CBAC4C : conflict-based VM isolation control for cloud computing
| dc.contributor.author | Dlamini, Moses Thandokuhle | |
| dc.contributor.author | Eloff, Jan H.P. | |
| dc.contributor.author | Venter, H.S. (Hein) | |
| dc.contributor.author | Eloff, Mariki M. | |
| dc.date.accessioned | 2022-06-13T09:50:29Z | |
| dc.date.issued | 2022-01 | |
| dc.description.abstract | For businesses to benefit from the many opportunities of cloud computing, they must first address a number of security challenges, such as the potential leakage of confidential data to unintended third parties. An inter-VM (where VM is virtual machine) attack, also known as cross-VM attack, is one threat through which cloud-hosted confidential data could be leaked to unintended third parties. An inter-VM attack exploits vulnerabilities between co-resident guest VMs that share the same cloud infrastructure. In an attempt to stop such an attack, this paper uses the principles of logical analysis to model a solution that provides physical separation of VMs belonging to conflicting tenants based on their levels of conflict. The derived mathematical model is founded on scientific principles and implemented using four conflict-aware VM placement algorithms. The resultant algorithms consider a tenant's risk appetite and cost implications. The model offers guidance to VM placement and is validated using a proof of concept. A cloud simulation tool was used to test and evaluate the effectiveness and efficiency of the model. The findings reflect that the introduction of the proposed model introduced a time lag in the time it took to place VM instances. On top of this, it was also discovered that the number and size of the VM instances has an effect on the VM placement performance. The findings further illustrate that the conflict tolerance level of a VM has a direct impact on the time it took to place. | en_US |
| dc.description.department | Computer Science | en_US |
| dc.description.embargo | 2023-01-14 | |
| dc.description.librarian | hj2022 | en_US |
| dc.description.uri | https://onlinelibrary.wiley.com/journal/14753995 | en_US |
| dc.identifier.citation | Dlamini, M.T., Eloff, J.H.P., Venter, H.S. et al. 2022, 'CBAC4C: conflict-based VM isolation control for cloud computing', International Transactions in Operational Research, vol. 29, no. 1, pp. 372-395, doi : 10.1111/itor.12935. | en_US |
| dc.identifier.issn | 0969-6016 (print) | |
| dc.identifier.issn | 1475-3995 (online) | |
| dc.identifier.other | 10.1111/itor.12935 | |
| dc.identifier.uri | https://repository.up.ac.za/handle/2263/85804 | |
| dc.language.iso | en | en_US |
| dc.publisher | Wiley | en_US |
| dc.rights | © 2021 The Authors. International Transactions in Operational Research © 2021 International Federation of Operational Research Societies. This is the pre-peer reviewed version of the following article : 'CBAC4C: conflict-based VM isolation control for cloud computing', International Transactions in Operational Research, vol. 29, no. 1, pp. 372-395, 2022, doi : 10.1111/itor.12935. The definite version is available at : https://onlinelibrary.wiley.com/journal/14753995. | en_US |
| dc.subject | Cloud computing | en_US |
| dc.subject | Conflict-aware virtual machine placement | en_US |
| dc.subject | Data leakage | en_US |
| dc.subject | Mathematical modeling | en_US |
| dc.title | CBAC4C : conflict-based VM isolation control for cloud computing | en_US |
| dc.type | Postprint Article | en_US |