nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Attacks in the Resource-as-a-Service (RaaS) Cloud Context

verfasst von : Danielle Movsowitz, Orna Agmon Ben-Yehuda, Assaf Schuster

Erschienen in: Distributed Computing and Internet Technology

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The Infrastructure-as-a-Service (IaaS) cloud is evolving towards the Resource-as-a-Service (RaaS) cloud: a cloud which requires economic decisions to be taken in real time by automatic agents. Does the economic angle introduce new vulnerabilities? Can old vulnerabilities be exploited on RaaS clouds from different angles? How should RaaS clouds be designed to protect them from attacks? In this survey we analyze relevant literature in view of RaaS cloud mechanisms and propose directions for the design of RaaS clouds.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Teaching Computer Science in the Community

Nächstes Kapitel Trustworthy Self-Integrating Systems

CloudSigma’s Pricing https://www.cloudsigma.com/pricing/, accessed October 2015.

Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The resource-as-a-service (RaaS) cloud. In: USENIX Conference on Hot Topics in Cloud Computing (HotCloud) (2012)

Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: Deconstructing Amazon EC2 spot instance pricing. ACM Trans. Econ. Comput. 1(3), 16:1–16:20 (2013)CrossRef

Agmon Ben-Yehuda, O., Ben-Yehuda, M., Schuster, A., Tsafrir, D.: The rise of RaaS: the resource-as-a-service cloud. Commun. ACM 57(7), 76–84 (2014)CrossRef

Agmon Ben-Yehuda, O., Posener, E., Ben-Yehuda, M., Schuster, A., Mu’alem, A.: Ginseng: market-driven memory allocation. ACM SIGPLAN Not. 49(7), 41–52 (2014)CrossRef

Caron, E., Cornabas, J.R.: Improving users’ isolation in IaaS: virtual machine placement with security constraints. In: IEEE International Conference on Cloud Computing (CLOUD), pp. 64–71 (2014)

Clarke, E.H.: Multipart pricing of public goods. Public Choice 11(1), 17–33 (1971)CrossRef

Dolgikh, A., Birnbaum, Z., Chen, Y., Skormin, V.: Behavioral modeling for suspicious process detection in cloud computing environments. In: IEEE International Conference on Mobile Data Management (MDM), vol. 2, pp. 177–181 (2013)

Friedman, A., Schuster, A.: Data mining with differential privacy. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 493–502 (2010)

Friedman, A., Sharfman, I., Keren, D., Schuster, A.: Privacy-preserving distributed stream monitoring. In: Annual Network and Distributed System Security Symposium (NDSS) (2014)

10.

Friedman, A., Wolff, R., Schuster, A.: Providing k-anonymity in data mining. VLDB J. 17(4), 789–804 (2008)CrossRef

11.

Gilburd, B., Schuster, A., Wolff, R.: k-ttp: a new privacy model for large-scale distributed environments. In: ACM International Conference on Knowledge Discovery and Data Mining (SIGKDD), pp. 563–568 (2004)

12.

Gilburd, B., Schuster, A., Wolff, R.: Privacy-preserving data mining on data grids in the presence of malicious participants. In: International Symposium on High-Performance Distributed Computing (HPDC), pp. 225–234 (2004)

13.

Groves, T.: Incentives in teams. Econometrica 41(4), 617–631 (1973)MATHMathSciNetCrossRef

14.

Hegeman, J.: Facebook’s ad auction. Talk at Ad Auctions Workshop, May 2010

15.

Kelly, F.: Charging and rate control for elastic traffic. Eur. Trans. Telecommun. 8, 33–37 (1997)CrossRef

16.

Lazar, A., Semret, N.: Design and analysis of the progressive second price auction for network bandwidth sharing. Technical report, Columbia University (1998). http://econwpa.repec.org/eps/game/papers/9809/9809001.pdf

17.

Lucier, B., Paes Leme, R., Tardos, E.: On revenue in the generalized second price auction. In: International Conference on World Wide Web (WWW) (2012)

18.

Maillé, P., Tuffin, B.: Multi-bid auctions for bandwidth allocation in communication networks. In: IEEE INFOCOM (2004)

19.

Posener, E.: Dynamic memory allocation in cloud computers using progressive second price auction. Master’s thesis, Technion (2013)

20.

Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 199–212 (2009)

21.

Schuster, A., Wolff, R., Gilburd, B.: Privacy-preserving association rule mining in large-scale distributed systems. In: Cluster, Cloud and Grid Computing (CCGrid), pp. 411–418 (2004)

22.

Shi, J., Song, X., Chen, H., Zang, B.: Limiting cache-based side-channel in multi-tenant cloud using dynamic page coloring. In: IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), pp. 194–199 (2011)

23.

Varadarajan, V., Kooburat, T., Farley, B., Ristenpart, T., Swift, M.M.: Resource-freeing attacks: improve your cloud performance (at your neighbor’s expense). In: ACM Conference on Computer and Communications Security (SIGSAC), pp. 281–292 (2012)

24.

Varadarajan, V., Ristenpart, T., Swift, M.: Scheduler-based defenses against cross-vm side-channels. In: Usenix Security (2014)

25.

Vickrey, W.: Counterspeculation, auctions, and competitive sealed tenders. J. Finance 16(1), 8–37 (1961)CrossRef

26.

Waldspurger, C.A.: Memory resource management in Vmware ESX server. USENIX Symp. Operating Syst. Des. Implementation (OSDI) 36, 181–194 (2002)

27.

Younis, Y., Kifayat, K., Merabti, M.: Cache side-channel attacks in cloud computing. In: International Conference on Cloud Security Management (ICCSM), p. 138. Academic Conferences Limited, (2014)

28.

Zhang, Y., Juels, A., Oprea, A., Reiter, M.K.: Homealone: co-residency detection in the cloud via side-channel analysis. In: IEEE Symposium on Security and Privacy (SP), pp. 313–328. IEEE (2011)

Titel: Attacks in the Resource-as-a-Service (RaaS) Cloud Context
verfasst von: Danielle Movsowitz
Orna Agmon Ben-Yehuda
Assaf Schuster
Verlag: Springer International Publishing
Buch: Distributed Computing and Internet Technology
Print ISBN: 978-3-319-28033-2

Electronic ISBN: 978-3-319-28034-9

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-28034-9_2

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"