please see attached files
Topic: Multi-Tenancy Cloud with a Secured Logical Isolation Storage It’s time to focus on writing Chapter Two. By now, you should have gathered your supporting references, completed the deep dive into the articles, and laid out the outline for Chapter Two. You have a few assignments to submit. By the end of this module, students will be able to: Source journal articles and other literature to support the literature review. Write a draft of the literature review. You need to write 50pages literature review on the topic .
please see attached files
Multi-Tenancy Cloud with a Secured Logical Isolation Storage Proposed Topic Briefly discuss a proposed topic in your discipline. Topic: “Multi-Tenancy Cloud with a Secured Logical Isolation Storage” Many applications that are in day-to-day use by customers over the Internet are hosted in the public clouds. Public infrastructure-as-a-service clouds, such as Amazon EC2, Google Compute Engine and Microsoft Azure allow clients to run virtual machine (VM) on shared physical infrastructure. This practice of multi-tenancy improves efficiency by multiplexing resources among disparate customers at low costs (Factor et.al, 2013). Unfortunately, it also introduces the risk of sharing a physical server to run both sensitive customer applications and virtual machines that may belong to an arbitrary and potentially malicious users. Such a scenario uniquely arises because of multi-tenancy and the openness of public clouds. This study aims to demonstrate how this stronger isolation be achieved to defend against a class of cross-VM attack without compromising on efficiency. Reference: Factor, M., Hadas, D., Harnama, A., Har’El, N., Kolodner, E. K., Kurmus, A., … & Sorniotti, A. (2013, May). Secure logical isolation for multi-tenancy in cloud storage. In 2013 IEEE 29th Symposium on Mass Storage Systems and Technologies (MSST) (pp. 1-5). IEEE. What is the population you would like to address? Where will you select your sample from? Quantitative studies should include a sample selected from a large population across multiple schools, districts, or organizations. In this dissertation shows that cross-VM co-location attacks still remain a problem amidst the deployment of advanced virtualization techniques in modern clouds, hence demands stronger isolation. In the past there are several studies (some published in 2009) that found naïve launch strategies that involves launching large number of VMs until it results in a successful co-location (Ristenpart et.al, 2009). Further, colocation detection was also as simple as looking at the publicly accessible IP addresses of the victim and the attacker VMs. Such simple strategies no longer work in modern clouds either because of evolving (and unknown) placement algorithm or because of new countermeasures (e.g., Virtual Private Clouds) that makes it harder to detect co-location. There is also the ever-increasing scale of the public clouds both in terms of the datacenter size and the cloud user base that makes it even harder to control placement by any single cloud user since 2008. All these aspects of the public cloud seem to promote a false sense of security against malicious users. Counter-intuitively, we show that an adversary can influence co-location and sometimes do so at a cost as low as 14 cents in some clouds. We do this study by enumerating various placement variables in the cloud VM launch API that may influence placement, Assign values to these variables which forms a launch strategy, and execute the launch strategy with two distinct accounts where one is a proxy for a victim and another the attacker. We then quantify the cost of co-location and co-location success rate for each launch strategy. The companies thinking about adopting a multi-tenant cloud with protected logical isolation storage are the audience I would like to reach with the information I am trying to spread. I want to study and gain in-depth knowledge in Information Technology industry. I will be conducting the interviews and surveys on business such as banking industry to work on this study. To get a sample that is indicative of the whole, I would look for banking businesses already utilizing cloud services but are interested in increasing the level of safety they offer their customers. We would use a range of methods, such as questionnaires, focus groups, and individual interviews, to obtain the data we need. Reference: Ristenpart, T., Tromer, E., Shacham, H., & Savage, S. (2009, November). Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In Proceedings of the 16th ACM conference on Computer and communications security (pp. 199-212). Theoretical Framework/Background What theories covered in the program are associated with your topic? The current management infrastructure of these public clouds is driven towards improving performance and efficiency and the security of these systems often takes the back seat in this drive forward. As a result, it is unclear what the degree of isolation that these clouds provide against malicious users. With the future of many commercial applications depending on the public clouds, there is one important problem that the cloud providers ought to solve to make them safe and usable isolating the use of shared resources between multi-tenant workloads or tasks. Two user tasks are perfectly isolated if one task cannot know about the execution of the other task and its use of all the shared resources. This is an essential as any arbitrary user over the Internet with a valid credit card number and an email address can use the cloud infrastructure. Such an arbitrary user may also potentially share the same machine that is used to run the VMs that are part of banking applications running on these public clouds. Without proper isolation, an average user could inflict performance degradation on a performance-sensitive enterprise application, which may lead to huge monetary loss. Apart from degradation or denial of service attacks, an adversary could surreptitiously steal sensitive information ranging from trade secrets to private cryptographic keys without the knowledge of the victim or the cloud provider. We call these attacks as co-location or co-residency attacks as the adversary uses co-residency to affect either performance or security guarantees of the co-located tenants. This dissertation challenges the security of the state-of-the-art public clouds by taking the perspective of a malicious user who aims to use the strongest suite of public clouds, multi-tenancy against its tenants (Narasayya & Chaudhuri, 2022). In this dissertation, we focus on one of the main security threats to public clouds, cross-virtual machine attacks, and evaluate how state-of-the-art cloud infrastructure fares against these attacks. The thesis of this dissertation is that, “the practice of multi-tenancy in public clouds demands stronger isolation between virtual machines on a single host in the presence of malicious users.” A successful co-location attack involves two steps: place and breach. The first step (place) in any co-location attack is placing VMs in the cloud datacenter such that some key resources are shared with one of the target victims. A straightforward choice of shared resource is a physical host. Hence, we define co-location of two VMs as VMs that share a single physical host (we also refer to co-located VMs as neighbors). Following the placement step is breaching the isolation boundary to either affect the performance guarantees or steal secrets from the co-located target VM. For instance, it is not impossible for a neighboring VM to do a Denial-of- Service (DoS) attack on all VMs running on that host by just running a single machine instruction multiple time. In the first part of the dissertation, we start by evaluating the security of public clouds against cross-VM attacks on two levels: security against VM placement in cluster schedulers and isolation between multi-tenant VMs at the hypervisor. The clouds serves its users with three main services namely the Infrastructure as a Service (IaaS), Platform as a Service (Paas) and Software as a Service (SaaS) (George & Cherian, 2016) . Amidst several challenges such as no known working co-residency detection mechanism and no prior work on analysis of placement policies of public clouds, we show that EC2, Azure and GCE are all vulnerable to adversarial VM placement attacks. In addition, we also investigate the repercussions of performance interference between co-located VMs sharing the same host. Unlike cross-VM side-channels that steal secrets across VM boundaries, we discover that a greedy user could also steal resources and benefit from improved performance at the expense of others. Both these new findings demonstrate that multi-tenancy in public clouds demands stronger isolation. In the second part of this dissertation, we venture to improve isolation between VMs in the hypervisor. A straightforward solution is hard isolation that strictly partitions hardware resources between VMs. However, this comes at the cost of reduced efficiency. We investigate the principle of soft isolation: reduce the risk of sharing through better scheduling. We demonstrate this design principle by using it to defend against cross-VM attacks. With extensive experimentation, we show that such a mechanism not only prevent a dangerous cross-VM attacks, but also incurs negligible performance overhead. Reference: Narasayya, V., & Chaudhuri, S. (2022, June). Multi-Tenant Cloud Data Services: State-of-the-Art, Challenges and Opportunities. In Proceedings of the 2022 International Conference on Management of Data (pp. 2465-2473). George, S. M., & Cherian, S. (2016). A Study on Multi Tenancy in Cloud Data Storage and Management. Describe the connection of the topic to the program goals and courses. How is your topic connected to specific goals in your program. Refer to the graduate school handbook for your program’s goals. As I am very much interested to gain the knowledge in information technology .I have chosen the topic related to my PhD program. In this program already completed the cloud computing course and very much interested to learn in detail about the cloud computing and how the cloud technology used in the businesses for the data storage .Also what are the risks that are faced by the organizations with cloud computing and their solutions want to learn in-depth through this study.