i-manager Publications

Defending Against Side Channel Attacks in Cloud Resource Management

S. Velliangiri*

Department of Computer Science and Engineering, GMR Institute of Technology, Rajam, Andhra Pradesh, India.

Periodicity:January - June'2021
DOI : https://doi.org/10.26634/jcc.8.1.18454

Abstract

The cloud computing environment allows for the sharing of highly scalable hardware and software resources over the internet. Virtual Machines (VM) allow the cloud provider to share hardware resources with cloud clients. Co-resident VMs are Virtual Machines (VMs) that run on the same physical server. The Virtual Machines in Co-Residence are logically separated from one another. The harmful users' side channels compromise the logical isolation. Co-resident attacks are described as unauthorized users accessing sensitive information from Co-resident VMs. Malicious users gain access to critical information such as cryptographic keys, workloads, and web traffic rates. Co-location, co-residence, and coresidency threats are all terms used to describe a Co-resident attack. The Virtual Machine allocation policy is used to determine where the Virtual Machines should be placed on the physical server. The malicious user co-locates their Virtual Machine with the target Virtual Machine. The Virtual Machine deployment procedure takes into account security, workload balancing, and power consumption criteria. Secure metrics are defined to assess the VM allocation policy's security. The Balanced VM Allocation Policy is designed to distribute virtual machines among physical servers. With security metrics, the Previous Selected Server First (PSSF) policy is applied. With the workload balance parameter, the least VM allocation policy, most VM allocation policy, and random allocation policy are applied. Within the same environment, the data centres are connected to the Virtual Machines. With centralised and distributed scheduling algorithms, the attack-resistant Virtual Machine Management framework is built. Side channel attacks are prevented during live VM transfer. Multiple data centre management mechanisms have been added to the system. To allocate virtual machines on the physical server, the Distributed VM Placement (DVMP) policy is created.

Keywords

Cloud Resources, Virtual Machine Allocation Policies, Side Channel Attacks, Co-residential Attacks, Distributed Scheduling.

How to Cite this Article?

Velliangiri, S. (2021). Defending Against Side Channel Attacks in Cloud Resource Management. i-manager's Journal on Cloud Computing, 8(1), 1-7. https://doi.org/10.26634/jcc.8.1.18454

References

[1]. Bates, A., Mood, B., Pletcher, J., Pruse, H., Valafar, M., & Butler, K. (2014). On detecting co-resident cloud instances using network flow watermarking techniques. International Journal of Information Security, 13(2), 171-189. https://doi.org/10.1007/s10207-013-0210-0

[2]. Bowers, K. D., Van Dijk, M., Juels, A., Oprea, A., & Rivest, R. L. (2011, October). How to tell if your cloud files are vulnerable to drive crashes. In Proceedings of the 18th ACM Conference on Computer and Communications Security (pp. 501-514). https://doi.org/10.1145/2046707.2046766

[3]. Butt, S., Lagar-Cavilla, H. A., Srivastava, A., & Ganapathy, V. (2012, October). Self-service cloud computing. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 253- 264). https://doi.org/10.1145/2382196.2382226

[4]. Lee, E. K., Viswanathan, H., & Pompili, D. (2015). Proactive thermal-aware resource management in virtualized HPC cloud datacenters. IEEE Transactions on Cloud Computing, 5(2), 234-248. https://doi.org/10.1109/ TCC.2015.2474368

[5]. McCune, J. M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., & Perrig, A. (2010, May). TrustVisor: Efficient TCB reduction and attestation. In 2010, IEEE Symposium on Security and Privacy (pp. 143-158). IEEE. https://doi.org/10. 1109/SP.2010.17

[6]. Szefer, J., Keller, E., Lee, R. B., & Rexford, J. (2011, October). Eliminating the hypervisor attack surface for a more secure cloud. In Proceedings of the 18th ACM Conference on Computer and Communications Security (pp. 401-412). https://doi.org/10.1145/2046707.2046754

[7]. Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., & Swift, M. M. (2012, October). Resource-freeing attacks: improve your cloud performance (at your neighbor's expense). In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 281-292). https://doi.org/10.1145/2382196.2382228

[8]. Wu, H., Ren, S., Garzoglio, G., Timm, S., Bernabeu, G., Chadwick, K., & Noh, S. Y. (2014). A reference model for virtual machine launching overhead. IEEE Transactions on Cloud Computing, 4(3), 250-264. https://doi.org/10.1109/ TCC.2014.2369439

[9]. Zhang, Y., Juels, A., Oprea, A., & Reiter, M. K. (2011, May). Homealone: Co-residency detection in the cloud via side-channel analysis. In 2011, IEEE symposium on security and privacy (pp. 313 - 328). IEEE . https://doi.org/10.1109/SP.2011.31

[10]. Zhang, Y., Juels, A., Reiter, M. K., & Ristenpart, T. (2012, October). Cross-VM side channels and their use to extract private keys. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (pp. 305- 316). https://doi.org/10.1145/2382196.2382230

	North Americas,UK, Middle East,Europe		India	Rest of world
	USD	EUR	INR	USD-ROW
Pdf	35	35	200	20
Online	35	35	200	15
Pdf & Online	35	35	400	25

Defending Against Side Channel Attacks in Cloud Resource Management

Abstract

Keywords

How to Cite this Article?

References

If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Options for accessing this content: