Identifying and Analyzing Security Threats to Virtualized Cloud Computing Infrastructures rrz z ro er m ners enoo s s nsrrz@eumm mer@eumm
Ab- A multi-tenant Cloud Computing Infrastructure (CCI) consists of several Virtual Machines (VMs) running on same physical platform by using virtualization techniques. The VMs are monitored and managed managed by kernel kernel based based soware soware i.e. Virtual Virtual Machine Machine Monitor Monitor (VMM) or hypervisor which is main component of Virtualized Cloud Computing Infrastructure (VCCI). Due to soware based vulnerabilities, VMMs are compromised to security attacks that may take place from inside or outside attackers. In order to formulate a secure VCCI, VMM must be protected by implementing strong security tools and techniques such as Encryption and Key Management (EKM), Access Control Mechanisms (ACMs), Intrusion Detection Tools (IDTs), Virtual Trusted Platform Module (vTPM), Virtual Firewalls (VFs) and Trusted Virtual Domains (TVDs). In this research paper we describe the techniques of virtualizing a CCI, types of attacks on VCCI, vulnerabilities of VMMs and we critically describe the signicance of security tools and techniques for securing a VCCI. Kwd- Virtualization Virtual Machine Monitor Attacks and Vulnerabilities, Security Tools and Techniques
I.
Introduction
Considerng the reduction n global warmg cloud computng is is movng towards the the platform of vrtualzation [1]. Under this tecique hadware or sowe resoces such as memor, CPU, storage, network are logically porioned and provided to multiple tenants. However vrtualzation vrtualzation is complex and has a considerable attack sface. It is prone to bugs and unerabilities [2]. The applications of clients are rung on VMs residg on VCCI. Snce the VMs are not permitted to access the underlyng physical hardware drectly, hypervisor or VMM is used to manage, monitor and isolate VMs om each other and the host OS [3]. One of the prmary benets that vrtualization brgs is isolation. This benet, if not carelly deployed will become a teat to the operatng envroment [4]. However, Cloud Service Providers (CSPs) unerae a susania eor o secure er ssems n orer o mnmize the teats to nastructe but still hypervisors has aws of weak security isolation [5]. If an attacker is able to gan access over the hpervisor, whole service could be at risk and all the VMs rug over the hypervisor would be compromised [6-7]. Due to appropriate securit standards used for hpervisors at nastructure level, there are security gaps that can be exploited by the side or outside malicious attackers to misuse the astructure [8]. Sce public cloud provides open global accesses to heterogeneous clients,
umm z ro usn mrn reson ners mn ruks.facultypreston.ae
condentiality, ntegrity, security, availability, authenticity and privacy are essential ess ential conces for both CSP and clients c lients as well. Security and privacy ae the most signicant challenges that may mpede the cloud computng adoption. Violatng the security of any component will impact the other components consequently the security of the entre system will collapse [3]. CCI must be secure at each layer such as physical, network, vrtualzation and application layers. However, the focus of this research paper is to identi and analyze the security issues and teats only on VCCI. VCCI . II.
Vrtualzng Vrtualzng The Cloud Computng Inastructe
The adoption of vrtualization n cloud computng brought up several advantages compared to traditional computg nastructure where one resource was allocated to a sngle VM at a tme [9]. The clients are eractng with the physical nastructure by accessng ther applications on ther personal VMs rung on a hervisor as shown n Fig. [9].
g
fuu Fi g ure ure I CloudVirtalization CloudVirtalization[9]
Snce a VCCI consists of numerous clients VMs that, e controlled by VMM to ensure far schedulng, memory and resoce allocation etc. The VMM itself is runng on the physical nastructure by utilizng the host OS [ 0]. The VCCI is similar to the OS envronment, where multiple processes are rug on a sgle OS which is responsible for monitorg and managng the processes. There are two main tpes of hypervisors used on a VCCI i.e. Type- ad Type-2. A Type-
Poceedin g s of 2012 Intenational ofCloudComputin g Technolo g Applications Mana g g , Technolo g ies, Applications g ement 978-1-4673-4416-6/12/$ 978-1-4673-4416-6/12/$ 31.00 © 2012EEE
151
154741228: Identifyin Identifyin andAnalyin andAnalyin Secuity Theats to Vitualied Vitualied Cloud Computin Computin Inastuctues
hypervisor runs drectly upon the hardwe with a sepated layer om the host OS. Tpe-2 hpervisor runs together with the host OS. Due to the isolation om the host OS, the security, performance and scalability features n Tpe- are eanced tha Type-2 [11]. The highly used ndustry based tpe- and tpe-2 hpervisor nclude Xen and KVM respectivey.
Enl
A. Xen Hypervisor
Xen resides between the VMs and underlyng physical hardware. In order to create a secure operatg envroment, Xen hypervisor divides the VMs nto two domas i.e. Doman (Dom) and Doma (DomU) accordg to the accessibility privileges. The Dom VM has higher privileges and it can access the hadwe whereas DomU VMs have lower privileges and caot drectly access the hardware. hen Xen hypervisor sts, for the rst tme it loads Dom VM. Normally the user of Dom is a system admistrator who has privilege to use the hypervisor nterface to create, delete or manage any DomU VMs. Each DomU VM contans a modied Lnux keel that cludes ont-end ivers that comunicates with the Xen hypervisor, stead of comnicatng drectly with hardware. For each DomU VM, CPU and memory access operations are hadled dectly by the Xen hpervisor. However, 10 is drected to Dom snce Xen hypervisor itself is not able to perform any I/O operation [12]. B Kernel Virtual Machine (K Hypervisor
KVM is developed by mplementng Lx keel module with enhanced hypervisor nctionalities. Each Lnux process has two modes of execution, user and kernel mode. The user mode is considered as unprivileged while keel mode is considered as privileged process. The default mode for a process is user mode. It changes to the keel mode when it requres some sor of services om keel such as request for writng to hard disk. hile implementng the KVM, the developers added a thrd mode for process, called as guest mode. The guest mode itself has two normal modes user and keel, can be called as guest-user and guest-keel mode. hen a guest process is executng non-I/O guest code, it will run guest-user mode. In guest-keel mode, the process handles exits om guest-user mode due to I/O or other special strctions. In user mode, the Lux process performs I/O on behalf of a guest. In the KVM model each guest VM is plemented as a smple Lux process and that process itself is able to rn multiple applications concurrently because it is actng as a vrtual OS [13]. Each VM is scheduled by standard Lx scheduler. III.
Fiue 2.Inside 2.Inside andOutside andOutsideAttack Attack [8]
Attack on any component of VCCI may affect the others. In order to overcome this issue, the astructure needs to be secured by implementng security tools and teciques that isolates the VMM, guest/ host OS and physical hardwe om the side-effects of each other. [2] Identied two major attacks on VCCI (VM to VM and VM to Hpervisor) as shown n Fig. 3 [2].
. End \. U
1 · ···
Clou Poi
Clud
Hype· isor tVM atak
Servers
TTACKSON VCCI AND ULN U LNERAB ERABILITIES IE SOF
VMM Due to nappropriate secity standards used for hpervisors at nastructure level, there are several security gaps that can be exploited by the side or outside malicious attackers to misuse the nastructure as shown n Fig. 2 [8].
Fiue 3.Attack 3.Attack Suface [2]
The attacks visualized Fig.3 can take place due to tee major uerabilities (VM hoppg, VM escape and VM mobility) identied hpervisors [7] [4].
