Verifying cloud services: present and future

As cloud-based services gain popularity in both private and enterprise domains, cloud consumers are still lacking in tools to verify that these services work as expected. Such tools should consider properties such as functional correctness, service availability, reliability, performance and security guarantees. In this paper we survey existing work in these areas and identify gaps in existing cloud technology in terms of the verification tools provided to users. We also discuss challenges and new research directions that can help bridge these gaps.

[1]  James C. King,et al.  A new approach to program testing , 1974, Programming Methodology.

[2]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[3]  Maurice Herlihy,et al.  Linearizability: a correctness condition for concurrent objects , 1990, TOPL.

[4]  J-C. Laprie,et al.  DEPENDABLE COMPUTING AND FAULT TOLERANCE : CONCEPTS AND TERMINOLOGY , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[5]  Chris Loosley,et al.  High-Performance Client/Server , 1997 .

[6]  Noga Alon,et al.  Regular languages are testable with a constant number of queries , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[7]  Evan Marcus,et al.  Blueprints for high availability , 2000 .

[8]  Virgílio A. F. Almeida,et al.  Capacity Planning for Web Services: Metrics, Models, and Methods , 2001 .

[9]  Dennis Shasha,et al.  Building secure file systems out of byzantine storage , 2002, PODC '02.

[10]  Jean Jacques Moreau,et al.  SOAP Version 1. 2 Part 1: Messaging Framework , 2003 .

[11]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[12]  B. Monahan,et al.  Meaningful Security SLAs , 2005 .

[13]  Michael K. Reiter,et al.  On Consistency of Encrypted Files , 2006, DISC.

[14]  Jeffrey S. Chase,et al.  Strong accountability for network storage , 2007, TOS.

[15]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[16]  Mauro Pezzè,et al.  Software testing and analysis - process, principles and techniques , 2007 .

[17]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[18]  Scott Shenker,et al.  Attested append-only memory: making adversaries stick to their word , 2007, SOSP.

[19]  Dawson R. Engler,et al.  KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[20]  Idit Keidar,et al.  Fail-Aware Untrusted Storage , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[21]  Krishna P. Gummadi,et al.  Towards Trusted Cloud Computing , 2009, HotCloud.

[22]  Christian Cachin,et al.  Integrity Protection for Revision Control , 2009, ACNS.

[23]  Ari Juels,et al.  HAIL: a high-availability and integrity layer for cloud storage , 2009, CCS.

[24]  Ari Juels,et al.  Proofs of retrievability: theory and implementation , 2009, CCSW '09.

[25]  Pankaj Mudholkar,et al.  Software Testing , 2002, Computer.

[26]  Huan Liu,et al.  A new form of DOS attack in a cloud and its avoidance mechanism , 2010, CCSW '10.

[27]  Ariel J. Feldman,et al.  SPORC: Group Collaboration using Untrusted Cloud Resources , 2010, OSDI.

[28]  Chen Wang,et al.  A Collaborative Monitoring Mechanism for Making a Multitenant Platform Accountable , 2010, HotCloud.

[29]  Idit Keidar,et al.  Venus: verification for untrusted cloud storage , 2010, CCSW '10.

[30]  A survey on performance management for internet applications , 2010, Concurr. Comput. Pract. Exp..

[31]  Siani Pearson,et al.  Privacy, Security and Trust Issues Arising from Cloud Computing , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[32]  John Zic,et al.  Accountability as a Service for the Cloud , 2010, 2010 IEEE International Conference on Services Computing.

[33]  Trent Jaeger,et al.  Seeding clouds with trust anchors , 2010, CCSW '10.

[34]  I. Melzer Web Services Description Language , 2010 .

[35]  Xiaozhou Li,et al.  What Consistency Does Your Key-Value Store Actually Provide? , 2010, HotDep.

[36]  C. Cachin,et al.  A cloud you can trust , 2011, IEEE Spectrum.

[37]  Emin Gün Sirer,et al.  Logical attestation: an authorization architecture for trustworthy computing , 2011, SOSP.

