Side-Channels Beyond the Cloud Edge : New Isolation Threats and Solutions

Abstract : Fog and edge computing leverage resources of end users and edge devices rather than centralized clouds. Isolation is a core security challenge for such paradigms: just like traditional clouds, fog and edge infrastructures are based on virtualization to share physical resources among several self-contained execution environments like virtual machines and containers. Yet, isolation may be threatened due to side-channels, created by the virtualization layer or due to the sharing of physical resources like the processor. Side-channel attacks (SCAs) exploit and use such leaky channels to obtain sensitive data. This paper aims to clarify the nature of this threat for fog and edge infrastructures. Current SCAs are local and exploit isolation challenges of virtualized environments to retrieve sensitive information. We introduce a new concept of distributed side-channel attack (DSCA) that is based on coordinating local attack techniques. We explore how such attacks can threaten isolation of any virtualized environments such as fog and edge computing. Finally, we study a set of different applicable countermeasures for attack mitigation.
Type de document :
Communication dans un congrès
IEEE International Conference on Cyber Security in Networking (CSNet) 2017, Oct 2017, Rio de Janeiro, Brazil. 1st Cyber Security in Networking Conference (CSNet'17)
Liste complète des métadonnées

Littérature citée [47 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01593144
Contributeur : Mohammad Mahdi Bazm <>
Soumis le : lundi 25 septembre 2017 - 17:59:01
Dernière modification le : jeudi 11 janvier 2018 - 06:28:12
Document(s) archivé(s) le : mardi 26 décembre 2017 - 14:38:37

Fichier

csnet2017_camera_ready.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01593144, version 1

Collections

Citation

Mohammad-Mahdi Bazm, Marc Lacoste, Mario Südholt, Jean-Marc Menaud. Side-Channels Beyond the Cloud Edge : New Isolation Threats and Solutions. IEEE International Conference on Cyber Security in Networking (CSNet) 2017, Oct 2017, Rio de Janeiro, Brazil. 1st Cyber Security in Networking Conference (CSNet'17). 〈hal-01593144〉

Partager

Métriques

Consultations de la notice

403

Téléchargements de fichiers

88