Poceedins of 2012nteational 2012nteational of CloudComputin, Technoloies, Technoloies, Applications Applications Manaement
152
Saa Nawa Bohi, MevatAdib MevatAdib Bamiah, Muhammad Muhammad Naw Bohi, Ruk shanda shanda Kama Kamann
A, VM Hopping
hen several VMs are rug on the same host OS, a malicious attacker such as remote un-trsted cloud user on one VM can obtan the access of other VM just by knowng its IP address. Once a VM is attacked, the attacker can monitor the trac gong over the VM ad change the ow of trac or manipulate it. This attack can can create a major issue of Denial of Service (DOS) that is actually an attempt to make a computer resource unavailable to its tended users [4]. If VM is rung sce a long te, an attacker can modi the conguration le such that VM goes o state. Therefore the ongong comnication to that VM could be stopped. hen the coection is resumed, the VM needs to star the entre comnication agan [7]. B VM Escape
This unerability allows a guest-level VM to attack its host. Under this an attacker such as a un-trsted user of cloud services can run a code on a VM that allows an OS rung withn it to bre out and teract drectly with the hypervisor. Such an exploit could give the attacker access to the host OS and all other VMs rng on that host [4]. If an attacker gans access to the host rung multiple VMs, he/she can access the resoces which are shared by the other VMs. The host can monitor the memory beng allocated and the CPU utilization. If necessary an attacker can brng down these resoces and turn off the hypervisor and if the hypervisor fails, all the other VMs o eventually [7]. C VM Mobili
Under a VCCI VMs can move om one physical host to another is called as VM mobility. However, VM mobility can be risky for security attacks, VM les can be stolen without physical the t he of the host mache [3]. VMs can be moved over the Network or copied tough a USB. Snce VM are not essentially present on the physical mache, the teat for an attack ncreases. The contents of the VM ae stored a le on the hpervisor. If the VM is moved to another location, then the vrtual disk is also recreated and an attacker can then modi the source conguration le and alter the VMs activities. VM can also be compromised if the VM is one. An attacker can modi the conguration le of the VM. Gang access acce ss to the vrtual v rtual disk, attacker has sufcient te to break n all the security measure such as passwords, orant credentials, etc. Sce S ce this VM is a copy of the actual VM, it is difcult to trace the attacker with this teat [7]. This attack is normally caused by a malicious cloud admnistrator. IV.
ECURITY OOLS OOLSAN ANDD ECH ECHIQU IQUES ESFOR FORE ECUR CU RING THE TH E IRTUALIZED IZ ED LOUD OMPUTING IN G NFRASTRUCTURE
There are numerous security tools and teciques available to overcome the malicious teats on VCCI ad hypervisor unerabilities. Durng our analysis, we have identied some major approaches for securng a VCCI by reviewng the past and present literature. These nclude EM, ACMs, Ts,
vTPM, VFs ad TVDs. The signicances of these teciques to secure a VCCI are described as follows: A.
Encption and Key Management (E
The protection of data aganst the loss and the is a shaed responsibility of cloud customer and CSP. Nowadays, encryption is one of the strongly recomended teciques cloud Service Level Agreements (SLAs) [26]. The condential data of customer must be encrpted at tee different stages i.e. encryptio encryptionn of data- at- rest (encrptng (encrptng the customer customer's 's data on disk storage as cipher tex that will protect the data om malicious CSP and illegal use), encryption of data-at-trasit (encrptg the condential nformation such as credit cards while transmittng over a network) and encrption of data on backup media such as external or nternal storages, this can protect aganst misuse of lost or stolen media [14]. However, encryption only is not enough to keep the data secure, there must be proper key management practices to ensure the safe and legal access of encryption keys. For-nstance encryption keys must be protected same as sensitive data itself and these keys should be accessed only by lmited ad authorzed personalities and proper procedes must be followed if encrption keys are lost or stolen [14]. It is the customer's responsibility to enforce the use of encryption and key management ther SLAs. However, tpe of encrption tecique used depends upon the requrements and objectives. The common encrption methods that can be used on VCCI nclude symmetric and asymmetric algoritms. From symmetric crptography family, Triple Data Encrption Algorithm (TEA) also known as Triple-DES or (3DES) and Advanced Encryption Standad (AES) e most comon types of encrption teciques. These tpes of encrption and decrption process use a secret key. From asymetric crptography, RSA and Elliptic Curve Crptography (ECC) are mostly used encryption teciques, unlke symmetric these methods uses two different keys, a public key for encrption and a private key for decrption [24]. If data encrption practices are followed accately, the data will be saved om the illegal accesses or the of a malicious CSP's admnistrator and remote hackers. B
Intrusion Detection Tools Ts)
The multi-tenant and distributed nate of the cloud makes it a attractive target for potential intruders. Appropriate IDTs should be used at VCCI which contnuously collects and analyzes data om a computng system, ag to detect ntrusive actions. There e two ma approaches for IDTs i.e. Network-based Ts (NIDTs) and Host-based Ts (HITs), NIDTs are based on monitorng the network trac owg tough the systems and examnng events as packets of nformation exchange between computers. hile, HITs are based on monitorng local activity on a host lke processes, network coections, system calls, logs, etc and examng events lke what les were accessed and what applications were executed [16]. Both Ts tools should be used at VCCI to ensure safe and secure operatng envronment n order to block the ruders.
