Abstract
A filesystem-level storage cloud offers network-filesystem access to multiple customers at low cost over the Internet. In this paper, we investigate two alternative architectures for achieving multi-tenancy securely and efficiently in such storage cloud services. They isolate customers in virtual machines at the hypervisor level and through mandatory access-control checks in one shared operating-system kernel, respectively. We compare and discuss the practical security guarantees of these architectures. We have implemented both approaches and compare them using performance measurements we obtained.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
IBM Scale Out Network Attached Storage, http://www-03.ibm.com/systems/storage/network/sonas/
Schmuck, F., Haskin, R.: GPFS: A Shared-disk File System For Large Computing Clusters. In: Proc. File and Storage Technologies (2002)
Kivity, A., Kamay, Y., Laor, D., Lublin, U., Liguori, A.: kvm: the Linux Virtual Machine Monitor. In: Proc. Linux Symposium, vol. 1 (2007)
Cai, H., Reinwald, B., Wang, N., Guo, C.: SaaS Multi-Tenancy: Framework, Technology, and Case Study. International Journal of Cloud Applications and Computing (IJCAC) 1(1) (2011)
Traeger, A., Rai, A., Wright, C., Zadok, E.: NFS File Handle Security. In: Tech. Rep., Computer Science Department, Stony Brook University (2004)
Oehme, S., Deicke, J., Akelbein, J., Sahlberg, R., Tridgell, A., Haskin, R.: IBM Scale out File Services: Reinventing network-attached storage. IBM Journal of Research and Development 52(4.5) (2008)
grsecurity, http://grsecurity.net/
Osman, S., Subhraveti, D., Su, G., Nieh, J.: The Design and Implementation of Zap: A System for Migrating Computing Environments. In: ACM SIGOPS Operating Systems Review, vol. 36(SI) (2002)
Kamp, P., Watson, R.: Jails: Confining the omnipotent root. In: Proc. International System Administration and Network Engineering (2000)
Price, D., Tucker, A.: Solaris Zones: Operating System Support for Consolidating Commercial Workloads. In: Proc. System Administration (2004)
McCarty, B.: SELinux: NSA’s Open Source Security Enhanced Linux (2004)
Diesburg, S.M., Wang, A.-I.A.: A survey of confidential data storage and deletion methods. ACM Computing Surveys 43 (December 2010)
Sivathanu, G., Wright, C.P., Zadok, E.: Ensuring data integrity in storage: Techniques and applications. In: Proc. Storage Security and Survivability (2005)
Schechter, S.: Computer Security Strength & Risk: A Quantitative Approach. PhD thesis, Harvard University Cambridge, Massachusetts (2004)
Schneier, B.: Attack trees. Dr. Dobb’s journal 24(12) (1999)
Hardy, N.: The Confused Deputy. ACM SIGOPS Operating Systems Review 22(4) (1988)
Wojtczuk, R.: Adventures with a certain Xen vulnerability (in the PVFB backend). Message Sent to Bugtraq Mailing List on October 15 (2008)
Ormandy, T.: An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments. In: Proc. CanSecWest Applied Security Conference (2007)
Kortchinsky, K.: Cloudburst – Hacking 3D and Breaking out of VMware (2009)
Blanc, M., Guerin, K., Lalande, J., Le Port, V.: Mandatory Access Control implantation against potential NFS vulnerabilities. In: International Symposium on Collaborative Technologies and Systems (2009)
libvirt: The virtualization API, http://libvirt.org/index.html
Nurmi, D., Wolski, R., Grzegorczyk, C., Obertelli, G., Soman, S., Youseff, L., Zagorodnov, D.: The Eucalyptus Open-source Cloud-computing System. In: Proc. Cluster Computing and the Grid (2009)
OpenStack Swift, http://swift.openstack.org/
Liedtke, J.: On micro-kernel construction. In: Proc. SOSP (1995)
Heiser, G., Uhlig, V., LeVasseur, J.: Are Virtual Machine Monitors Microkernels Done Right? ACM SIGOPS Operating Systems Review 40(1) (2006)
Hohmuth, M., Peter, M., Härtig, H., Shapiro, J.S.: Reducing TCB size by using untrusted components: small kernels versus virtual-machine monitors. In: Proc. SIGOPS European Workshop (2004)
Jujjuri, V., Hensbergen, E.V., Liguori, A.: VirtFS – A virtualization aware File System pass-through. In: Proc. Ottawa Linux Symposium (2010)
Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud Security Is Not (Just) Virtualization Security: A Short Paper. In: Proc. CCSW (2009)
Petroni Jr, N.L., Hicks, M.: Automated Detection of Persistent Kernel Control-Flow Attacks. In: Proc. CCS (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kurmus, A., Gupta, M., Pletka, R., Cachin, C., Haas, R. (2011). A Comparison of Secure Multi-Tenancy Architectures for Filesystem Storage Clouds. In: Kon, F., Kermarrec, AM. (eds) Middleware 2011. Middleware 2011. Lecture Notes in Computer Science, vol 7049. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25821-3_24
Download citation
DOI: https://doi.org/10.1007/978-3-642-25821-3_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25820-6
Online ISBN: 978-3-642-25821-3
eBook Packages: Computer ScienceComputer Science (R0)