Skip to main content
SpringerLink
Log in

Locking the sky: a survey on IaaS cloud security

  • Published:
Computing Aims and scope Submit manuscript

Abstract

Cloud computing is expected to become a common solution for deploying applications thanks to its capacity to leverage developers from infrastructure management tasks, thus reducing the overall costs and services’ time to market. Several concerns prevent players’ entry in the cloud; security is arguably the most relevant one. Many factors have an impact on cloud security, but it is its multitenant nature that brings the newest and more challenging problems to cloud settings. Here, we analyze the security risks that multitenancy induces to the most established clouds, Infrastructure as a service clouds, and review the literature available to present the most relevant threats, state of the art of solutions that address some of the associated risks. A major conclusion of our analysis is that most reported systems employ access control and encryption techniques to secure the different elements present in a virtualized (multitenant) datacenter. Also, we analyze which are the open issues and challenges to be addressed by cloud systems in the security field.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Owens CD (2010) Securing elasticity in the cloud. Commun ACM 53(6):46–51. http://10.1145/1743546.1743565

    Google Scholar 

  2. Vaquero L, Rodero-Merino L, Caceres J, Lindner M (2009) A break in the clouds: towards a cloud definition. ACM Comput Commun Rev 39(1): 50–55

    Article  Google Scholar 

  3. Chen Y, Paxson V, Katz RH (2010) Whats new about cloud computing security. Tech. Rep. UCB/EECS-2010-5, EECS Department, University of California, Berkeley

  4. Viega J (2009) Cloud computing and the common man. Computer 42: 106–108

    Article  Google Scholar 

  5. Molnar D, Schechter S (2010) Self hosting vs. cloud hosting:accounting for the security impact of hosting in the cloud. In: Workshop on the economics of information security

  6. CSA: Cloud security guide (2009) Tech. rep., cloud security alliance. http://www.cloudsecurityalliance.org/csaguide.pdf

  7. ENISA: Cloud computing: Benefits, risks and recommendations for information security (2009) Tech rep., European Network and Information Security Agency

  8. Archer J, Boheme A, Cullinarie D, Puhlmann N, Kurtz P, Reavis J (2010) Top threats to cloud computing. Tech. rep., Cloud Security Alliance. http://www.cloudsecurityalliance.org/topthreats

  9. Lu W, Keahy K, Freeman T, Siebenlist F (2005) Making your workspace secure: establishing trust with vms in the grid super computing. In: Supercomputing. Poster

  10. Calder B, Chien AA, Wang J, Yang D (2005) The entropia virtual machine for desktop grids. In: VEE ’05: Proceedings of the 1st ACM/USENIX international conference on virtual execution environments, pp 186–196. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1064979.1065005

  11. Suzaki K, Yagi T, Iijima K, Quynh NA (2007) Os circular: internet client for reference. In: LISA’07: Proceedings of the 21st conference on large installation system administration conference, pp 1–12. USENIX Association, Berkeley, CA, USA

  12. Jinpeng W, Xiaolan Z, Glenn A, Vasanth B, Peng N (2009) Managing security of virtual machine images in a cloud environment. In: CCSW ’09: Proceedings of the 2009 ACM workshop on Cloud computing security, pp 91–96. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1655008.1655021

  13. Constandache I, Yumerefendi A, Chase J (2008) Secure control of portable images in a virtual computing utility. In: VMSec ’08: Proceedings of the 1st ACM workshop on virtual machine security, pp 1–8. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1456482.1456484

  14. Descher M, Masser P, Feilhauer T, Tjoa AM, Huemer D (2009) Retaining data control to the client in infrastructure clouds. In: Availability, reliability and security, international conference on 0:9–16. http://doi.ieeecomputersociety.org/10.1109/ARES.2009.78

  15. Baldwin A, Dalton C, Shiu S, Kostienko K, Rajpoot Q (2009) Providing secure services for a virtual infrastructure. SIGOPS Oper Syst Rev 43(1):44–51. http://doi.acm.org/10.1145/1496909.1496919

    Google Scholar 

  16. Raj H, Schwan K (2009) Extending virtualization services with trust guarantees via behavioral monitoring. In: VDTS ’09: Proceedings of the 1st EuroSys workshop on virtualization technology for dependable systems, pp 24–29. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1518684.1518689

  17. Baiardi F, Sgandurra D (2007) Building trustworthy intrusion detection through vm introspection. In: IAS ’07: Proceedings of the third international symposium on information assurance and security, pp 209–214. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/IAS.2007.25

  18. Garfinkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Proceedings on network and distributed systems security symposium, pp 191–206

  19. Sala G, Sgandurra D, Baiardi F (2007) Security and integrity of a distributed storage in a virtual environment. In: Proceedings of 4th international IEEE security in storage workshop, pp 58–69

  20. Perez R, van Doorn L, Sailer R (2008) Virtualization and hardware-based security. IEEE Secur Privacy 6(5):24–31. http://dx.doi.org/10.1109/MSP.2008.135

    Google Scholar 

  21. Aoyagi S, Oikawa S (2008) Ixiv vmm: a vmm on 2-level ring architecture. In: Computer and information technology, IEEE 8th international conference on 0:533–538. http://doi.ieeecomputersociety.org/10.1109/CIT.2008.Workshops.62

  22. Sailer R, Jaeger T, Valdez E, Caceres R, Perez R, Berger S, Griffin JL, Doorn Lv (2005) Building a mac-based security architecture for the xen open-source hypervisor. In: ACSAC ’05: Proceedings of the 21st annual computer security applications conference, pp 276–285. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/CSAC.2005.13

  23. McCune JM, Parno BJ, Perrig A, Reiter MK, Isozaki H (2008) Flicker: an execution infrastructure for tcb minimization. In: Eurosys08: Proceedings of the 3rd ACM SIGOPS/EuroSys European conference on computer systems 2008, pp 315–328. ACM, New York, NY, USA

  24. Carpenter M, Liston T, Skoudis E (2007) Hiding virtualization from attackers and malware. IEEE Secur Privacy 5: 62–65

    Article  Google Scholar 

  25. Okamura K, Oyama Y (2010) Load-based covert channels between xen virtual machines. In: SAC ’10: Proceedings of the 2010 ACM symposium on applied computing, pp 173–180. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1774088.1774125

  26. Tromer E, Osvik DA, Shamir A (2009) Efficient cache attacks on aes, and countermeasures. J Cryptol 23(1): 37–71

    Article  MathSciNet  Google Scholar 

  27. Kocher PC (1996) Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: CRYPTO ’96: Proceedings of the 16th annual international cryptology conference on advances in cryptology, pp 104–113. Springer, London, UK

  28. Aviram A, Hu S, Ford B, Gummadi R (2010) Determinating timing channels in statistically multiplexed clouds. CoRR abs/1003.5303

  29. Dunlap GW, Lucchetti DG, Fetterman MA, Chen PM (2008) Execution replay of multiprocessor virtual machines. In: VEE ’08: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on virtual execution environments, pp 121–130. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1346256.1346273

  30. Karger PA, Safford DR (2008) I/o for virtual machine monitors: Security and performance issues. IEEE Secur Privacy 6(5):16–23. http://dx.doi.org/10.1109/MSP.2008.119

  31. Wang Z, Jiang X (2010) Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity. In: 31st IEEE symposium on security and privacy

  32. Murray D, Milos G, Hand S (2008) Improving xen security through disaggregation. In: 4th ACM SIGPLAN/SIGOPS international conference on virtual execution environments, pp 151–160

  33. Karger PA (2005) Multi-level security requirements for hypervisors. In: ACSAC ’05: Proceedings of the 21st annual computer security applications conference, pp 267–275. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/CSAC.2005.41

  34. Wen-Zhi C, Hong-Wei Z, Wei H (2008) Sevmm: Vmm-based security control model. In: Proceedings of cyberworlds, international conference on 0:820–823. http://doi.ieeecomputersociety.org/10.1109/CW.2008.110

  35. Garfinkel T, Pfaff B, Chow J, Rosenblum M, Boneh D (2003) Terra: a virtual machine-based platform for trusted computing. In: Proceedings of the nineteenth ACM symposium on operating systems principles, pp 193–206. ACM Press

  36. Hirano M, Shinagawa T, Eiraku H, Hasegawa S, Omote K, Tanimoto K, Horie T, Kato K, Okuda T, Kawai E, Yamaguchi S (2008) Introducing role-based access control to a secure virtual machine monitor: security policy enforcement mechanism for distributed computers. In: Asia-Pacific conference on services computing. 2006 IEEE 0:1225–1230. http://doi.ieeecomputersociety.org/10.1109/APSCC.2008.14

  37. Rueda S, Vijayakumar H, Jaeger T (2009) Analysis of virtual machine system policies. In: SACMAT ’09: Proceedings of the 14th ACM symposium on access control models and technologies, pp 227–236. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1542207.1542243