Poceedins of 2012nteational 2012nteational of CloudComputin, Computin, Technoloies, Applications Manaement
153
154741228: Identifyin Identifyin andAnalyin andAnalyin Secuity Theats to Vitualied Vitualied Cloud Computin Computin Inastuctues
C
Virtual Firewall (VF)
It is a rewall service runng n a vrtualized envronment which provides usual packet lterg and monitorng services that a physical rewall provides [18]. VFs can execute n various modes tpically hypervisor-mode (hpervisor resident) and bride-mode. In order to protect the VMs and VMM, hypervisor-resident VFs must be implemented on the VMM where it is responsible to capture malicious VM activities ncludng packet njections. These VFs requre a modication to the physical host hpervisor keel to nstall process hooks or modules allowng the VF system access to VM nformation and drect access to the vrtual network switches as well as vrtualized network erfaces movng packet trac between VMs. The hypervisor-resident VF can use the same hooks to then perform all rewall nctions lke packet nspection, droppg, and forwadng but without actually touchng the vrtual network at any po. Hpervisor resident VFs can be faster as compaed to bridge-mode VFs because they are not performg packet spection n VFs, but rather om with the kernel at native hardwae speeds [19]. D. Trusted Virtual Domains (TVDs)
A TVD is security technique formed at VCCI by groupg the related VMs runng on separate physical mache o a sngle network doman with a unied security policy. The multiple nstances of TVDs co-exist on a sgle platform under a shaed resource policy. The use of TVD provides strong isolation among un-related VMs as the communication among TVDs takes places only accordg to the security policies deed by admistrator congured n the VMM. A malicious VM canot jon any TVD because order to jo TVD, a VM should ll the requrements of the policy so no malicious VM can affect the VMs of trusted users on cloud [20]. Normally the VMs residg n a TVD are labeled with a unique identier. For-stance the VMs of one customer will be labeled differently om the other customer. The labelng is used to identi the assigned VMs to a paricular customer and to allow the same s ame labeled VMs to run on side the same TVD that must be designed by followg a proper security guidelnes and policies that doesn't ehibit any loop holes. E.
