Corpus ID: 17461124

Self Hosting vs. Cloud Hosting: Accounting for the Security Impact of Hosting in the Cloud

@inproceedings{Molnar2010SelfHV,
  title={Self Hosting vs. Cloud Hosting: Accounting for the Security Impact of Hosting in the Cloud},
  author={D. Molnar and Stuart E. Schechter},
  booktitle={WEIS},
  year={2010}
}
As more and more organizations consider moving their applications and data from dedicated hosting infrastructure, which they own and operate, to shared infrastructure leased from ‘the cloud’, security remains a key sticking point. Tenants of cloud hosting providers have substantially less control over the construction, operation, and auditing of infrastructure they lease than infrastructure they own. Because cloud-hosted infrastructure is shared, attackers can exploit the proximity that comes… Expand
Locking the sky: a survey on IaaS cloud security
TLDR
The security risks that multitenancy induces to the most established clouds, Infrastructure as a service clouds, are analyzed and the literature available is reviewed to present the most relevant threats, state of the art of solutions that address some of the associated risks. Expand
Trusted Computing and Secure Virtualization in Cloud Computing
TLDR
The issue of trust in public cloud environments is addressed by examining the state of the art within cloud computing security and subsequently addressing the issues of establishing trust in the launch of a generic virtual machine in a public cloud environment. Expand
Towards Securing Cloud Computing from DDOS Attacks
TLDR
In this research, rules predefined for detecting DDoS attacks on SNORT profiles detect and preventDDoS attacks, but because they block certain legitimate requests and generate false alarms, this should be the subject of future research. Expand
AN TRUST MODEL FOR INCREASING SECURITY IN CLOUD COMPUTING
TLDR
This theory consolidates three components trusted computing, virtualization, Innovation and distributed computing stages to address issues of trust and security in broad daylight distributed computing situations. Expand
Attacks in Public Clouds: Can They Hinder the Rise of the Cloud?
TLDR
This chapter discusses attacks that are exacerbated by exploitation of the multi-tenancy attribute in public Clouds that occur because of the virtualization technology or are due to the pay-as-you-go model in the Cloud. Expand
Trust but Verify: Trust Establishment Mechanisms in Infrastructure Clouds
TLDR
This thesis describes mechanisms to provide user guarantees regarding integrity of the comput- ing environment and geographic location of plaintext data, as well as to allow users maintain control over the cryptographic keys for integrity and confidentiality protec- tion of data stored in remote infrastructure. Expand
All your clouds are belong to us: security analysis of cloud management interfaces
TLDR
This research results are alarming: in regards to the Amazon EC2 and S3 services, the control interfaces could be compromised via the novel signature wrapping and advanced XSS techniques and the Eucalyptus control interfaces were vulnerable to classical signature wrapping attacks, and had nearly no protection against XSS. Expand
The Role of Hosting Providers in Web Security: Understanding and Improving Security Incentives and Performance via Analysis of Large-scale Incident Data
In theory, hosting providers can play an important role in fighting cybercrime and misuse. This is because many online threats, be they high-profile or mundane, use online storage infrastructureExpand
Defining the Cloud Battlefield - Supporting Security Assessments by Cloud Customers
TLDR
This paper proposes a model that combines a comprehensive system model of infrastructure clouds with a security model that captures security requirements of cloud customers as well as characteristics of attackers, and uses the model to construct "what-if" scenarios that could possible lead to new attacks. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 76 REFERENCES
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
TLDR
It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine. Expand
On Security and Privacy in Cloud Computing
TLDR
Attention is drawn to various primitives in cryptography that might become or actually are already considered to be useful in a cloud computing environment, but have not received as much attention as they deserve from experts in this area. Expand
Above the Clouds: A Berkeley View of Cloud Computing
TLDR
This work focuses on SaaS Providers (Cloud Users) and Cloud Providers, which have received less attention than SAAS Users, and uses the term Private Cloud to refer to internal datacenters of a business or other organization, not made available to the general public. Expand
TrustVisor: Efficient TCB Reduction and Attestation
TLDR
TrustVisor is presented, a special-purpose hypervisor that provides code integrity as well as data integrity and secrecy for selected portions of an application that has a very small code base that makes verification feasible. Expand
A Virtual Machine Introspection Based Architecture for Intrusion Detection
TLDR
This paper presents an architecture that retains the visibility of a host-based IDS, but pulls the IDS outside of the host for greater attack resistance, achieved through the use of a virtual machine monitor. Expand
Bootstrapping Trust in Commodity Computers
TLDR
Issues ranging from the wide collection of secure hardware that can serve as a foundation for trust, to the usability issues that arise when trying to convey computer state information to humans are covered. Expand
Efficient TCB Reduction and Attestation
We develop a special-purpose hypervisor called TrustVisor that facilitates the execution of security-sensitive code in isolation from commodity OSes and applications. TrustVisor provides code andExpand
Efficient Cache Attacks on AES, and Countermeasures
TLDR
An extremely strong type of attack is demonstrated, which requires knowledge of neither the specific plaintexts nor ciphertexts and works by merely monitoring the effect of the cryptographic process on the cache. Expand
An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments Tavis
As virtual machines become increasingly commonplace as a method of separating hostile or hazardous code from commodity systems, the potential security exposure from implementation flaws has increasedExpand
When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments
TLDR
A variety of security problems virtual computing environments give rise to are examined and potential directions for changing security architectures to adapt to these demands are discussed. Expand
...
1
2
3
4
5
...