CBAC4C : conflict-based VM isolation control for cloud computing

dc.contributor.authorDlamini, Moses Thandokuhle
dc.contributor.authorEloff, Jan H.P.
dc.contributor.authorVenter, H.S. (Hein)
dc.contributor.authorEloff, Mariki M.
dc.date.accessioned2022-06-13T09:50:29Z
dc.date.issued2022-01
dc.description.abstractFor businesses to benefit from the many opportunities of cloud computing, they must first address a number of security challenges, such as the potential leakage of confidential data to unintended third parties. An inter-VM (where VM is virtual machine) attack, also known as cross-VM attack, is one threat through which cloud-hosted confidential data could be leaked to unintended third parties. An inter-VM attack exploits vulnerabilities between co-resident guest VMs that share the same cloud infrastructure. In an attempt to stop such an attack, this paper uses the principles of logical analysis to model a solution that provides physical separation of VMs belonging to conflicting tenants based on their levels of conflict. The derived mathematical model is founded on scientific principles and implemented using four conflict-aware VM placement algorithms. The resultant algorithms consider a tenant's risk appetite and cost implications. The model offers guidance to VM placement and is validated using a proof of concept. A cloud simulation tool was used to test and evaluate the effectiveness and efficiency of the model. The findings reflect that the introduction of the proposed model introduced a time lag in the time it took to place VM instances. On top of this, it was also discovered that the number and size of the VM instances has an effect on the VM placement performance. The findings further illustrate that the conflict tolerance level of a VM has a direct impact on the time it took to place.en_US
dc.description.departmentComputer Scienceen_US
dc.description.embargo2023-01-14
dc.description.librarianhj2022en_US
dc.description.urihttps://onlinelibrary.wiley.com/journal/14753995en_US
dc.identifier.citationDlamini, M.T., Eloff, J.H.P., Venter, H.S. et al. 2022, 'CBAC4C: conflict-based VM isolation control for cloud computing', International Transactions in Operational Research, vol. 29, no. 1, pp. 372-395, doi : 10.1111/itor.12935.en_US
dc.identifier.issn0969-6016 (print)
dc.identifier.issn1475-3995 (online)
dc.identifier.other10.1111/itor.12935
dc.identifier.urihttps://repository.up.ac.za/handle/2263/85804
dc.language.isoenen_US
dc.publisherWileyen_US
dc.rights© 2021 The Authors. International Transactions in Operational Research © 2021 International Federation of Operational Research Societies. This is the pre-peer reviewed version of the following article : 'CBAC4C: conflict-based VM isolation control for cloud computing', International Transactions in Operational Research, vol. 29, no. 1, pp. 372-395, 2022, doi : 10.1111/itor.12935. The definite version is available at : https://onlinelibrary.wiley.com/journal/14753995.en_US
dc.subjectCloud computingen_US
dc.subjectConflict-aware virtual machine placementen_US
dc.subjectData leakageen_US
dc.subjectMathematical modelingen_US
dc.titleCBAC4C : conflict-based VM isolation control for cloud computingen_US
dc.typePostprint Articleen_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Dlamini_CBAC4C_2022.pdf
Size:
1.68 MB
Format:
Adobe Portable Document Format
Description:
Postprint Article

License bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
license.txt
Size:
1.75 KB
Format:
Item-specific license agreed upon to submission
Description: