Sit Here: Placing Virtual Machines Securely in Cloud Environments

Mansour Aldawood, Arshad Jhumka, Suhaib Ahmed Fahmy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

A Cloud Computing Environment (CCE) leverages the advantages offered by virtualisation to enable virtual machines (VMs) within the same physical machine (PM) to share physical resources. Cloud service providers (CSPs) accommodate the fluctuating resource demands of cloud users dynamically, through elastic resource provisioning. CSPs use VM allocation techniques such as VM placement and VM migration to optimise the use of shared physical resources in the CCE. However, these techniques are exposed to potential security threats that can lead to the problem of malicious co-residency between VMs. This threat happens when a malicious VM is co-located with a critical (or target) VM on the same PM. Hence, the VM allocation techniques need to be made secure. While earlier works propose specific solutions to address this malicious co-residency problem, our work here proposes to investigate the allocation patterns that are more likely to lead to a secure allocation. Furthermore, we introduce a s ecurity-aware VM allocation algorithm (SRS) that aims to allocate the VMs securely, to reduce the potential for co-residency between malicious and target VMs. Our study shows: (i) our SRS algorithm outperforms all state-of-the-art allocation algorithms and (ii) algorithms that adopt stacking-based behaviours are more likely to return secure allocations than those with spreading or random behaviours.
Original languageEnglish (US)
Title of host publicationProceedings of the 11th International Conference on Cloud Computing and Services Science
PublisherSCITEPRESS - Science and Technology Publications
ISBN (Print)9789897585104
DOIs
StatePublished - 2021

Bibliographical note

KAUST Repository Item: Exported on 2021-08-12

Fingerprint

Dive into the research topics of 'Sit Here: Placing Virtual Machines Securely in Cloud Environments'. Together they form a unique fingerprint.

Cite this