝ੵͨ͠ϥΠϒϥϦΛࢀߟʹ͢Δ $"1&$
    
    IUUQTDBQFDNJUSFPSH "55$,
    
    IUUQTBUUBDLNJUFSPSH IUUQTBUUBDLNJUSFPSHNBUSJDFTFOUFSQSJTFDPOUBJOFST IUUQTXXXNJDSPTPGUDPNTFDVSJUZCMPHTFDVSFDPOUBJOFSJ[FEFOWJSPONFOUTXJUIVQEBUFEUISFBUNBUSJYGPSLVCFSOFUFT ίϯςφ
    
    ,VCFSOFUFT
    ͷ
    "55$,
    ΋ଘࡏ͢Δ

16. ϦεΫ΁ͷରԠ ରࡦͷ༏ઌ౓Λߦ͏ͨΊʹϦεΫධՁΛߦ͏ $744
    
    IUUQTXXXJQBHPKQTFDVSJUZWVMO$744IUNM %3&"%
    
    IUUQTFOXJLJQFEJBPSHXJLJ%3&"%@ SJTL@BTTFTTNFOU@NPEFM .JUJHBUJPO
    
    ؇࿨ࡦɺѱ༻Λࠔ೉ʹ͢Δ &MJNJOBUJOH
    
    ػೳΛഉআ͢Δ 5SBOTGFSSJOH
    
    ผͷԿ͔ʹϦεΫΛ೚ͤΔ
    FH
    ೝূΛ֎෦αʔϏεʹ೚ͤΔ "DDFQUJOH
    
    ϦεΫΛड͚ೖΕΔ ࠜຊతͳղܾࡦ͕ଘࡏ͠ͳ͍έʔε΋͋Δ

17. طଘͷ
    ,VCFSOFUFT
    ڴҖϞσϦϯά

18. ,VCFSOFUFT
    ͷڴҖϞσϦϯά w 4FDVSJUZ
    "VEJU
    8(
    5SBJM
    PG
    #JUT
    
    33" IUUQTHJUIVCDPNLVCFSOFUFTDPNNVOJUZUSFFNBTUFSTJHTFDVSJUZTFDVSJUZBVEJUpOEJOHT

19. 3BQJE
    3JTL
    "TTFTTNFOU
    33" w αʔϏεʹؔ͢Δ࣭໰ w ࢓૊ΈɺίϯϙʔωϯτϦετɺϓϩτίϧɺσʔλͷอଘՕॴ΍อଘͷํ๏ͳͲ w $POUSPM
    'BNJMJFT
    γεςϜͷػີੑɺ׬શੑɺՄ༻ੑΛอޢ͢ΔͨΊͷٕज़తͳཁૉʹ͍ͭͯ w

    "VUIPSJ[BUJPO
    "VUIFOUJDBUJPO
    4FDSFUT
    .BOBHFNFOU
    /FUXPSLJOH
    FUD w ίϯϙʔωϯτ͝ͱʹ
    $POUSPM
    'BNJMJFT
    ͷධՁ w ۩ମతͳ߈ܸͷγφϦΦྻڍͱਂࠁ౓౳ͷධՁɺ୹ظతɾ௕ظతͳରࡦ w .P[JMMB
    ͷ
    33"
    ςϯϓϨʔτΛΧελϚΠζ͍ͯ͠Δ IUUQTJOGPTFDNP[JMMBPSHHVJEFMJOFTSJTLSBQJE@SJTL@BTTFTTNFOUIUNM

20. $POUSPM
    'BNJMJFT
    LVCFMFU ೝূͳ͠Ͱ઀ଓͰ͖ΔαʔϏε͕͋Γɺ
    ͜ͷϙʔτʹΞΫηεͰ͖Δ߈ܸऀʹ
    1PE
    TQFD
    ͳͲͷ৘ใ͕࿙Ӯ͢Δ

21. 'JOEJOHT
    LVCFMFU ߈ܸʹ͍ͭͯͷධՁ ɾ߈ܸऀ͸৵ೖࡁΈ͔ɺ಺෦Ϣʔβʔ͕લఏ ɾϫʔΫϩʔυͷ৘ใ΍Ұ෦ͷΫϨσϯγϟϧ͕
    
    
    
