Browse Prior Art Database

Facilitator Based Intelligent System for Avoiding Side Channel Attacks in Multitenant Cloud Computing Architectures

IP.com Disclosure Number: IPCOM000200028D
Original Publication Date: 2010-Oct-12
Included in the Prior Art Database: 2010-Oct-12
Document File: 5 page(s) / 415K

Publishing Venue

Siemens

Related People

Juergen Carstens: CONTACT

Abstract

Although cloud computing is getting very popular nowadays, no standard or architectural model exists. Still, there are a number of common characteristics shared by the existing infrastructures defining a cloud environment. A cloud computing model consists of a pool of physical servers which are identically configured, connected in a network, and virtualized to appear as a single resource, the cloud. Software programs using the cloud computing technology are not running on a PC (Personal Computer), their required files are rather stored on servers accessed via the internet. This model allows an application to be created as an image or instance, and stored in the cloud during its deployment. Customers of clouds can create a machine image which encapsulates the entire software, hardware platform, and applications desired to run using modern virtual machine technologies. Whenever a request for an application is received, it is assigned to a virtual server, loaded from the stored copy of the application image, and a running instance is activated which supports requests from the user. Each physical server is capable to run a finite number of virtual machines supporting different applications. In this way a multi-tenant architecture is created on each physical server supporting multiple users. VMs (VM: Virtual Machine) allow time-sharing for the resources and lead to better resource utilization.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 31% of the total text.

Page 01 of 5

(This page contains 01 pictures or other non-text object)

(This page contains 00 pictures or other non-text object)

Multitenant Cloud Computing Architectures

Idea: Koteswara Vemu, IN-Bangalore; Roshan Joseph, IN-Bangalore; Saravana Ku

IN-Bangalore

Although cloud computing is getting very popular nowadays, no standard or arc
Still, there are a number of common characteristics shared by the existing infrastr
cloud environment. A cloud computing model consists of a pool of physical ser
identically configured, connected in a network, and virtualized to appear as a
cloud. Software programs using the cloud computing technology are not runnin
Computer), their required files are rather stored on servers accessed via the int
allows an application to be created as an image or instance, and stored in the
deployment. Customers of clouds can create a machine image which encapsulates the entire software, hardware platform, and applications desired to run using modern virtual technologies. Whenever a request for an application is received, it is assigned to
loaded from the stored copy of the application image, and a running instance i
supports requests from the user. Each physical server is capable to run a finite num machines supporting different applications. In this way a multi-tenant architecture is
physical server supporting multiple users. VMs (VM: Virtual Machine) allow time-s
resources and lead to better resource utilization.

Whether it is cloud computing or a conventional hosting model, outsourcing a infrastructure (IT: Information Technology) goes along with security risks
of a cloud, a hacker who is registered as an authorize
to access the running application on a neighboring VM on the same physical server probing. This method is known as side channel attack. As side channel attacks a
issue inside of a cloud, various methods are proposed avoiding it. Figure 1 depicts the se precaution on various levels in a cloud. In a cloud, the responsibility for securing infrastructure and abstraction layers belong to the cloud provider, certain securi vulnerabilities are still prevalent in cloud computing environment.

In the following a novel algorithm for the preventing of side channel attacks is propo
is based on the known cloud architecture depicted in Figure 2. This architecture con controllers (NC: Node Controller), cluster controllers, a cloud controller (CLC), and further description of this architecture the reference1 is recommended. A hack multi-tenant architecture will only attack a neighbor staying at the same place for a longe time. In order to reduce network probing from hackers, the execution of an applicat limited to a single NC. This method is known as live migration, i.e., moving the curr image from one NC to another either inside of the same cluster of NCs or to differen
For simplicity, in the following example it is assumed that the migration happens to NCs. Because of the live migration, the flexibility for each application to move seam
to anot...