{"title":"Do you know where your cloud files are?","authors":"K. Benson, Rafael Dowsley, H. Shacham","doi":"10.1145/2046660.2046677","DOIUrl":"https://doi.org/10.1145/2046660.2046677","url":null,"abstract":"Clients of storage-as-a-service systems such as Amazon's S3 want to be sure that the files they have entrusted to the cloud are available now and will be available in the future.\u0000 Using protocols from previous work on proofs of retriev-ability and on provable data possession, clients can verify that their files are available now. But these protocols do not guarantee that the files are replicated onto multiple drives or multiple datacenters. Such tests are crucial if cloud storage is to provide resilience to natural disasters and power outages as well as improving the network latency to different parts of the world.\u0000 In this paper, we study the problem of verifying that a cloud storage provider replicates the data in diverse geolocations. We provide a theoretical framework for verifying this property. Our model accurately determines which Amazon CloudFront location serves content for Planetlab nodes across the continental US.\u0000 Our work is complementary to the recent paper of Bowers et al., which uses different techniques to verify that files are replicated across multiple drives in a single datacenter.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115646080","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Clouds and their discontents","authors":"John Manferdelli","doi":"10.1145/2046660.2046662","DOIUrl":"https://doi.org/10.1145/2046660.2046662","url":null,"abstract":"Cloud computing has become increasingly popular and important. Many companies have policy initiatives encouraging or even mandating the use of \"cloud\" computing. The popularity of cloud computing stems primarily from the hope for significant cost savings but also from the ability to scale quickly without large capital expenditures and efficient sharing and curation of very large data sets (for example, search indexes). Clouds, like distributed computing generally, also offers the ability to access data and resources from any connected device (increasingly mobile devices like smart phones and lightweight tablets like iPads). However, cloud computing in all its incarnations (Infrastructure as a Service, Software as a Service, Platform as a Service) raises a number of security questions that current providers have not addressed (or remain ominously silent about): increased susceptibility to insider attacks due to concentration of valuable data, \"fate-sharing\" and other vulnerabilities due to multi-tenancy, policy issues arising from multi-jurisdictional siting, vulnerabilities arising from scale operations, the opacity of cloud operators security practices and disclosure of interruption of operations or attacks. Despite these potential issues, cloud computing can be beneficial with judicial and transparent application of some simple security principles. We discuss cloud infrastructure, economics, operations and security infrastructure desiderata.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126243421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Eliminating fine grained timers in Xen","authors":"B. C. Vattikonda, Sambit Das, H. Shacham","doi":"10.1145/2046660.2046671","DOIUrl":"https://doi.org/10.1145/2046660.2046671","url":null,"abstract":"The move to \"infrastructure-as-a-service\" cloud computing brings with it a new risk: cross-virtual machine side channels through shared physical resources such as the L2 cache. One approach to this risk is to rewrite sensitive code to eliminate the signal. In this paper we consider another approach: weakening malicious virtual machines' ability to receive the signal by eliminating fine-grained timers. Such \"fuzzy time\" was implemented in 1991 in the VAX security kernel, but it was not clearly applicabile to modern virtual machine managers such as Xen on platforms such as the x86, which exports a cycle counter through the RDTSC instruction.\u0000 In this paper, we demonstrate that it is possible to modify the RDTSC instruction on Xen-virtualized x86 machines, making the timer provided by this instruction substantially more coarse. We perform a thorough evaluation of the impact of modifying this timer on the usability of the system, and we evaluate the limiting point of the timer coarseness.\u0000 Our findings open the way to a specific research program for mitigating cloud computing side channels through fuzzy time: (1) What other sources of fine-grained time are available to a malicious VM, and is it possible to degrade them? (2) What distribution of noise should be introduced to RDTSC and other timing signals to maximize the effect on malicious VMs while minimizing the effect on legitimate ones? (3) What timing resolution is actually needed to make use of L2 cache side channels?","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"153 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122982951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Automated verification of virtualized infrastructures","authors":"Sören Bleikertz, Thomas Gross, S. Mödersheim","doi":"10.1145/2046660.2046672","DOIUrl":"https://doi.org/10.1145/2046660.2046672","url":null,"abstract":"Virtualized infrastructures and clouds present new challenges for security analysis and formal verification: they are complex environments that continuously change their shape, and that give rise to non-trivial security goals such as isolation and failure resilience requirements. We present a platform that connects declarative and expressive description languages with state-of-the art verification methods. The languages integrate homogeneously descriptions of virtualized infrastructures, their transformations, their desired goals, and evaluation strategies. The different verification tools range from model checking to theorem proving; this allows us to exploit the complementary strengths of methods, and also to understand how to best represent the analysis problems in different contexts. We consider first the static case where the topology of the virtual infrastructure is fixed and demonstrate that our platform allows for the declarative specification of a large class of properties. Even though tools that are specialized to checking particular properties perform better than our generic approach, we show with a real-world case study that our approach is practically feasible. We finally consider also the dynamic case where the intruder can actively change the topology (by migrating machines). The combination of a complex topology and changes to it by an intruder is a problem that lies beyond the scope of previous analysis tools and to which we can give first positive verification results.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130694311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Towards ensuring client-side computational integrity","authors":"G. Danezis, B. Livshits","doi":"10.1145/2046660.2046683","DOIUrl":"https://doi.org/10.1145/2046660.2046683","url":null,"abstract":"Privacy is considered one of the key challenges when moving services to the Cloud. Solution like access control are brittle, while fully homomorphic encryption that is hailed as the silver bullet for this problem is far from practical. But would fully homomorphic encryption really be such an effective solution to the privacy problem? And can we already deploy architectures with similar security properties? We propose one such architecture that provides privacy, integrity and leverages the Cloud for availability while only using cryptographic building blocks available today.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132382586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yunjing Xu, Michael Bailey, F. Jahanian, Kaustubh R. Joshi, M. Hiltunen, R. Schlichting
