定量:公共云中评估多租户威胁的距离度量

2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom) Pub Date : 2018-12-01 DOI:10.1109/CloudCom2018.2018.00042

Taous Madi, Mengyuan Zhang, Yosr Jarraya, Amir Alimohammadifar, M. Pourzandi, Lingyu Wang, M. Debbabi

{"title":"定量:公共云中评估多租户威胁的距离度量","authors":"Taous Madi, Mengyuan Zhang, Yosr Jarraya, Amir Alimohammadifar, M. Pourzandi, Lingyu Wang, M. Debbabi","doi":"10.1109/CloudCom2018.2018.00042","DOIUrl":null,"url":null,"abstract":"As a cornerstone of cloud computing, multi-tenancy brings not only the benefit of resource sharing but also additional security implications. To achieve an optimal trade-off between security and resource sharing, cloud providers are obliged to evaluate the potential threats related to multi-tenancy. However, quantitative approaches for evaluating those threats are largely missing in existing works. In this paper, we propose a set of multi-level distance metrics that quantify the proximity of tenants' virtual resources inside a cloud. Those metrics are defined based on the configuration and deployment in a cloud, such that a cloud provider may apply them to evaluate the risk related to potential multi-tenancy attacks. We conduct case studies and experiments on both real and fictitious clouds. The obtained results show the effectiveness and applicability of our metrics. We further implement our metrics in OpenStack and show how they can be applied for distance auditing.","PeriodicalId":365939,"journal":{"name":"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"QuantiC: Distance Metrics for Evaluating Multi-Tenancy Threats in Public Cloud\",\"authors\":\"Taous Madi, Mengyuan Zhang, Yosr Jarraya, Amir Alimohammadifar, M. Pourzandi, Lingyu Wang, M. Debbabi\",\"doi\":\"10.1109/CloudCom2018.2018.00042\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As a cornerstone of cloud computing, multi-tenancy brings not only the benefit of resource sharing but also additional security implications. To achieve an optimal trade-off between security and resource sharing, cloud providers are obliged to evaluate the potential threats related to multi-tenancy. However, quantitative approaches for evaluating those threats are largely missing in existing works. In this paper, we propose a set of multi-level distance metrics that quantify the proximity of tenants' virtual resources inside a cloud. Those metrics are defined based on the configuration and deployment in a cloud, such that a cloud provider may apply them to evaluate the risk related to potential multi-tenancy attacks. We conduct case studies and experiments on both real and fictitious clouds. The obtained results show the effectiveness and applicability of our metrics. We further implement our metrics in OpenStack and show how they can be applied for distance auditing.\",\"PeriodicalId\":365939,\"journal\":{\"name\":\"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CloudCom2018.2018.00042\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CloudCom2018.2018.00042","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

作为云计算的基石，多租户不仅带来了资源共享的好处，还带来了额外的安全隐患。为了在安全性和资源共享之间实现最佳权衡，云提供商必须评估与多租户相关的潜在威胁。然而，在现有工作中，评估这些威胁的定量方法在很大程度上是缺失的。在本文中，我们提出了一组多级距离度量，用于量化云内租户虚拟资源的接近程度。这些指标是根据云中的配置和部署定义的，因此云提供商可以应用它们来评估与潜在多租户攻击相关的风险。我们在真实云和虚拟云中进行案例研究和实验。得到的结果表明了我们的度量的有效性和适用性。我们将在OpenStack中进一步实现我们的度量，并展示如何将它们应用于远程审计。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

QuantiC: Distance Metrics for Evaluating Multi-Tenancy Threats in Public Cloud

As a cornerstone of cloud computing, multi-tenancy brings not only the benefit of resource sharing but also additional security implications. To achieve an optimal trade-off between security and resource sharing, cloud providers are obliged to evaluate the potential threats related to multi-tenancy. However, quantitative approaches for evaluating those threats are largely missing in existing works. In this paper, we propose a set of multi-level distance metrics that quantify the proximity of tenants' virtual resources inside a cloud. Those metrics are defined based on the configuration and deployment in a cloud, such that a cloud provider may apply them to evaluate the risk related to potential multi-tenancy attacks. We conduct case studies and experiments on both real and fictitious clouds. The obtained results show the effectiveness and applicability of our metrics. We further implement our metrics in OpenStack and show how they can be applied for distance auditing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

自引率

0.00%

发文量