1 / 6

Class 18 Security in Cloud Computing CIS 755: Advanced Computer Security Spring 2014

Class 18 Security in Cloud Computing CIS 755: Advanced Computer Security Spring 2014. Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/. Administrative stuff. No office hours tomorrow End of semester is coming up – remember your projects!

trudy
Download Presentation

Class 18 Security in Cloud Computing CIS 755: Advanced Computer Security Spring 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Class 18Security in Cloud ComputingCIS 755: Advanced Computer SecuritySpring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/

  2. Administrative stuff • No office hours tomorrow • End of semester is coming up – remember your projects! • You will present your results to the class – 10 to 12 minutes • Attend tomorrow’s talk (if you can): • “Privacy in the Age of Pervasive Cameras” • at 12:30 in N126

  3. “Secure” cloud computing • Hey, you, get off of my cloud: Exploring information leakage in third-party compute clouds (2009) • HomeAlone: Co-Residency Detection in the Cloud via Side-Channel Analysis (2011) • Cross-VM Side Channels and Their Use to Extract Private Keys (2012)

  4. Attack vectors • Side channels, of course! :) • Statistics FTW • Latency • Power, RF • Cache • Other vectors? • Other adversary models?

  5. Solutions • Don’t use cloud computing :) • Run on “bare iron” when you use clouds • Run the same attack to verify that no one is “co-resident” • Data-only, i.e. remote disk but not CPU…?

  6. Questions? Reading discussion

More Related