Secure virtual machine placement in infrastructure cloud services
Publication Type
Conference Proceeding Article
Publication Date
11-2017
Abstract
With increasing evidence on the breadth and potency of side-channel attacks based on resource sharing, virtual machine (VM) placement in infrastructure cloud services, such as Amazon EC2, has become an important security problem. In this paper, we present a new approach to this problem by letting users specify their own trust profiles, and then incorporating such information into VM placement decisions. The objective is to ensure safe VM placement while aiming to maximize physical resource utilization in data centers. We propose and implement four different solutions to the problem, namely Graph Coloring, Bin Packing, Linear Programming and Genetic Algorithm. The proposed algorithms have been thoroughly evaluated on various real world datasets and different trust profiles. We found that, by including security requirements within VM placement algorithms, the loss of efficiency was as little as 2-3% in certain trust profiles and datasets. In addition, simple greedy approaches were found to be more scalable; and performed much better in terms of efficiency loss than more complicated optimization methods.
Discipline
Software Engineering
Research Areas
Software and Cyber-Physical Systems
Publication
Proceedings of the 10th Conference on Service-Oriented Computing and Applications (SOCA): 2017 IEEE, Kanazawa, Japan, November 22-25
Identifier
10.1109/SOCA.2017.12
Publisher
IEEE
City or Country
Kanazawa, Japan
Citation
NATU, Varun and TA, Nguyen Binh Duong.
Secure virtual machine placement in infrastructure cloud services. (2017). Proceedings of the 10th Conference on Service-Oriented Computing and Applications (SOCA): 2017 IEEE, Kanazawa, Japan, November 22-25.
Available at: https://ink.library.smu.edu.sg/sis_research/4833
Additional URL
https://doi.org/10.1109/SOCA.2017.12