A Comparison of Secure Multi-Tenancy Architectures for Filesystem Storage Clouds

نویسندگان

  • Anil Kurmus
  • Moitrayee Gupta
  • Roman Pletka
  • Christian Cachin
  • Robert Haas
چکیده

A filesystem-level storage cloud offers network-filesystem access to multiple customers at low cost over the Internet. In this paper, we investigate two alternative architectures for achieving multi-tenancy securely and efficiently in such storage cloud services. They isolate customers in virtual machines at the hypervisor level and through mandatory access-control checks in one shared operating-system kernel, respectively. We compare and discuss the practical security guarantees of these architectures. We have implemented both approaches and compare them using performance measurements we obtained.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Addressing Issues of Cloud Resilience, Security and Performance through Simple Detection of Co-locating Sibling Virtual Machine Instances

Most current Infrastructure Clouds are built on shared tenancy architectures, with resources shared amongst large numbers of customers. However, multi tenancy can lead to performance issues (so-called “noisy neighbours”) and also brings potential for serious security breaches such as hypervisor breakouts. Consequently, there has been a focus in the literature on identifying co-locating instance...

متن کامل

A high-performance virtual machine filesystem monitor in cloud-assisted cognitive IoT

Cloud-assisted Cognitive Internet of Things has powerful data analytics abilities based on the computing and data storage capabilities of cloud virtual machines, which makes protecting virtual machine filesystem very important for the whole system security. Agentless periodic filesystem monitors are optimal solutions to protect cloud virtual machines because of the secure and low-overhead featu...

متن کامل

Towards the Secure Storage of Images on Multi-Cloud System

With the rapidly changing technological realm, there is an urgent need to provide and protect the confidentiality of confidential images when stored in a cloud environment. To overcome the security risks associated with single cloud, multiple clouds offered by unrelated cloud providers have to be used. This paper outlines an integrated encryption scheme for the secure storage of confidential im...

متن کامل

A Placement Vulnerability Study in Multi-Tenant Public Clouds

Public infrastructure-as-a-service clouds, such as Amazon EC2, Google Compute Engine (GCE) and Microsoft Azure allow clients to run virtual machines (VMs) on shared physical infrastructure. This practice of multi-tenancy brings economies of scale, but also introduces the risk of sharing a physical server with an arbitrary and potentially malicious VM. Past works have demonstrated how to place a...

متن کامل

Sharing is Caring A Decision Support Model for Multi-Tenant Architectures Master’s Thesis

Business software is increasingly moving from a traditional on-premises deployment model to a Software as a Service deployment model. In a Software as a Service deployment model, the possession and ownership of the software application is separated from its use. The software is hosted by a Software as a Service provider, relieving the customer organization from the responsibility for supporting...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011