600.412.lecture03

600.412.lecture03 - Security and Privacy in Cloud Computing...

Info iconThis preview shows pages 1–7. Sign up to view the full content.

View Full Document Right Arrow Icon
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Mapping/topology Attacks 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 2 Lecture Goal Learn about mapping attacks Discuss different techniques and mitigation strategies Analyze the practicality and impact Reading : Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds , Ristenpart et al., CCS 2009
Background image of page 2
Why Cloud Computing brings new threats? Traditional system security mostly means keeping bad guys out The attacker needs to either compromise the auth/access control system, or impersonate existing users 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 3
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Why Cloud Computing brings new threats? But clouds allow co-tenancy : Multiple independent users share the same physical infrastructure So, an attacker can legitimately be in the same physical machine as the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 4
Background image of page 4
Challenges for the attacker How to find out where the target is located How to be co-located with the target in the same (physical) machine How to gather information about the target 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 5
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds , Ristenpart et al., CCS 2009 First work on cloud cartography Attack launched against commercially available “real” cloud (Amazon EC2) Claims up to 40% success in co-residence with target VM 2/15/2010 en.600.412 Spring 2010 Lecture 2 | JHU | Ragib Hasan 6
Background image of page 6
Image of page 7
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/27/2012 for the course CS 600 taught by Professor Smith,r during the Winter '08 term at Alabama.

Page1 / 25

600.412.lecture03 - Security and Privacy in Cloud Computing...

This preview shows document pages 1 - 7. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online