• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Association for Computing Machinery Conference on Computer and Communications Security >Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds
【24h】

Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds

机译:嘿,你,离开我的云:探索第三方计算云中的信息泄露

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Third-party cloud computing represents the promise of outsourcing as applied to computation. Services, such as Microsoft's Azure and Amazon's EC2, allow users to instantiate virtual machines (VMs) on demand and thus purchase precisely the capacity they require when they require it. In turn, the use of virtualization allows third-party cloud providers to maximize the utilization of their sunk capital costs by multiplexing many customer VMs across a shared physical infrastructure. However, in this paper, we show that this approach can also introduce new vulnerabilities. Using the Amazon EC2 service as a case study, we show that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target. We explore how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
机译:第三方云计算代表了应用于计算的外包的承诺。 如Microsoft的Azure和Amazon的EC2等服务允许用户按需实例化虚拟机(VMS),从而准确地购买它们在需要时所需的能力。 反过来,使用虚拟化允许第三方云提供商通过在共享物理基础架构中复用许多客户VM来最大限度地利用它们的沉重资金成本。 但是,在本文中,我们表明这种方法也可以引入新的漏洞。 使用Amazon EC2服务作为一个案例研究,我们表明可以映射内部云基础架构,识别特定目标VM可能驻留的位置,然后将新VM实例化,直到一个与目标共同居住。 我们探讨这些放置如何用于安装跨VM侧通道攻击,以在同一台机器上从目标VM中提取信息。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号