Isolation in Cloud Computing Infrastructures: New Security Challenges

Abstract : Cloud computing infrastructures are highly based on the sharing of hardware resources among different clients. The infrastructures leverage virtualization to share physical resources among several self-contained execution environments like virtual machines and Linux containers. Isolation is a core security challenge for such paradigm. It may be threatened through side-channels, created due to the sharing of physical resources like caches of the processor or by mechanisms implemented in the virtualization layer. Side-channel attacks (SCAs) exploit and use such leaky channels to obtain sensitive data like kernel information. This paper aims to clarify the nature of this threat for cloud infrastructures. Current SCAs are done locally and exploit isolation challenges of virtualized environments to retrieve sensitive information. In this paper, we also clarify the concept of distributed side-channel attack (DSCA). We explore how such attacks can threaten isolation of any virtualized environments such as cloud computing infrastructures. Finally, we study a set of different applicable countermeasures for attack mitigation in cloud infrastructures.
Type de document :
Article dans une revue
Annals of Telecommunications, Springer, inPress
Liste complète des métadonnées

https://hal.inria.fr/hal-01874206
Contributeur : Mohammad Mahdi Bazm <>
Soumis le : vendredi 14 septembre 2018 - 10:28:30
Dernière modification le : samedi 15 septembre 2018 - 01:20:54

Identifiants

  • HAL Id : hal-01874206, version 1

Citation

Mohammad-Mahdi Bazm, Marc Lacoste, Mario Südholt, Jean-Marc Menaud. Isolation in Cloud Computing Infrastructures: New Security Challenges. Annals of Telecommunications, Springer, inPress. 〈hal-01874206〉

Partager

Métriques

Consultations de la notice

154