Access Control Mechanisms (ACMs)
ACMs are responsible responsible of protectng protectng of a VCCI by limitg, denyng or restrictng access to a system or an entity such as processes, VM and VMMs accordng to the well dened dene d security policies [15]. Most comon ACMs used n VCCI clude Mandator Access Control (MAC), Discretionary Access Control (DAC) and Role Based Access Control (BAC). All these techniques are known as identity based ACMs as user subjects and resources objects are identied by unique names. Identication may be done drectly or tough roles assigned to the subjects [25]. ACMs guarantees egrity and condentiality of the resources. Access control must be performed by a trusted pary which can be also the CSP or thrd party n association with the cloud customer. Moreover, the collaboration and the expression of access control at each layer e.g. hypervisor or OS must be achieved a dedicated
and neutral language to allow a unication policy regardless of the layer layer.. F
Virtual Trusted Plaorm Module (vTP
IBM reseachers proposed TPM vrtualization that is based on certicate chan lkng vTPMs to the physical TPM n order to provide its capabilities and make it available to all VMs runng on a platform. vTPMs can be located n a specic layer over the hypervisor. A vTPM nstance is created for each VM by vTPM Manager which is built in a specic VM and may nvoke its own vTPM tough the hypervisor [17]. Each VM has its associated vTPM stance that emulates the TPM nctionality to extend the cha of trust om the physical TPM to each vTPM via carel management of signng keys and certicates. A vTPM has its own vrtual Endorsement Key (EK) and vrtual Storage Root Key (SRK) beside some sowae on the host. In multi-tenant VCCI the system s ystem of vTPM vrtualizes vrtual izes a physical TPM to be used by a number of VM on a sngle hardwae hardwae platform [23]. V. MPLE PL EMENTATION OF ECURITY OOLS AND AN D ECIQUES ECIQU ES FORORMUL MU LATING IN G AE ECURE CU RE VCCI The security tools and tecniques discussed previous section have been implemented by various researchers to design and develop secure VCCI. This section describes some of the valuable valuable contributions by the researchers. [21] designed Trusted Vrtual Datacenter (TVDc). The am of TVDc is to provide a safety net that reduces the risk ris k of security s ecurity issues that take place by misusg the VMs with the help of malicious soware. [22] Proposed a trusted VMM with the use of encryption methods This tecnique is referred as CloudVisor It is implemented as a security monitor that runs in the highest privileged mode even more than the hypervisor. Once the CloudVisor runs then it stas the hypervisor that executes n the least privileges mode. In order to enforce protection and isolation, CloudVisor monitors the use hardware by VMM and VMs. CloudVisor uses security authentication TPM for secure boot-up and encrption of VMs data. [8] Proposed the TVMM by usng TPM as root of trust by implementg it on Xen hypervisor. The vTPM provides the isolation iso lation security between VMs so no ay VMs can access the resources of others. [8] Also proposed a page-based encryption method. This method uses the secret key managed by the hypervisor to encrypt all pages. Encrption Encrpti on uses AES-128 n CBC mode, and hashg uses SHA-256 before the pages are handed over to Dom. These are few of the valuable contributions however there is tremendous amount of research beng carried out by several researchers for securng the VCCI. VI.
ONCLUSION AND AN D UTURE WOR WORK K
Multi-tenancy is one of the signicant chaacteristics of cloud computng that refers to the mechanism of sharng a cloud platform ad resoces to the several clients. In order to achieve the benets of this tecique, cloud computg has moved towards vrtualzation, where each clients is assigned with one or multiple VMs. Beside the benets, multi-tenant cloud envroents is also unerable to attacks that have mpede the trust on adoptng cloud computng. Attacks have
Poceedins of 2012nteational 2012nteational of Cloud Cloud Computin, Computin, Technoloies, Applications Applications Manaement
154
Saa Nawa Bohi, MevatAdib MevatAdib Bamiah, Muhammad Muhammad Naw Bohi, Ruk shanda shanda Kama Kamann
been identied om outsiders and nsiders The major targeted po for attack on ncludes the VMM. V MM. In order to secure the VMM, several teciques have been ntroduced that ae plemented by various researchers om academia and dustry to sece the I. The adoption of cloud computng is an un-stoppng task so the challenge is to formulate a secure . In order to contribute n the eld of cloud computg we analyzed the security issues on VI, however security is not only limited to vrtualzation components. A must be secure at various layers physical, network, application, management and organzational layers by considerng the govemental policies and SLAs etc. However, the ture drection of o resech is to conduct an analysis identig and overcomng the security issues on cloud computg om goveance and operational perspectives.
[9] [10]
[] [12]
[13]
COLE COLEDD GMENT GMENT
[14]
We are thal to God Aighty for gvg us the knowledge and wisdom to complete this work. We are also thl to o parents for ther encouragng suppor.