  38. Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM conference on computer and communications security

  39. Keller E, Szefer J, Rexford J, Lee R (2010) Nohype: virtualized cloud infrastructure without the virtualization. In: ISCA ’10: Proceedings of the international symposium on computer architecture

  40. Ruan A, Shen Q, Yin Y (2008) A generalized trusted virtualized platform architecture. In: Young computer scientists, international conference for 0:2340–2346. http://doi.ieeecomputersociety.org/10.1109/ICYCS.2008.508

  41. Berger S, Cáceres R, Goldman KA, Perez R, Sailer R, van Doorn L (2006) vtpm: virtualizing the trusted platform module. In: USENIX-SS’06: Proceedings of the 15th conference on USENIX security symposium. USENIX Association, Berkeley, CA, USA

  42. Gebhardt C, Tomlinson A (2008) Secure virtual disk images for grid computing. In: APTC ’08: Proceedings of the 2008 Third Asia-Pacific trusted infrastructure technologies conference, pp 19–29. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/APTC.2008.17

  43. Lioy A, Ramunno G, Vernizzi D (2009) Trusted-computing technologies for the protection of critical information systems. J Inform Assur Secur 4: 449–457

    Google Scholar 

  44. Nuno Santos Krishna P, Gummadi RR (2009) Towards trusted cloud computing. In: Hot Cloud. http://www.usenix.org/event/hotcloud09/tech/full_papers/santos.pdf

  45. Cabuk S, Dalton CI, Ramasamy H, Schunter M (2007) Towards automated provisioning of secure virtualized networks. In: CCS ’07: Proceedings of the 14th ACM conference on computer and communications security, pp 235–245. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1315245.1315275

  46. Tarnovsky C (2010) Deconstructing a secure processor. In: Black hat briefings federal. http://www.blackhat.com/presentations/bhdc10/Tarnovsky_Chris/BlackHat%DC2010TarnovskyDASPslides.pdf

  47. Iliev A, Smith SW (2005) Protecting client privacy with trusted computing at the server. IEEE Secur Privacy 3(2):20–28. http://dx.doi.org/10.1109/MSP.2005.49

    Google Scholar 

  48. Antonelli CJ, Undy M, Honeyman P (1999) The packet vault: secure storage of network data. In: ID’99: Proceedings of the 1st conference on workshop on intrusion detection and network monitoring, pp 11–11. USENIX Association, Berkeley, CA, USA

  49. Parno B (2008) Bootstrapping trust in a “trusted” platform. In: HOTSEC’08: Proceedings of the 3rd conference on hot topics in security, pp 1–6. USENIX Association, Berkeley, CA, USA

  50. The genesis kernel: a virtual network operating system for spawning network architectures (1999)

  51. Barham P, Dragovic B, Fraser K, Hand S, Harris T, Ho A, Neugebauer R, Pratt I, Warfield A (2003) Xen and the art of virtualization. In: SOSP ’03: Proceedings of the nineteenth ACM symposium on operating systems principles, pp 164–177. ACM, New York, NY, USA. http://doi.acm.org/10.1145/945445.945462

  52. Sundararaj AI, Dinda PA (2004) Towards virtual networks for virtual machine grid computing. In: VM’04: Proceedings of the 3rd conference on virtual machine research and technology symposium, pp 14–14. USENIX Association, Berkeley, CA, USA

  53. Touch J (2001) Dynamic internet overlay deployment and management using the x-bone. Comput Netw 36(2–3):117–135. http://dx.doi.org/10.1016/S1389-1286(01)00172-4

  54. Andersen D, Balakrishnan H, Kaashoek F, Morris R (2001) Resilient overlay networks. In: SOSP ’01: Proceedings of the eighteenth ACM symposium on operating systems principles, pp 131–145. ACM, New York, NY, USA. http://doi.acm.org/10.1145/502034.502048

  55. Bavier A, Feamster N, Huang M, Peterson L, Rexford J (2006) In vini veritas: realistic and controlled network experimentation. In: SIGCOMM ’06: Proceedings of the 2006 conference on applications, technologies, architectures, and protocols for computer communications, pp 3–14. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1159913.1159916

  56. Davoli R (2005) Vde: Virtual distributed ethernet. In: TRIDENTCOM ’05: Proceedings of the first international conference on testbeds and research infrastructures for the DEvelopment of NeTworks and COMmunities, pp 213–220. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/TRIDNT.2005.38

