Abstract
With the proliferation of cloud computing to outsource computation in remote servers, the accountability of computational resources has emerged as an important new challenge for both cloud users and providers. Among the cloud resources, CPU and memory are difficult to verify their actual allocation, since the current virtualization techniques attempt to hide the discrepancy between physical and virtual allocations for the two resources. This paper proposes an online verifiable resource accounting technique for CPU and memory allocation for cloud computing. Unlike prior approaches for cloud resource accounting, the proposed accounting mechanism, called Hardware-assisted Resource Accounting (HRA), uses the hardware support for system management mode (SMM) and virtualization to provide secure resource accounting, even if the hypervisor is compromised. Using a secure isolated execution support of SMM, this study investigates two aspects of verifiable resource accounting for cloud systems. First, this paper presents how the hardware-assisted SMM and virtualization techniques can be used to implement the secure resource accounting mechanism even under a compromised hypervisor. Second, the paper investigates a sample-based resource accounting technique to minimize performance overheads. Using a statistical random sampling method, the technique estimates the overall CPU and memory allocation status with 99%~100% accuracies and performance degradations of 0.1%~0.5%.
- AdvancedMicro Dvices. AMD64 Architecture Programmer's Mannual: Volume 2: System Programming, 2007.Google Scholar
- Apache HTTP Server. http://httpd.apache.org, 2011.Google Scholar
- A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, and N. C. Skalsky. HyperSentry: enabling stealthy in-context measurement of hypervisor integrity. In Proceedings of 17th ACMConference on Computer and Communications Security, CCS 2010. Google Scholar
Digital Library
- A. M. Azab, P. Ning, and X. Zhang. Sice: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In Proceedings of the 18th ACM conference on Computer and communications security, CCS 2011. Google Scholar
Digital Library
- S. A. Baset. Cloud SLAs: Present and Future. ACM SIGOPS Operating Systems Review, 46(2):57--66, 2012. Google Scholar
Digital Library
- S. Bouchenak, G. Chockler, H. Chockler, G. Gheorghe, N. Santos, and A. Shraer. Verifying Cloud Services: Present and Future. ACM SIGOPS Operating Systems Review, 47(2):6--19, 2013. Google Scholar
Digital Library
- C. Chen, P. Maniatis, A. Perrig, A. Vasudevan, and V. Sekar. Towards Verifiable Resource Accounting for Outsourced Computation. In Proceedings of the 9th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE 2013. Google Scholar
Digital Library
- K. L. Chung. A Course In Probability Theory. Academic press, 2001.Google Scholar
- Damn Small Linux. http://www.damnsmalllinux. org/, 2014.Google Scholar
- V. C. Emeakaroha, T. C. Ferreto, M. A. S. Netto, I. Brandic, and C. A. De Rose. CASViD: Application Level Monitoring for SLA Violation Detection in Clouds. In Proceedings of the 36th IEEE Computer Software and Applications Conference, COMPSAC 2012. Google Scholar
Digital Library
- H. C. Fengzhe Zhang, Jin Chen and B. Zang. CloudVisor: Retrofitting Protection of Virtual Machines in Multi-tenant Cloud with Nested Virtualization. In Proceedings of the 23rd ACM Symposium on Operating Systems Principles, SOSP 2011. Google Scholar
Digital Library
- Intel Corporation. Software Developer's Mannual vol. 3: System Programming Guide, 2009.Google Scholar
- S. Jin, J. Ahn, S. Cha, and J. Huh. Architectural support for secure virtualization under a vulnerable hypervisor. In Proceedings of the 44th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 2011. Google Scholar
Digital Library
- J. Lango. Toward Software-defined SLAs. Communications of the ACM, 57(1):54--60, 2014. Google Scholar
Digital Library
- M. Macias and J. Guitart. Client Classification Policies for SLA Enforcement in Shared Cloud Datacenters. In Proceedings of the 12th IEEE/ACMInternational Symposium on Cluster, Cloud and Grid Computing, CCGrid 2012. Google Scholar
