首页    期刊浏览 2024年11月30日 星期六
登录注册

文章基本信息

  • 标题:Mitigating Cross-VM Side Channel Attack on Multiple Tenants Cloud Platform
  • 本地全文:下载
  • 作者:Liu, Fei ; Ren, Lanfang ; Bai, Hongtao
  • 期刊名称:Journal of Computers
  • 印刷版ISSN:1796-203X
  • 出版年度:2014
  • 卷号:9
  • 期号:4
  • 页码:1005-1013
  • DOI:10.4304/jcp.9.4.1005-1013
  • 语种:English
  • 出版社:Academy Publisher
  • 摘要:Virtualization is a key enabling technology in cloud computing. Multiple tenants can share computing resource of cloud provider on demand. While sharing can reduce the expenses of computing, it brings security vulnerability as well since the isolation between different VMs could be violated through side-channel attacks. Recent researches point out that by leveraging memory bus contention, two colluded malware within different VMs (but on the same host) may use diversity of memory access latency as a covert channel to deliver security critical information, such as user passwords or credit card numbers, which can bypass access control policies enforced by the guest OS or even the hypervisor. The bandwidth of such covert channel could be up to hundreds of kilobytes per second, which is fast enough to transfer large data objects. In this paper we propose a covert channel aware scheduler that considers security as first class to mitigate such side-channel attack. The scheduler is able to control the execution time overlapping of different VMs, and can also inject noise periodically to mitigate the threat of potential side channels. We have built a prototype of the proposed scheduler that enables overlapping control and noise injection. The performance evaluations show that the overhead introduced is acceptable. Meanwhile, the new scheduler offers the user to dynamically configure scheduling parameters to adapt to diverse circumstances, in order to make a balance between performance and security.
  • 关键词:virtual machine;cloud computing;security;side channel attack;scheduling algorithm
国家哲学社会科学文献中心版权所有