References: “Hey, You, Get Off My Cloud: Exploring Information Leakage in Third-Party Compute Clouds” by Thomas Ristenpart, Eran Tromer – UC San Diego;

Slides:



Advertisements
Similar presentations
Distributed System Lab.1 Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Thomas Ristenpart ¤, Eran Tromer, Hovav.
Advertisements

Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011
Lecture 5: Cloud Security: what’s new? Xiaowei Yang (Duke University)
Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Yan Qiang,
Don’t pay for Linux Guests
Cloud Computing From Different Perspective. but first, What is cloud? Why is it called cloud?
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Research in Cloud Security and Privacy
By Adam Balla & Wachiu Siu
Performance Anomalies Within The Cloud 1 This slide includes content from slides by Venkatanathan Varadarajan and Benjamin Farley.
Resource-Freeing Attacks: Improve Your Cloud Performance (at Your Neighbor's Expense) (Venkat)anathan Varadarajan, Thawan Kooburat, Benjamin Farley, Thomas.
Public Clouds (EC2, Azure, Rackspace, …) VM Multi-tenancy Different customers’ virtual machines (VMs) share same server Provider: Why multi-tenancy? Improved.
Hey You, Get Off My Cloud: Exploring information Leakage in third party compute clouds T.Ristenpart, Eran Tromer, Hovav Shacham and Steven Savage ACM CCS.
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
Hey, You, Get Off of My Cloud
By Christopher Moran, Nicoara Talpes 1.  Solution is addressed to VMs that are web servers  Web servers should not have confidential information anyway.
Security Issues in Elastic Clouds
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 16 4/19/2015.
PREVENTING CRYPTOGRAPHIC KEY LEAKAGE IN CLOUD VIRTUAL MACHINES STUDENT: FATEMAH ALHARBI PROFESSOR: NAEL ABU-GHAZALEH EE260 SEMINAR IN ELECTRICAL ENGINEERING.
An Overview of Cloud Security and Privacy CS 590, Fall 2010 Presenter: YounSun Cho Sep. 9, 2010.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds by Thomas Ristenpart et al. defended by Ning Xia & Najim Yaqubie.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds By Thomas Ristenpart Eran Tromer Hovav Shacham Stefan Savage.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.
Authors: Thomas Ristenpart, et at.
Sam Becker. Introduction Why is it important? Security Why is it needed? Solution Schemes Questions.
Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.
Virtualization: An Overview Brendan Lynch. Forms of virtualization In all cases virtualization is taking a physical component and simulating the interface.
Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University.
Lecture 10 Cloud Security
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 2 02/01/2010 Security and Privacy in Cloud Computing.
Utility Computing Casey Rathbone 1http://cyberaide.org.edu.
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds Written by Thomas Ristenpart Eran Tromer Hovav Shacham Stehan.
4.4 Public Cloud Platforms: GAE, AWS, and AZURE
Eliminating Fine Grained Timers in Xen Bhanu Vattikonda with Sambit Das and Hovav Shacham.
SECURITY IN CLOUD COMPUTING By Bina Bhaskar Anand Mukundan.
SECURITY Is cloud computing secure? Are Microsoft Online Services secure? Is cloud computing secure? Are Microsoft Online Services secure? PRIVACY What.
Cloud Computing 1. Outline  Introduction  Evolution  Cloud architecture  Map reduce operation  Platform 2.
Jan – Apr 2012 Private Cloud Day System Center 2012 announced Microsoft Management Summit System Center 2012 General Availability Windows Server 2012.
Microsoft Virtual Academy.
CPS Welcome to a new licensing model in SPLA.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 4 09/10/2013 Security and Privacy in Cloud Computing.
Thomas Ristenpart,Eran Tromer, Horav Shahcham and Stefan Savage
Cloud security Tom Ristenpart CS Software-as-a-service Infrastructure-as-a- service Cloud providers Cloud computing NIST: Cloud computing is a model.
HEY, YOU, GET OFF OF MY CLOUD: EXPLORING INFORMATION LEAKAGE IN THIRD-PARTY COMPUTE CLOUDS Eran Tromer MIT Hovav Shacham UCSD Stefan Savage UCSD ACM CCS.
OS Fingerprinting through Memory De-duplication Technique in Virtual Machines Rodney Owens and Weichao Wang Department of SIS UNC Charlotte.
A paper by Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security,
Kia Manoochehri.  Background  Threat Classification ◦ Traditional Threats ◦ Availability of cloud services ◦ Third-Party Control  The “Notorious Nine”
Cloud Security and Privacy (Part 2). Security and Privacy Issues in Cloud Computing - Big Picture Infrastructure Security Data Security and Storage Identity.
Security Vulnerabilities in A Virtual Environment
Copyright © 2010, Performance and Power Management for Cloud Infrastructures Hien Nguyen Van; Tran, F.D.; Menaud, J.-M. Cloud Computing (CLOUD),
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
OSVT 北京大学 1 安全挑战 The practice of multi-tenancy enables various security attacks in the public cloud. There exist attacks that break the logical isolation.
Migrating to Microsoft Azure from VMware, Amazon AWS, Hyper-V & More!
Hey, You, Get Off of My Cloud Thomas Ristenpart, Eran Tromer, Hovav Shacham, Stefan Savage Presented by Daniel De Graaf.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
Computer Science Infrastructure Security for Virtual Cloud Computing Peng Ning 04/08/111BITS/ Financial Services Roundtable Supported by the US National.
Thomas Ristenpart , Eran Tromer, Hovav Shacham ,Stefan Savage CCS’09
Mapping/Topology attacks on Virtual Machines
Chapter 6: Securing the Cloud
Hey, You, Get Off of My Cloud
Customized cloud platform for computing on your terms !
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Written by : Thomas Ristenpart, Eran Tromer, Hovav Shacham,
Lecture 03.5: Cloud Computing ( SAAS )
Exploring Information Leakage in Third-Party Compute Clouds
Presentation transcript:

References: “Hey, You, Get Off My Cloud: Exploring Information Leakage in Third-Party Compute Clouds” by Thomas Ristenpart, Eran Tromer – UC San Diego; Hovav Shacham, Stefan Savage – MIT Cambridge

Like Amazon’s EC2, Microsoft’s Azure  Allow users to instantiate Virtual Machines  Allow users to purchase required quantity when required  Allow service providers to maximize the utilization of sunk capital costs  Confidentiality is very important

 Confidentiality issues  Malicious behavior by cloud provider  Known risks exist in any industry practicing outsourcing  Provider and its infrastructure needs to be trusted

 Threats arise from other consumers  Due to the subtleties of how physical resources can be transparently shared between VMs  Such attacks are based on placement and extraction  A customer VM and its adversary can be assigned to the same physical server  Adversary can penetrate the VM and violate customer confidentiality

 Collaborative attacks  Mapping of internal cloud infrastructure  Identifying likely residence of a target VM  Instantiating new VMs until one gets co- resident with the target  Cross-VM side-channel attacks  Extract information from target VM on the same machine

 Can one determine where in the cloud infrastructure an instance is located?  Can one easily determine if two instances are co-resident on the same physical machine?  Can an adversary launch instances that will be co-resident with other user instances?  Can an adversary exploit cross-VM information leakage once co-resident? Answer: Yes to all