Presentation is loading. Please wait.

Presentation is loading. Please wait.

Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University.

Published byBasil Wade Modified over 9 years ago

Similar presentations

Presentation on theme: "Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University."— Presentation transcript:

1 Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University

2 2 By 2015, 90% of government agencies and large companies will use the cloud [Gartner, “Market Trends: Application Development Software, Worldwide, 2012-2016,” 2012] Many new companies & services rely exclusively on the cloud, e.g., Instagram, MIT/Harvard EdX [NYTimes, “Active in Cloud, Amazon Reshapes Computing,” Aug 28, 2012]

3 Embracing the cloud Lets do Cloud 3

4 Embracing the cloud Trust me with your code & data Cloud ProviderClient You have to trust us as well Cloud operators Problem #1 Client’s data and computation is vulnerable to attacks by malicious cloud operators 4 Cloud Security Alliance (CSA) termed this threat as ‘malicious insider working for Cloud Provider’

5 Embracing the cloud Problem #2 Clients must rely on provider to deploy customized services I need customized malware detection and VM rollback Cloud ProviderClient For now just have checkpointing … Cloud ProviderClient 5

6 Virtualized physical platforms Hardware Hypervisor Management VM (dom0) Work VM Examples: Amazon EC2, Microsoft Azure, OpenStack, RackSpace Hosting 6

7 Hardware Hypervisor Management VM Client’s VM 7 Why do these problems arise?

8 My thesis It is possible to improve security, privacy and control that cloud clients have by modifying the hypervisor’s privilege model 8

9 Hardware SSC Hypervisor Management VM Client’s VM 9 SSC: Self-service cloud computing

10 Hardware SSC Hypervisor Management VM Client’s VM 10 Mutual trust Mutually Trusted VM

11 SSC Control Plane 11 Cloud Infrastructure SSC Hypervisor

12 Contributions Self-service Cloud Computing [CCS’12] –SSC hypervisor –Mutual trust –Six services On the Control Plane of a Self-service Cloud Platform [SoCC’14] –SSC Control Plane –Five Network-based services 12

13 Duties of the management VM Manages and multiplexes hardware resourcesManages client virtual machines 13 Management VM (Dom0)

14 System-wide Mgmt. VM (Sdom0) Per-Client Mgmt. VM (Udom0) Main technique used by SSC Disaggregate the management VM Manages hardware No access to clients VMs Solves problem #1 Manages client’s VMs Allows clients to deploy new services Solves problem #2 14

15 SSC platform Hardware SSC Hypervisor 15 SDom0 Work VM UDom0 Client’s meta-domain Trusted Computing Base

16 UDom0 Checkpoint Storage Rootkit detection UDom0 Client’s Meta-Domain Rootkit detection service VM Storage service VM Checkpoint service VM Work VM 16 Hardware SSC Hypervisor

17 SSC hypervisor Hardware SSC Hypervisor 17 SDom0 Service VM UDom0 Client’s meta-domain Work VM

18 Traditional privilege model Privileged operation Hypervisor Is request from Management VM? YES ALLOW NO DENY 18

19 SSC’s privilege model Privileged operation Self-service hypervisor Is the request from client’s Udom0? NO YES ALLOW Does requestor have privilege (e.g., client’s service VM) DENY NO YES ALLOW 19

20 Bootstrapping Client’s Trust Client requires 1.Correct UDom0 image created 2.Secure communication channel with UDom0 SSC requires 1.Trusted Platform Module (TPM) hardware 2.Trusted Domain Builder 20

21 Trusted Platform Module (TPM) 21 TPM [BIOS, BootLoader, OS, App] BIOS Boot Loader OS Application TPM_Quote(BIOS, BootLoader, OS, App) TPM_Extend(Code)

22 Hardware SSC Hypervisor 22 SDom0 SSC hypervisor Domain Builder UDom0 Equipped with a Trusted Platform Module (TPM) chip Trusted Computing Base

23 23 UDom0 Creation Protocol Domain Builder UDom0.img, Enc TPM (KEY) Domain Builder TPM_Quote UDom0 Domain Builder Create Install (KEY) KEY UDom0 Secure Communication channel using (KEY) Client’s trust established

24 Cloud ProviderClient Conflicting interest SSC puts clients in control of their VMs Sdom0 cannot inspect these VMs Malicious clients can misuse privilege 21 NO data leaks or corruption NO illegal activities or botnet hosting

25 Mutually trusted services (MTS) Hardware SSC Hypervisor 25 SDom0 UDom0 Mutually Trusted Service VM

26 Developing MTS Clients review MTSD code base Restrict I/O channels of MTSD Using third party attester (code verifiers) 26

27 SSC hypervisor Work VM Service VM UDom0 Mutually Trusted Service VM 27 SDom 0 Domain Builder Client’s meta-domain

28 Traditional Cloud Control Plane 28 Customer Node Controller Node Controller Node Controller Cloud Controller Cloud Infrastructure

29 Why new Control Plane for SSC New capabilities provided by SSC –Privileged access –I/O interception Low level management abstraction –i.e. Udom0 29

30 New Capabilities provided by SSC 30 Storage VM Work VM SDom0 Disk Security VM Work VM Monitoring

31 Management abstraction 31 Udom0 1.Complicates management 2.Malicious user

32 SSC Control Plane VM specifications Dashboard VM 32

33 VM specifications Relationship among VMs –Grant_privilege (VM 1, VM 2 ) –Set_backend(VM 1, VM 2, [storage|network]) –Combination of above Examples –Grant_privilege(RootkitVM, WorkVM) –Set_backend(Snort-VM, WorkVM, network)

