Improving Users' Isolation in IaaS: Virtual Machine Placement with Security Constraints

Eddy Caron 1, 2 Jonathan Rouzaud-Cornabas 3, 1, 4
2 AVALON - Algorithms and Software Architectures for Distributed and HPC Platforms
Inria Grenoble - Rhône-Alpes, LIP - Laboratoire de l'Informatique du Parallélisme
4 BEAGLE - Artificial Evolution and Computational Biology
LIRIS - Laboratoire d'InfoRmatique en Image et Systèmes d'information, Inria Grenoble - Rhône-Alpes, LBBE - Laboratoire de Biométrie et Biologie Evolutive, CarMeN - Laboratoire de recherche en cardiovasculaire, métabolisme, diabétologie et nutrition
Abstract : Nowadays virtualization is used as the sole mechanism to isolate different users on Cloud platforms. We will show that due to improper virtualization of micro-architectural components, data leak and modification can occur on public Clouds. Furthermore, using the same vector, it is possible to induce performance interferences, i.e. noisy neighbors. Using this approach, a VM can slow down and steal resources from concurrent VMs. We propose placement heuristics that take into account isolation requirements. We modify three classical heuristics to take into account these requirements. Furthermore, we propose four new heuristics that take into account the hierarchy of the Cloud platforms and the isolation requirements. Finally, we evaluate these heuristics and compare them with the modified classical ones. We show that our heuristics are performing at least as good as classical ones but are scaling better and are faster by a few order of magnitude than the classical ones.
Type de document :
Communication dans un congrès
7th IEEE International Conference on Cloud Computing (IEEE Cloud 2014), Jun 2014, Anchorage, United States. IEEE, pp.8, 2014, IEEE 7th International Conference on Cloud Computing. 〈http://www.thecloudcomputing.org/2014/〉. 〈10.1109/CLOUD.2014.19〉
Liste complète des métadonnées

Littérature citée [35 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01240592
Contributeur : Eddy Caron <>
Soumis le : mercredi 9 décembre 2015 - 13:06:13
Dernière modification le : vendredi 20 avril 2018 - 15:44:26
Document(s) archivé(s) le : samedi 29 avril 2017 - 11:20:47

Fichier

IPDPS14_userisolation.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité - Pas d'utilisation commerciale - Pas de modification 4.0 International License

Identifiants

Citation

Eddy Caron, Jonathan Rouzaud-Cornabas. Improving Users' Isolation in IaaS: Virtual Machine Placement with Security Constraints. 7th IEEE International Conference on Cloud Computing (IEEE Cloud 2014), Jun 2014, Anchorage, United States. IEEE, pp.8, 2014, IEEE 7th International Conference on Cloud Computing. 〈http://www.thecloudcomputing.org/2014/〉. 〈10.1109/CLOUD.2014.19〉. 〈hal-01240592〉

Partager

Métriques

Consultations de la notice

670

Téléchargements de fichiers

174