    ࿙Ӯ͢ΔՄೳੑ ରࡦʹ͍ͭͯ ɾ
    ϙʔτ͸σϑΥϧτͰด͡ΔΑ͏ʹมߋ ɾ
    ϙʔτ͸
    N5-4
    ʹΑͬͯอޢ

22. ,VCFSOFUFT
    ͷڴҖϞσϦϯά w $/$'
    'JOBODJBM
    6TFS
    (SPVQ
    
    453*%& IUUQTHJUIVCDPNDODGpOBODJBMVTFSHSPVQUSFFNBTUFSQSPKFDUTLTUISFBUNPEFM

23. "UUBDL
    7FDUPST IUUQTHJUIVCDPNDODGpOBODJBMVTFSHSPVQUSFFNBTUFSQSPKFDUTLTUISFBUNPEFM

24. (JU-BC
    ,VCFSOFUFT
    "HFOU w (JU-BC
    ,VCFSOFUFT
    "HFOU IUUQTBCPVUHJUMBCDPNCMPHUISFBUNPEFMJOHLVCFSOFUFTBHFOU IUUQTBCPVUHJUMBCDPNIBOECPPLTFDVSJUZUISFBU@NPEFMJOHIPXUPIUNM ,VCFSOFUFT
    ࣗମͷڴҖϞσϦϯάͰ͸͋Γ·ͤΜ͕ɺ
    ,VCFSOFUFT
    ͱΠϯςάϨʔγϣϯ͢Διϑτ΢ΣΞͷࣄྫͳͷͰɺڍ͍͛ͯ·͢

25. ՍۭͷΫϥελΛڴҖϞσϦϯά͢Δ

26. ՍۭͷΫϥελͷ%'% ؆୯ͷͨΊʹҰ෦লུ͍ͯ͠·͢

27. 453*%&QFS*OUFSBDUJPO ߈ܸऀͱϓϩηεؒͷσʔλϑϩʔʹݶఆ͍ͯ͠·͢ 453*%&
    ͷநग़΋Ұ෦ͷΈͰ͢

28. "55$, &YQPTFE
    %BTICPBSE "SHP$%
    "SHP8PSLMPBE
    (SBGBOB
    ,VCFSOFUFT
    %BTICPBSE IUUQTB[VSFNJDSPTPGUDPNFOVTCMPHEFUFDUMBSHFTDBMFDSZQUPDVSSFODZNJOJOHBUUBDLBHBJOTULVCFSOFUFTDMVTUFST IUUQTXXXJOUF[FSDPNCMPHDPOUBJOFSTFDVSJUZOFXBUUBDLTPOLVCFSOFUFTWJBNJTDPOpHVSFEBSHPXPSLqPXT ࣄྫ

29. "55$, $MPVE
    $SFEFOUJBMT
    
    ,VCFDPOpH ΤϯυϙΠϯτ୺຤ͷอޢ΋ඞཁ

30. "UUBDL
    5SFF "UUBDL
    5SFF
    ʹͯ͠۩ମతͳ
    ߈ܸख๏Λྻڍ͢Δ

31. 4VNNBSZ 
    ڴҖϞσϦϯάɾڴҖ෼ੳͰજࡏతͳϦεΫΛચ͍ग़͢͜ͱ͕Ͱ͖Δ γεςϜɾσʔλΛอޢ͢Δʹ͸ɺͲ͜ΛकΕ͹Α͍͔͕ݟ͑ͯ͘Δ ΋ͪΖΜສೳͰ͸ͳ͍͠ɺͦΕΛߦ͏ͨΊͷτϨʔχϯά΋ඞཁ 
    ,VCFSOFUFT
    ΍ίϯςφͷ
    "55$,
    Λࢀরͯ͠۩ମతͳ߈ܸख๏Λ஌Δ Ϋϥελ߈ུͷͨΊʹԿΛ଍͕͔Γʹ͢Δͷ͔ɺ߈ܸΛӬଓԽ͢ΔͨΊʹԿΛ࢓ֻ͚Δͷ͔ ˠ
    ࣗ෼ͨͪͷ࡞ٕͬͨज़ج൫΍ιϑτ΢ΣΞͷ
    "55$,
    ͷ࡞੒ͯ͠׆༻͢Δ ݟ͔ͭͬͨڴҖΛνΣοΫϦετԽͯ͠αʔϏε։ൃʹ׆͔͢