34 Dashboard-VM acts as Client Web Server App Server App firewall NACL Consolidated View Dashboard VM Cloud Infrastructure 33

35 SSC Control Plane Dashboard VM Cloud Controller Cloud Infrastructure VM specs. VM placement Udom0 34

36 Evaluation Goals –Services –Overhead of SSC Dell PowerEdge R610 –24 GB RAM, 8 cores All VMs (dom0, Sdom0, Udom0, SD) –2 vcpus, 2 GB RAM 36

37 Case studies: Service VMs Storage services –Encryption storage, Integrity checking Network services –NACL, IDS/IPS, VMWall, Network Metering Security services –Memory Introspection, Syscall monitor Checkpointing service Memory deduplication 37

38 Storage encryption service VM Dom0 PlatformUnencrypted (MB/s)Encrypted (MB/s) Xen-legacy81.7271.90 Self-service75.88 (7.1%)70.64 (1.5%) 38 Disk Encryption/ Decryption Work VM Storage VM Work VM Encryption / Decryption SDom0 Disk Set_backend(EncVM, WorkVM, disk)

39 Memory Introspection VM PlatformVM boot time (sec) Xen-legacy6.471 Self-service6.487 (0%) 39 Dom0Work VM Security daemon Security VM Work VM Grant_privilege(SecVM, WorkVM)

40 VMWall – application firewall 40 Work VM VMWall Daemon Memory Introspection PlatformTCP connection setup (μsec) Xen-legacy1014±6 Self-service1688±31 (66%) SDom0 Set_backend(VMWall, WorkVM, net) Grant_privilege(VMWall, WorkVM) Work VM VMWall Memory Introspection Dom0

41 Future work VM placement MTS verification Real world deployment 41

42 Conclusion Self-Service Cloud (SSC) computing –protects client’s integrity and confidentiality –provides flexible control to clients Mutual trust SSC Control Plane Service VMs 42 Questions? shakeelb@cs.rutgers.edu

43 43

44 Self-service model assurances Protects client’s integrity and confidentiality Flexibility to implement new services BUT NO –Vulnerabilities in client’s VM –Availability or Denial of Service –Protection against hardware attacks –Protection against side channel attacks 35

45 VM Allocation Dashboard VM Cloud Controller Cloud Provider’s Infrastructure VM placement Sdom0 Grant_privilege (SecVM,VM)

46 VM Allocation 46 Hardware Security VM Self-service hypervisor Sdom0 Client’s VM Dashboard VM Udom0 1.Create Client controller (Udom0) 2.Create Security-VM and Work-VM

47 Examples specs Rootkit detector –Grant_privilege(RootkitVM, WorkVM) NIDS –Set_backend(Snort-VM, WorkVM, network) VMWall –Privilege_over (VMWall-VM, WorkVM) –Set_backend(VMWall-VM, WorkVM, network) 47

48 VM migration in SSC Hardware Service VM Self-service hypervisor client Management VM Client’s VM Hardware Service VM Self-service hypervisor client Management VM Client’s VM

49 VM migration Hardware Service VM Self-service hypervisor client Management VM Client’s VM Dashboard VM Cloud Controller Hardware Service VM Self-service hypervisor client Management VM Client’s VM VM migrate

50 VM Migration internals 50 Migrate(VM) Iterative Push (VM) Stop-and-copy(VM) Done Resume destination(VM)

51 Concurrent VM Migration 51 Migrate(VM 1 ) Stop-and-copy(VM 1 ) Done Resume destination( VM 1 ) Stop-and-copy(VM 2 ) Done Resume destination( VM 2 ) SYNC Iterative Push (VM 1 ) Migrate(VM 2 ) Iterative Push (VM 2 ) SYNC

52 Cloud infrastructure 52 Customer Cloud Controller Sdom0 Udom0

53 SSC usage model Cloud Provider’s Infrastructure Physical Machine Physical Machine Hardware Service VM Self-service hypervisor client Management VM Client’s VM

54 Client’s VMs on multiple machines Cloud Provider’s Infrastructure Physical Machine Physical Machine Hardware Service VM Self-service hypervisor client Management VM Client’s VM Hardware Service VM Self-service hypervisor client Management VM Client’s VM

55 Provider’s infrastructure exposure Cloud Provider’s Infrastructure Physical Machine Physical Machine Physical Machine

56 VM specifications Relationship among VMs –Grant_privilege (VM 1, VM 2 ) –Set_backend(VM 1, VM 2, [storage|network]) –Combination of above Co-location dependencies (for Cloud Controller) Ordering (for Dashboard-VM) –Allocation, Deallocation, Migration

57 Cloud Management Platform Cloud Controller Cloud Provider’s Infrastructure Node Controller

58 58

Download ppt "Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University."

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
Self-service Cloud Computing Vinod Ganapathy Department of Computer Science Rutgers University.

Self-service Cloud Computing Vinod Ganapathy Department of Computer Science Rutgers University.
Ian Pratt SVP, Products Bromium Inc.

Ian Pratt SVP, Products Bromium Inc.
Shakeel Butt H. Andres Lagar-Cavilla Abhinav Srivastava Vinod Ganapathy

Shakeel Butt H. Andres Lagar-Cavilla Abhinav Srivastava Vinod Ganapathy
Ed Duguid with subject: MACE Cloud

Ed Duguid with subject: MACE Cloud
Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)

Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.

Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.

Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.

INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.

 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.

Systems and Internet Infrastructure Security (SIIS) LaboratoryPage Systems and Internet Infrastructure Security Network and Security Research Center Department.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Fundamentals of Computer Security Geetika Sharma Fall 2008.

Fundamentals of Computer Security Geetika Sharma Fall 2008.
NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.

NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.

Similar presentations

Ads by Google