Security in multi-tenancy cloud

Abstract

Cloud computing creates exciting opportunities like reduced costs and flexibility to the users. It also comprises of some risks like data security within the cloud. Several common security threats like data leakage, insecure API's, and malicious inside users are applicable to cloud computing environment as well. In this paper, the authors consider a cloud computing service where multiple Virtual Machines (VM's) are co-located on the same physical server. In such systems, physical resources are transparently shared by the VMs belonging to multiple users. In systems like these, a malicious user having control of a VM can try to gain control over other VM's resources or utilize all system resources leading to denial of resource attack over other VM users. A malicious user can also try to steal the data of other users located on the same server by compromising hypervisor file system (logical volumes). In this paper, security threats associated with cloud computing environment are evaluated. Authors also explore how such co-existent of VM's can be exploited to gain access over other user's data or deny service and propose constructive security measures that can be deployed to avoid such attacks. Description: Full text is not available due to publisher’s copyright restrictions.