[38]  Joseph Idziorek,et al.  Exploiting Cloud Utility Models for Profit and Ruin , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[39]  George Candea,et al.  S2E: a platform for in-vivo multi-path analysis of software systems , 2011, ASPLOS XVI.

[40]  Stefan Tai,et al.  What Are You Paying For? Performance Benchmarking for Infrastructure-as-a-Service Offerings , 2011, 2011 IEEE 4th International Conference on Cloud Computing.

[41]  Vyas Sekar,et al.  Verifiable resource accounting for cloud computing services , 2011, CCSW '11.

[42]  Travis D. Breaux,et al.  Managing multi-jurisdictional requirements in the cloud: towards a computational legal landscape , 2011, CCSW '11.

[43]  Haibo Chen,et al.  CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[44]  Miguel Correia,et al.  Lucy in the sky without diamonds: Stealing confidential data in the cloud , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[45]  Ronald L. Rivest,et al.  How to tell if your cloud files are vulnerable to drive crashes , 2011, CCS '11.

[46]  Peter Desnoyers,et al.  Scheduler Vulnerabilities and Attacks in Cloud Computing , 2011, ArXiv.

[47]  Elaine Shi,et al.  Do You Know Where Your Data Are? Secure Data Capsules for Deployable Data Protection , 2011, HotOS.

[48]  Peter Desnoyers,et al.  Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing , 2011, 2011 IEEE 10th International Symposium on Network Computing and Applications.

[49]  Nicolas Marchand,et al.  Experience with CONSER: A System for Server Control through Fluid Modeling , 2011, IEEE Transactions on Computers.

[50]  Marko Vukolic,et al.  Robust data sharing with key-value stores , 2012, DSN.

[51]  Reihaneh Safavi-Naini,et al.  LoSt: location based storage , 2012, CCSW '12.

[52]  Sushil K. Prasad,et al.  AzureBench: Benchmarking the Storage Services of the Azure Cloud Platform , 2012, 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum.

[53]  Krishna P. Gummadi,et al.  Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services , 2012, USENIX Security Symposium.

[54]  Abhinav Srivastava,et al.  Self-service cloud computing , 2012, CCS '12.

[55]  Matthias Schunter,et al.  Secure cloud maintenance: protecting workloads against insider attacks , 2012, ASIACCS '12.

[56]  George Candea,et al.  The S2E Platform: Design, Implementation, and Applications , 2012, TOCS.

[57]  Ryszard Kowalczyk,et al.  Policy-Based Automation of SLA Establishment for Cloud Computing Services , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[58]  Ronald L. Rivest,et al.  Hourglass schemes: how to prove that cloud files are encrypted , 2012, CCS.

[59]  Marko Vukolic,et al.  Robust data sharing with key-value stores , 2011, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[60]  Carlo Curino,et al.  Mobius: unified messaging and data serving for mobile apps , 2012, MobiSys '12.

[61]  Peter R. Pietzuch,et al.  CloudFilter: practical control of sensitive data propagation to the cloud , 2012, CCSW '12.

[62]  Bettina Kemme,et al.  How consistent is your cloud application? , 2012, SoCC '12.

[63]  Mario Macías,et al.  Client Classification Policies for SLA Enforcement in Shared Cloud Datacenters , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[64]  Martin Gilje Jaatun,et al.  Security SLAs - An Idea Whose Time Has Come? , 2012, CD-ARES.

[65]  Salman Baset,et al.  Cloud SLAs: present and future , 2012, OPSR.

[66]  Martin Gilje Jaatun,et al.  Expressing Cloud Security Requirements in Deontic Contract Languages , 2012, CLOSER.

[67]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.

[68]  Sara Bouchenak,et al.  Benchmarking Dependability of MapReduce Systems , 2012, 2012 IEEE 31st Symposium on Reliable Distributed Systems.

[69]  Miguel Correia,et al.  DepSky: Dependable and Secure Storage in a Cloud-of-Clouds , 2013, TOS.