[15]
EFERENCES
[16]
[]
Y amini, amini, B. Selvi, D .V., V., 2010.Cloud 2010.Cloud vitualiation: A A potential way to educe lob al wamin. wamin. In Recent Advances Advances in Space Technolo Services and Climate Change (RSTSCC), 2010 Recent Advces in Space Technoloy Sevices and Climate Chane (RSTS (RSTSCC), 2010. pp. 5557. [2] Sefe, 1 et al. 2011. Eliminatin the hypeviso attack suface fo a moe secue cloud. Proceedings of the 18th ACM coerence on Computer and communications securi Chicago, linois, USA, ACM:
[3]
[4]
[5] [5] [6]
[7]
401-412 . D awoud, ., Tak Tak ouna, . . Meinel, C., 2010. Inastuctue as a seice seice secuity: Challenes and solutions.In Informatics and Systems (INFOS). 2010 e 7th International Conference on Infomatics and Systems (FOS), 2010. pp. 18. Shenmei, L., et a., 2011. Vitualiation Vitualiation secuity fo cloud computin sevice. In Cloud and Service Computing (CSC), 2011 International Se vice Computin (CSC), CSC), 2011 Intenational Coerence on Cloud and Sevice Confeence on. pp. 174179. Tak Tak ab i, H., Joshi, J.B.D J.B.D . Ahn, G ., 2010. Secuity and Pivacy Challenes in Cloud Computin Envionments. Securi & Privacy IEEE, 8(6), pp.24-31. an, Z. Ji, x 2010. HypeSafe: A Lihteiht Appoach to Povide Lifetime Lifeti me Hypeviso Hype viso Contol-Flow Contol-Flow Inteity. In Securi and Privacy (SP), 2010 IEEE Symposium on Secuity Secuity and Pivacy (SP), 2010 IEEE Symposium on. pp. 380395. Jasti, A., et al. 2010. Secuity in multi-tenancy cloud. In Securi
[17] [18] [18] [19] [0]
[21] [22]
[23] [24]
Technolo (ICCS, 2010 IEEE International Carnahan Conference on Secuity Technoloy (CCST) CST),, 2010 IEEE Intenational Canahan
[8]
Confeence on. pp. 3541. Jinhu Kon, 2010. Potectin the Condentiality of Vitual Machines Aainst Untusted Host. In Intellience Infomation Pocessin and Tusted Tus ted Computi Comp utin n (P (PTC), 2010 Inteational Symposium Symposium on. Intellience Intell ience Infomation Infom ation Pocessin Pocessin and Tusted Computin Comp utin (IPTC), 20 0International Smposium Smposium on. pp. 36 4368.
[25] [26]
Fu en Li Xian, 2011. The study on data secuity in Cloud Computin b ased on Vitualiation. In I. In Medicine and Education (T (TME), 2011 Intenational Intenational Symposium on. pp. 257261. Suyanayana, v Jasti, A. Pendse, R., 2010. Cedit schedulin and pefetchin in hypevisos usin Hidden Mak ov Models. In Local Compute Netwok s (LCN), (LCN), 2010 IEEE 35th Confeence on. Local Compute Netwok s (LCN), (LCN), 2010 IEEE 35th Confeence on. pp. 224 227. Nauhton, ., et al. 2010. Loadab Loadab le Hypeviso Hypeviso Modules, System Sciences (HI (HICSS), 2010 43d HawaiiIntenational Confeence on, vol., no., pp.