{"title":"An exploration of L2 cache covert channels in virtualized environments","authors":"Yunjing Xu, Michael Bailey, F. Jahanian, Kaustubh R. Joshi, M. Hiltunen, R. Schlichting","doi":"10.1145/2046660.2046670","DOIUrl":"https://doi.org/10.1145/2046660.2046670","url":null,"abstract":"Recent exploration into the unique security challenges of cloud computing have shown that when virtual machines belonging to different customers share the same physical machine, new forms of cross-VM covert channel communication arise. In this paper, we explore one of these threats, L2 cache covert channels, and demonstrate the limits of these this threat by providing a quantification of the channel bit rates and an assessment of its ability to do harm. Through progressively refining models of cross-VM covert channels from the derived maximums, to implementable channels in the lab, and finally in Amazon EC2 itself we show how a variety of factors impact our ability to create effective channels. While we demonstrate a covert channel with considerably higher bit rate than previously reported, we assess that even at such improved rates, the harm of data exfiltration from these channels is still limited to the sharing of small, if important, secrets such as private keys.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127141772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Trusted platform-as-a-service: a foundation for trustworthy cloud-hosted applications","authors":"Andrew Brown, J. Chase","doi":"10.1145/2046660.2046665","DOIUrl":"https://doi.org/10.1145/2046660.2046665","url":null,"abstract":"The applications we use are increasingly packaged as network services running in the cloud under the control of a service provider. Users of these services have no basis to determine if these services are trustworthy, beyond the assurances of the service provider. Our work addresses the problem of how to build support for trustworthy services in the cloud, within the context of a larger trust management framework.\u0000 This paper shows how users can gain insights and trust into service applications by leveraging trust in a neutral third party: a cloud provider that hosts application services on an infrastructure and platform that it controls. A trusted cloud provider may act as a root of trust to attest cloud-hosted services to their clients---a trusted platform cloud. We have prototyped this approach in a trusted platform-as-a-service cloud provider supporting a Python/Django web framework. The cloud provider seals instances of service applications and attests their Python source code to external users. Once launched and attested, service instances run with an independent identity and are isolated from tampering by the cloud customer, except through well-defined operator interfaces that are part of the service definition.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126327608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"What's different about security in a public cloud?","authors":"C. Kaufman","doi":"10.1145/2046660.2046668","DOIUrl":"https://doi.org/10.1145/2046660.2046668","url":null,"abstract":"Most of the problems facing the designers of a public cloud are extensions of what we face in any data center: detecting and preventing intrusions, coping with DoS attacks, and keeping the various services largely isolated from one another. There are some new challenges: how to control the behavior of customers when your privacy guarantees prevent you from looking too closely at what they are doing, how to protect them from network based attacks when you don't know what kind of traffic is normal, and how to guarantee them resources when the behavior of others sharing the hardware is unpredictable. There are also some new advantages: centrally managing software maintenance can assure that patches are installed promptly, and scale permits a permanent staff of experienced trouble shooters to handle what would be rare problems for any individual customer.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127585238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Goodrich, M. Mitzenmacher, O. Ohrimenko, R. Tamassia
{"title":"Oblivious RAM simulation with efficient worst-case access overhead","authors":"M. Goodrich, M. Mitzenmacher, O. Ohrimenko, R. Tamassia","doi":"10.1145/2046660.2046680","DOIUrl":"https://doi.org/10.1145/2046660.2046680","url":null,"abstract":"Oblivious RAM simulation is a method for achieving confidentiality and privacy in cloud computing environments. It involves obscuring the access patterns to a remote storage so that others, including even the manager of that storage, cannot infer information about its contents. Existing solutions typically yield small amortized overheads for achieving this goal, but also yield huge variations in access times, depending on when they occur. In this paper, we show how to deamortize oblivious RAM simulations, so that each access takes a worst-case bounded amount of time.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123626355","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A new form of DOS attack in a cloud and its avoidance mechanism","authors":"Huan Liu","doi":"10.1145/1866835.1866849","DOIUrl":"https://doi.org/10.1145/1866835.1866849","url":null,"abstract":"Data center networks are typically grossly under-provisioned. This is not a problem in a corporate data center, but it could be a problem in a shared infrastructure, such as a co-location facility or a cloud infrastructure. If an application is deployed in such an infrastructure, the application owners need to take into account the infrastructure limitations. They need to build in counter-measures to ensure that the application is secure and it meets its performance requirements. In this paper, we describe a new form of DOS attack, which exploits the network under-provisioning in a cloud infrastructure. We have verified that such an attack could be carried out in practice in one cloud infrastructure. We also describe a mechanism to detect and avoid this new form of attack.","PeriodicalId":300613,"journal":{"name":"Cloud Computing Security Workshop","volume":"225 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-10-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122151575","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
