Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures - Archive ouverte HAL Access content directly
Preprints, Working Papers, ... Year :

Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures

(1) , (1) , (2, 3, 4) , (2, 3, 4)
1
2
3
4

Abstract

Cloud computing is based on the sharing of physical resources among several virtual machines through a virtualization layer providing software isolation. Despite advances in virtualization, data security and isolation guarantees remain important challenges for cloud providers. Some of the most prominent isolation violations come from side-channel attacks that aim at exploiting and using a leaky channel to obtain sensitive data such as encryption keys. Such channels may be created by vulnerable implementations of cryptographic algorithms, exploiting weaknesses of processor architectures or of resource sharing in the virtualization layer. In this paper, we provide a comprehensive survey of side-channel attacks (SCA) and mitigation techniques for virtualized environments, focusing on cache-based attacks. We review isolation challenges, attack classes and techniques. We also provide a layer-based taxonomy of applicable countermeasures , from the hardware to the application level, with an assessment of their effectiveness.
Fichier principal
Vignette du fichier
sca_survey.pdf (295.79 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01591808 , version 1 (22-09-2017)

Identifiers

  • HAL Id : hal-01591808 , version 1

Cite

Mohammad-Mahdi Bazm, Marc Lacoste, Mario Südholt, Jean-Marc Menaud. Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures. 2017. ⟨hal-01591808⟩
2020 View
4244 Download

Share

Gmail Facebook Twitter LinkedIn More