OpenStack Cloud Security Vulnerabilities from Inside and Outside
نویسندگان
چکیده
As usage of cloud computing increases, customers are mainly concerned about choosing cloud infrastructure with sufficient security. Concerns are greater in the multitenant environment on a public cloud. This paper addresses the security assessment of OpenStack open source cloud solution and virtual machine instances with different operating systems hosted in the cloud. The methodology and realized experiments target vulnerabilities from both inside and outside the cloud. We tested four different platforms and analyzed the security assessment. The main conclusions of the realized experiments show that multi-tenant environment raises new security challenges, there are more vulnerabilities from inside than outside and that Linux based Ubuntu, CentOS and Fedora are less vulnerable than Windows. We discuss details about these vulnerabilities and show how they can be solved by appropriate patches and other solutions. Keywords-Cloud Computing; Security Assessment; Virtualization.
منابع مشابه
Investigation of Virtual Network Isolation Security in Cloud Computing: Data Leakage Issues
Software-Defined Networking (SDN) or Virtual Networks (VNs) are required for cloud tenants to leverage demands. However, multi-tenancy can be compromised without proper isolation. Much research has been conducted into VN Isolation; many researchers are not tackling security aspects or checking if their isolation evaluation is complete. Therefore, data leakage is a major security worry in the cl...
متن کاملDesign, Implementation and Verification of Cloud Architecture for Monitoring a Virtual Machine’s Security Health
Cloud customers need guarantees regarding the security of their virtual machines (VMs), operating within an Infrastructure as a Service (IaaS) cloud system. This is complicated by the customer not knowing where his VM is executing, and on the semantic gap between what the customer wants to know versus what can be measured in the cloud. We present CloudMonatt, an architecture for monitoring a VM...
متن کاملCritical Review of OpenStack Security: Issues and Weaknesses
The purpose of this study is to examine the state of both cloud computing security in general and OpenStack in particular. Conducting a reassessment of cloud computing security can provide a greater understanding of how cloud computing functions and what types of security issues arise therein. This study is divided into two parts; in the first part, the background of cloud computing and its dif...
متن کاملCloud Penetration Testing
This paper presents the results of a series of penetration tests performed on the OpenStack Essex Cloud Management Software. Several different types of penetration tests were performed including network protocol and command line fuzzing, session hijacking and credential theft. Using these techniques exploitable vulnerabilities were discovered that could enable an attacker to gain access to rest...
متن کاملData Confidentiality in Public Cloud: A Method for Inclusion of ID-PKC Schemes in OpenStack Cloud
The term data security refers to the degree of resistance of protection given to information from unintended or unauthorized access. The core principles of information security remain the same Confidentiality, Integrity and Availability also referred as CIA triad. With cloud adoption the confidential enterprise data is moved from organization premises to untrusted public network and due to this...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2013