  57. Dalton C (2005) Xen virtualization and security. Tech. rep., HP Security Office

  58. Housley R (2002) Rfc 3378. etherip: Tunneling ethernet frames in ip datagrams. RFC. http://www.faqs.org/rfcs/rfc3378.html

  59. Sundararaj AI, Gupta A, Dinda PA (2004) Dynamic topology adaptation of virtual networks of virtual machines. In: LCR ’04: Proceedings of the 7th workshop on workshop on languages, compilers, and run-time support for scalable systems, pp 1–8. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1066650.1066665

  60. Jiang X, Xu D (2003) Violin: Virtual internetworking on overlay infrastructure. In: Proceedings of the 2nd international symposium on parallel and distributed processing and applications, pp 937–946. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.2.4260

  61. Primet PVB, Gelas JP, Mornard O, Koslovski G, Roca V, Giraud L, Montagnat J, Huu TT (2009) A scalable security model for enabling dynamic virtual private execution infrastructures on the internet. In: CCGRID ’09: Proceedings of the 2009 9th IEEE/ACM international symposium on cluster computing and the grid, pp 348–355. IEEE Computer Society, Washington, DC, USA. http://dx.doi.org/10.1109/CCGRID.2009.76

  62. Mather T, Kumaraswamy S, Latif S (2009) Cloud security and privacy: an enterprise perspective on risks and compliance. O’Reailly Media, Sebastopol, CA, USA

  63. Soltesz S, Potzl H, Pluczynski M, Bavier A, Peterson L (2007) Copntainer-based operating system virtualization: A scalablem hig-performance alternative to hypervisors. In: Eurosys, pp 275–287

  64. Jensen M, Schwenk J, Gruschka N, LoIacono L (2009) On technical security issues in cloud computing. Cloud Computing. In: IEEE international conference on 0:109–116

  65. Casado M, Freedman MJ, Pettit J, Luo J, McKeown N, Shenker S (2007) Ethane: taking control of the enterprise. SIGCOMM Comput Commun Rev 37(4):1–12. http://doi.acm.org/10.1145/1282427.1282382

  66. Bernstein D, Ludvigson E (2009) Networking challenges and resultant approaches for large scale cloud construction.In: Grid and pervasive computing conference, workshops at the 0:136–142. http://doi.ieeecomputersociety.org/10.1109/GPC.2009.10

  67. Pffaf B, Pettit J, Koponen T, Anidon K, Casado M, Shenker S (2009) Extending networking into the virtualization layer. In: ACM SIGCOMM’s hot topics in networks (HotNets) workshops. http://conferences.sigcomm.org/hotnets/2009/papers/hotnets2009-final143.pdf

  68. Rodero-Merino L, Vaquero LM, Gil V, Galán F, Fontán J, Montero RS, Llorente IM (2010) From infrastructure delivery to service management in clouds. Future Gen Comput Syst 26(8): 1226–1240

    Article  Google Scholar 

  69. Jaquith A (2007) Security metrics: replacing fear, uncertainty, and doubt. Addison-Wesley Professional, Reading

    Google Scholar 

  70. Verendel V (2009) Quantified security is a weak hypothesis: a critical survey of results and assumptions. In: NSPW ’09: Proceedings of the 2009 workshop on new security paradigms workshop, pp 37–50. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1719030.1719036

  71. Krautsevich L, Martinelli F, Yautsiukhin A (2010) Formal approach to security metrics.: what does “more secure” mean for you? In: ECSA ’10: Proceedings of the fourth European conference on software architecture, pp 162–169. ACM, New York, NY, USA. http://doi.acm.org/10.1145/1842752.1842787

Download references

Author information

Authors and Affiliations

  1. Hewlett-Packard Labs, Bristol, UK

    Luis M. Vaquero

  2. LIP ENS Lyon, Graal/Avalon Group, INRIA, Villeurbanne, France

    Luis Rodero-Merino

  3. U.N.E.D, Madrid, Spain

    Daniel Morán

Authors
  1. Luis M. Vaquero
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Luis Rodero-Merino
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Morán
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Luis M. Vaquero.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Vaquero, L.M., Rodero-Merino, L. & Morán, D. Locking the sky: a survey on IaaS cloud security. Computing 91, 93–118 (2011). https://doi.org/10.1007/s00607-010-0140-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-010-0140-x

Keywords

Mathematics Subject Classification (2000)

Search

Navigation