-8. Peijie Y u. et a., 2010. Real-time Enhancement fo Xen Hypeviso. In Emb edded and Ub iquitous Computin (EUC), 2010 201 0 IEEE/IFIP 8th Intenational Confeence on. Emb edded and Ub iquitous Computin (EUC), 2010 20 10 IEEE/ IEEE /IFIP 8th 8t hIntenationalConfeence on. pp. 23-3 0. Pham, c., et al. 2011. CloudVal: A amewok validation validation of vitualiation envionment in cloud inastuctue. In D ependab le Systems Systems Netwok s (D SN), 2011 IEEE/IFIP 41st Inteational Inteati onal Confeenc Confeencee on. D ependab ependab le Systems Systems Netwok s (D SN), on. pp. 189 196. CSA, 2010, D omain omain 12: G uidance uidance foIdentity foIdentity AccessManaement V2..Cloud SecuityAlliance. SecuityAlliance.Availa Availabb le at: at: http: //www.cloudsecuityalliance. //www.cloudsecuityalliance.o/uidance/csaui o/uidance/csauidede- dom 12.pdf Afoulk Afoulk i, Z., et al. 2012. MAC potection potection of the Open Neb ula Cloud envionment, Hih Pemance Computin and Simulatio S imulationn (HP (HPCS), 2012 IntenationalConfeence on, vol., no., pp.85. Haley Haley Koushk o, Intusion Intusion D etection: Host-Based and Netwok -Based Intusion D etection Systems, Availab Availab le om http: //infohost.nmt.edu/sfs/Students/HaleyKous //infohost.nmt.edu/sfs/Students/HaleyKoushk hk o/Papes Papesntusion ntusion D etecti onPape. onPape. pd pd Achemlal, M., et.al. 2011. Tusted Platfom Module as an Enab le fo Secuity in Cloud Computin, Netwok and Infomation Systems Secuity (SAR-SSI), 2011 Confeence Confeence on , vol., no., pp.-6. ik i, VitualFiewall, Availab Availab le om http: //en.wik ipedia.o/wik iVitual_ewall. Vitual_ewall. Clement Bethelot, Evaluation of a VitualFiewall in aCloud Envioent, Availab Availab le om om http: //b uchananweb .co.uk /09014406_MSc_ /09014406_MSc_VituaFiewall.pd Fiewall.pd Luii, C., et al.TustedVi TustedVitua tuall D omains omains D esin, esin, Implementation Implementation and Lessons Leaed, Availab Availab le om om http: //infohost.nmt.edu/sfs/Students/HaleyKous //infohost.nmt.edu/sfs/Students/HaleyKoushk hk o/Papes Papesntusion ntusion D etectionPape. pd Bee, S., R. Cacees, et al. 2009. Secuity the the cloud inastuctue: inastuctue: Tusted vitual vi tual data cente cen te implementation implem entation.. IBM Jounal of Reseach and D evelopment 53(4): 6: 1-6: 1-6: 12. Zhan, F., et al. 201 1. CloudViso: CloudViso: etoin potection potection of vitual machines in multi-tenant cloud with nested vitualiation. Poceedins of the Twenty-Thid Thid ACM Symposium on Opeatin Systems Pinciples.Cascais, Potual, Potual, AC ACM : 203-216. D onxi, onxi, L., et al. 201 0. A Cloud Achitectue of Vitual Tusted Tusted Platfom Modules, Emb edded and Ub Ub iquitous Computin (EUC), (EUC), 2010 IEEE/ IE EE/I IFIP 8th 8t hInteationalConfeence on, vol., no., pp.804-811. Jin-Jan h., et al. 2011. A BusinessModel BusinessModel foCloud foCloudComputin Computin Based on a Sepaate Encyption and D ecyption Sevice, Infomation Infomation Science andApplications (C (CISA), 2011 Intenational Confeence on , vol., no., pp.-7, 26-29. Khan, A., 2012. Access Access Contol in Cloud Computin Envioent, In ARPN ARPN Joual of Enineein Enine ein and Applied Appl ied Sciences, Sciences , vol-7, no-5., pp.613-615. Jansen, ., and G ance, ance, ., 2011, G uidelines onSecuity and Pivacy in Pub lic Cloud Computin. Computin. ational Institute of Standards and Technolo Special Publication 800-144 NIST IST SpecialPub lication 800 144.
Poceedins of 2012ntenational 2012ntenational of Cloud Cloud Computin, Computin, Technoloies, Technoloies, Applications Applications Manaement
155
