TY - GEN
T1 - Quantic
T2 - 10th International Conference on Cloud Computing Technology and Science, CloudCom 2018
AU - Madi, Taous
AU - Zhang, Mengyuan
AU - Jarraya, Yosr
AU - Alimohammadifar, Amir
AU - Pourzandi, Makan
AU - Wang, Lingyu
AU - Debbabi, Mourad
PY - 2018/12/26
Y1 - 2018/12/26
N2 - As a cornerstone of cloud computing, multi-Tenancy brings not only the benefit of resource sharing but also additional security implications. To achieve an optimal trade-off between security and resource sharing, cloud providers are obliged to evaluate the potential threats related to multi-Tenancy. However, quantitative approaches for evaluating those threats are largely missing in existing works. In this paper, we propose a set of multi-level distance metrics that quantify the proximity of tenants' virtual resources inside a cloud. Those metrics are defined based on the configuration and deployment in a cloud, such that a cloud provider may apply them to evaluate the risk related to potential multi-Tenancy attacks. We conduct case studies and experiments on both real and fictitious clouds. The obtained results show the effectiveness and applicability of our metrics. We further implement our metrics in OpenStack and show how they can be applied for distance auditing.
AB - As a cornerstone of cloud computing, multi-Tenancy brings not only the benefit of resource sharing but also additional security implications. To achieve an optimal trade-off between security and resource sharing, cloud providers are obliged to evaluate the potential threats related to multi-Tenancy. However, quantitative approaches for evaluating those threats are largely missing in existing works. In this paper, we propose a set of multi-level distance metrics that quantify the proximity of tenants' virtual resources inside a cloud. Those metrics are defined based on the configuration and deployment in a cloud, such that a cloud provider may apply them to evaluate the risk related to potential multi-Tenancy attacks. We conduct case studies and experiments on both real and fictitious clouds. The obtained results show the effectiveness and applicability of our metrics. We further implement our metrics in OpenStack and show how they can be applied for distance auditing.
UR - http://www.scopus.com/inward/record.url?scp=85061160786&partnerID=8YFLogxK
U2 - 10.1109/CloudCom2018.2018.00042
DO - 10.1109/CloudCom2018.2018.00042
M3 - Conference contribution
T3 - Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom
SP - 163
EP - 170
BT - Proceedings - IEEE 10th International Conference on Cloud Computing Technology and Science, CloudCom 2018
PB - IEEE Computer Society
Y2 - 10 December 2018 through 13 December 2018
ER -