Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures

Abstract : Cloud computing is based on the sharing of physical resources among several virtual machines through a virtualization layer providing software isolation. Despite advances in virtualization, data security and isolation guarantees remain important challenges for cloud providers. Some of the most prominent isolation violations come from side-channel attacks that aim at exploiting and using a leaky channel to obtain sensitive data such as encryption keys. Such channels may be created by vulnerable implementations of cryptographic algorithms, exploiting weaknesses of processor architectures or of resource sharing in the virtualization layer. In this paper, we provide a comprehensive survey of side-channel attacks (SCA) and mitigation techniques for virtualized environments, focusing on cache-based attacks. We review isolation challenges, attack classes and techniques. We also provide a layer-based taxonomy of applicable countermeasures , from the hardware to the application level, with an assessment of their effectiveness.
Document type :
Preprints, Working Papers, ...
Complete list of metadata

Cited literature [98 references]  Display  Hide  Download
Contributor : Mohammad Mahdi Bazm Connect in order to contact the contributor
Submitted on : Friday, September 22, 2017 - 9:24:04 AM
Last modification on : Friday, January 21, 2022 - 3:09:58 AM
Long-term archiving on: : Saturday, December 23, 2017 - 12:50:57 PM


Files produced by the author(s)


  • HAL Id : hal-01591808, version 1


Mohammad-Mahdi Bazm, Marc Lacoste, Mario Südholt, Jean-Marc Menaud. Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures. 2017. ⟨hal-01591808⟩



Les métriques sont temporairement indisponibles