Inevitable failure: The flawed trust assumption in the cloud

Yuqiong Sun, Giuseppe Petracca, Trent Jaeger

Research output: Contribution to journalConference article

7 Citations (Scopus)

Abstract

IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been identified in these cloud services that may enable an adversary to compromise customers' computations or even the cloud platform itself. Using the motivation for adding mandatory access to commercial operating systems, we argue for the development of a secure cloud operating system (SCOS) to enforce mandatory access control (MAC) over cloud services and customer instances. To better understand the concrete challenges of building a SCOS, we examine the OpenStack cloud platform from two perspectives: (1) how attacks propagate across cloud services and (2) how adversaries leverage vulnerabilities in cloud services to attack hosts. Using this information, we review the application of three MAC approaches employed by "secure" commercial systems to evaluate their practical effectiveness for controlling cloud services. While MAC enforcement can improve security for cloud services, several threats remain unchecked. We outline a set of additional security policy goals that a SCOS must enforce to control threats from potentially compromised cloud services comprehensively. While we do not actually construct a SCOS in this paper, we hope that this study will initiate discussions that may lead to practical designs.

Original languageEnglish (US)
Pages (from-to)141-150
Number of pages10
JournalProceedings of the ACM Conference on Computer and Communications Security
Volume2014-November
Issue numberNovember
DOIs
StatePublished - Nov 7 2014
Event6th ACM Cloud Computing Security Workshop, CCSW 2014, Held in Conjunction with the 2014 ACM Computer and Communication Security, CCS 2014 - Scottsdale, United States
Duration: Nov 7 2014 → …

Fingerprint

Access control
Concretes

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Cite this

@article{32b46c49f10d4f55863d3c2f8c781297,
title = "Inevitable failure: The flawed trust assumption in the cloud",
abstract = "IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been identified in these cloud services that may enable an adversary to compromise customers' computations or even the cloud platform itself. Using the motivation for adding mandatory access to commercial operating systems, we argue for the development of a secure cloud operating system (SCOS) to enforce mandatory access control (MAC) over cloud services and customer instances. To better understand the concrete challenges of building a SCOS, we examine the OpenStack cloud platform from two perspectives: (1) how attacks propagate across cloud services and (2) how adversaries leverage vulnerabilities in cloud services to attack hosts. Using this information, we review the application of three MAC approaches employed by {"}secure{"} commercial systems to evaluate their practical effectiveness for controlling cloud services. While MAC enforcement can improve security for cloud services, several threats remain unchecked. We outline a set of additional security policy goals that a SCOS must enforce to control threats from potentially compromised cloud services comprehensively. While we do not actually construct a SCOS in this paper, we hope that this study will initiate discussions that may lead to practical designs.",
author = "Yuqiong Sun and Giuseppe Petracca and Trent Jaeger",
year = "2014",
month = "11",
day = "7",
doi = "10.1145/2664168.2664180",
language = "English (US)",
volume = "2014-November",
pages = "141--150",
journal = "Proceedings of the ACM Conference on Computer and Communications Security",
issn = "1543-7221",
publisher = "Association for Computing Machinery (ACM)",
number = "November",

}

Inevitable failure : The flawed trust assumption in the cloud. / Sun, Yuqiong; Petracca, Giuseppe; Jaeger, Trent.

In: Proceedings of the ACM Conference on Computer and Communications Security, Vol. 2014-November, No. November, 07.11.2014, p. 141-150.

Research output: Contribution to journalConference article

TY - JOUR

T1 - Inevitable failure

T2 - The flawed trust assumption in the cloud

AU - Sun, Yuqiong

AU - Petracca, Giuseppe

AU - Jaeger, Trent

PY - 2014/11/7

Y1 - 2014/11/7

N2 - IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been identified in these cloud services that may enable an adversary to compromise customers' computations or even the cloud platform itself. Using the motivation for adding mandatory access to commercial operating systems, we argue for the development of a secure cloud operating system (SCOS) to enforce mandatory access control (MAC) over cloud services and customer instances. To better understand the concrete challenges of building a SCOS, we examine the OpenStack cloud platform from two perspectives: (1) how attacks propagate across cloud services and (2) how adversaries leverage vulnerabilities in cloud services to attack hosts. Using this information, we review the application of three MAC approaches employed by "secure" commercial systems to evaluate their practical effectiveness for controlling cloud services. While MAC enforcement can improve security for cloud services, several threats remain unchecked. We outline a set of additional security policy goals that a SCOS must enforce to control threats from potentially compromised cloud services comprehensively. While we do not actually construct a SCOS in this paper, we hope that this study will initiate discussions that may lead to practical designs.

AB - IaaS clouds offer customers on-demand computing resources such as virtual machine, network and storage. To provision and manage these resources, cloud users must rely on a variety of cloud services. However, a wide range of vulnerabilities have been identified in these cloud services that may enable an adversary to compromise customers' computations or even the cloud platform itself. Using the motivation for adding mandatory access to commercial operating systems, we argue for the development of a secure cloud operating system (SCOS) to enforce mandatory access control (MAC) over cloud services and customer instances. To better understand the concrete challenges of building a SCOS, we examine the OpenStack cloud platform from two perspectives: (1) how attacks propagate across cloud services and (2) how adversaries leverage vulnerabilities in cloud services to attack hosts. Using this information, we review the application of three MAC approaches employed by "secure" commercial systems to evaluate their practical effectiveness for controlling cloud services. While MAC enforcement can improve security for cloud services, several threats remain unchecked. We outline a set of additional security policy goals that a SCOS must enforce to control threats from potentially compromised cloud services comprehensively. While we do not actually construct a SCOS in this paper, we hope that this study will initiate discussions that may lead to practical designs.

UR - http://www.scopus.com/inward/record.url?scp=84937691245&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84937691245&partnerID=8YFLogxK

U2 - 10.1145/2664168.2664180

DO - 10.1145/2664168.2664180

M3 - Conference article

AN - SCOPUS:84937691245

VL - 2014-November

SP - 141

EP - 150

JO - Proceedings of the ACM Conference on Computer and Communications Security

JF - Proceedings of the ACM Conference on Computer and Communications Security

SN - 1543-7221

IS - November

ER -