Protection through isolation: Virtues and pitfalls

Multitenancy is a key feature of cloud computing which has become a major concept recently. Nevertheless, sharing resources among a number of customers who are unknown to each other implies certain risks. While isolation is a strong means of mitigation, it also challenges a number of the main principles of cloud computing. Cloud computing looks to maximize resource use and isolation comes always at a cost, leaving few resources for the actual desired computation. In this chapter, we discuss the topic of hypervisor isolation by the example of networking. This includes the discussion of hypervisor architectures and mechanisms of isolation considering networking. Identifying the attack surface, an inventory of network-based attacks exploiting hypervisor isolation and possible countermeasures are presented.

[1]  Benjamin Farley,et al.  Resource-freeing attacks: improve your cloud performance (at your neighbor's expense) , 2012, CCS.

[2]  Zhenyu Wu,et al.  Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud , 2012, USENIX Security Symposium.

[3]  Kevin R. B. Butler,et al.  Detecting co-residency with active traffic analysis techniques , 2012, CCSW '12.

[4]  Michael K. Reiter,et al.  HomeAlone: Co-residency Detection in the Cloud via Side-Channel Analysis , 2011, 2011 IEEE Symposium on Security and Privacy.

[5]  Sherali Zeadally,et al.  Virtualization: Issues, security threats, and solutions , 2013, CSUR.

[6]  S. Hand,et al.  Xen 3.0 and the Art of Virtualization , 2010 .

[7]  Timothy Wood,et al.  A component-based performance comparison of four hypervisors , 2013, 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013).

[8]  Brian D. Noble,et al.  Bobtail: Avoiding Long Tails in the Cloud , 2013, NSDI.

[9]  Andrew Warfield,et al.  Xen and the art of virtualization , 2003, SOSP '03.

[10]  A. Kivity,et al.  kvm : the Linux Virtual Machine Monitor , 2007 .

[11]  Robert P. Goldberg,et al.  Formal requirements for virtualizable third generation architectures , 1973, SOSP 1973.

[12]  Wei-Ming Hu,et al.  Reducing timing channels with fuzzy time , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Calton Pu,et al.  Understanding Performance Interference of I/O Workload in Virtualized Cloud Environments , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[14]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[15]  David Brown,et al.  The Virtualization Reality , 2006, ACM Queue.

[16]  Robert P. Goldberg,et al.  Survey of virtual machine research , 1974, Computer.

[17]  Edgar R. Weippl,et al.  Cloudoscopy: services discovery and topology mapping , 2013, CCSW.

[18]  Benjamin Farley,et al.  More for your money: exploiting performance heterogeneity in public clouds , 2012, SoCC '12.

[19]  Ole Agesen,et al.  A comparison of software and hardware techniques for x86 virtualization , 2006, ASPLOS XII.

[20]  Ulrich Drepper,et al.  The Cost of Virtualization , 2008, ACM Queue.

[21]  Chong Li,et al.  Prioritizing local inter-domain communication in Xen , 2013, 2013 IEEE/ACM 21st International Symposium on Quality of Service (IWQoS).

[22]  Jennifer Rexford,et al.  Eliminating the hypervisor attack surface for a more secure cloud , 2011, CCS '11.

[23]  Antti Ylä-Jääski,et al.  Exploiting Hardware Heterogeneity within the Same Instance Type of Amazon EC2 , 2012, HotCloud.

[24]  Hovav Shacham,et al.  Eliminating fine grained timers in Xen , 2011, CCSW '11.

[25]  Robert Rose Survey of System Virtualization Techniques , 2004 .