Database Reference
In-Depth Information
provider's usage policy. This access to a cloud's system has increased the vulnerabili-
ties to user data and applications in a cloud. In addition, the global nature of clouds
mean that the attackers from all over the world can target a victim just by accessing a
cloud. Since clouds are shared resources, often there is the risk of collateral damage
when other users sharing the same resources with a victim, will also face the effects
of an attack.
19.3 RESEARCH QUESTIONS IN CLOUD SECURITY
In this section, we discuss the main research questions in cloud security. For each
question, we will examine the background of the issue and look at potential research
approaches.
19.3.1 e
XPloitation
oF
C
o
-t
enanCy
Research Question 1
: How can we prevent attackers from exploiting co-tenancy in
attacking the infrastructure and/or other clients?
As mentioned earlier, a cloud is a multi-tenant architecture. However, this funda-
mental property of clouds has been manipulated by many attackers to attack clouds.
The attacks can exploit multi-tenancy in several ways. First, the multi-tenancy fea-
ture allows attackers to get inside a cloud legitimately, without violating any laws or
bypassing any security measures. Once inside the cloud infrastructure, the attacker
can then start gathering information about the cloud itself. Next, the attacker can
gather information about other users using the same cloud and sharing resources
with the attacker. Finally, co-tenancy also exposes cloud users from active internal
attacks launched by co-resident attackers.
An example of the above was presented by Ristenpart et al. in [27]. Here, the
authors show that it is possible to reverse engineer the IP address allocation scheme
of Amazon.com's Amazon Web Services. Once the allocation strategy was discov-
ered, the authors showed that attackers can exploit this knowledge to place their vir-
tual machines in the same physical machine as their target virtual machine. Finally,
the authors showed how the malicious virtual machines can gather information
about their target virtual machines by exploiting CPU cache-based side channels.
A follow-up work shows that the attackers can actually steal encryption keys using
this attack [34].
While the attack described in [27] could easily be prevented by obfuscating
the IP address allocation scheme in Amazon AWS, key features of the attack on
co-resident users still remain. Solution approaches suggested in [27] include using
specially designed caches that will prevent cache-based side channels and cache-
wiping schemes. However, such schemes are expensive due to the specialized nature
of the cache hardware needed.
19.3.2 s
eCure
a
rChiteCture
For
the
C
louD
Research Question 2
: How do we design cloud computing architectures that are semi-
transparent, and provide clients with some accountability and control over security?
Search WWH ::
Custom Search