Security of Cloud Multi-Tenancy


With its massive pooling and multiplexing of computing resources, the cloud offers enterprises the prospect of lower IT costs, lighter administrative burdens, and rapid scaling of resources. Security, however, is a major impediment to enterprise adoption of public clouds, i.e., clouds administered by third parties. By relinquishing control over their IT resources, cloud tenants expose themselves to the security choices and mistakes of their providers. Because many tenants share common pools of hardware, the cloud makes strange bedfellows. Businesses may find themselves sharing adjacent or overlapping computing resources with partners, suppliers, competitors, or attackers.

Strong isolation among tenants is therefore a pillar of secure cloud computing. Logical isolation of computing resources can help protect against poorly or inadequately implemented or conceived access-control policies. However, because VMs that execute on the same physical machine share a range of hardware resources: computing, memory, and so forth, even when solid logical isolation ensures against abuse of explicit logical channels, shared hardware creates a variety of security vulnerabilities. In the following projects, we have explored the confidentiality, integrity, and availability of computations in public multi-tenancy clouds.

Go back to homepage.