Digital Library
- D. Magenheimer. Xen developer's mailing list: http://secunia.com/advisories/26986/, 2010.Google Scholar
- M. Maurer, I. Brandic, and R. Sakellariou. Self-adaptive and Resource-efficient SLA Enactment for Cloud Computing Infrastructures. In Proceedings of the 5th IEEE International Conference on Cloud Computing, CLOUD 2012. Google Scholar
Digital Library
- R. Y. Rubinstein and D. P. Kroese. Simulation and the Monte Carlo method, volume 707. John Wiley & Sons, 2011.Google Scholar
- RUBiS Benchmark. http://rubis.ow2.org, 2008.Google Scholar
- Secunia Vulnerability Report. http://secunia.com/advisories/15863/, 2010.Google Scholar
- Secunia Vulnerability Report. http://secunia.com/advisories/25985/, 2010.Google Scholar
- Secunia Vulnerability Report: Xen 3.x. http://secunia.com/advisories/product/15863/, 2010.Google Scholar
- V. Sekar and P. Maniatis. Verifiable Resource Accounting for Cloud Computing Services. In Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop, CCSW 2011. Google Scholar
Digital Library
- S. Setty, V. Vu, N. Panpalia, B. Braun, A. J. Blumberg, and M. Walfish. Taking Proof-based Verified Computation a Few Steps Closer to Practicality. In Proceedings of the 21st USENIX Conference on Security Symposium, Security 2012. Google Scholar
Digital Library
- SPECCPU2006 Benchmark. http://www.spec.org/cpu2006, 2005.Google Scholar
- SPECjbb2005 Benchmark. http://www.spec.org/jbb2005, 2005.Google Scholar
- Trusted Platform Module. http://www.trustedcomputinggroup.org/developers/trusted_platform_module.Google Scholar
- V. Varadarajan, T. Kooburat, B. Farley, T. Ristenpart, and M. M. Swift. Resource-freeing Attacks: Improve Your Cloud Performance. In Proceedings of the 19th ACM Conference on Computer and Communications Security, CCS 2012. Google Scholar
Digital Library
- J. Wang, A. Stavrou, and A. K. Ghosh. HyperCheck: A Hardware-Assisted Integrity Monitor. In Proceedings of 13th International Symposium on Recent Advances in Intrusion Detection, RAID 2010. Google Scholar
Digital Library
- R. Wojtczuk. Subverting the Xen Hypervisor, 2008.Google Scholar
- R. Wojtczuk and J. Rutkowska. Xen 0wning trilogy, 2008.Google Scholar
- Xen Hypervisor. http://www.xen.org/, 2010.Google Scholar
- F. Zhang, K. Leach, K. Sun, and A. Stavrou. SPECTRE: A Dependable Introspection Framework via System Management Mode. In Proceedings of the 43rd IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2013. Google Scholar
Digital Library
- F. Zhou, M. Goel, P. Desnoyers, and R. Sundaram. Scheduler Vulnerabilities and Coordinated Attacks in Cloud Computing. In Proceedings of the 10th IEEE International Symposium on Networking Computing and Applications, NCA 2011. Google Scholar
Digital Library
Index Terms
Hardware-Assisted Secure Resource Accounting under a Vulnerable Hypervisor
Recommendations
Eliminating the hypervisor attack surface for a more secure cloud
CCS '11: Proceedings of the 18th ACM conference on Computer and communications securityCloud computing is quickly becoming the platform of choice for many web services. Virtualization is the key underlying technology enabling cloud providers to host services for a large number of customers. Unfortunately, virtualization software is large, ...
Hardware-Assisted Secure Resource Accounting under a Vulnerable Hypervisor
VEE '15: Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution EnvironmentsWith the proliferation of cloud computing to outsource computation in remote servers, the accountability of computational resources has emerged as an important new challenge for both cloud users and providers. Among the cloud resources, CPU and memory ...
H-SVM: Hardware-Assisted Secure Virtual Machines under a Vulnerable Hypervisor
With increasing demands on cloud computing, protecting guest virtual machines (VMs) from malicious attackers has become critical to provide secure services. The current cloud security model with software-based virtualization relies on the invulnerability ...







Comments