Abstract
Major infrastructure-as-a-cloud (IaaS) providers have recently been building marketplaces of “cloud apps,” which are VMs pre-installed with a variety of software stacks. Clients of cloud computing leverage such markets by downloading and instantiating the apps that best suit their computing needs, thereby saving the effort needed to configure and build VMs from scratch.We posit that the notion of cloud apps as defined by these marketplaces is nascent and does not allow apps to leverage the benefits of virtual machine (VM) introspection technology developed over the past decade. We envision a marketplace of apps that can interact with client VMs in a rich set of ways to provide a number of services that are currently supported only by cloud providers. This allows clients to deploy services such as VM introspection-based security tools and network middleboxes on their work VMs without requiring the cloud provider to deploy these services on their behalf.This paper presents models to support such a marketplace of expressive cloud apps. We present a study of the design space of these models to understand their performance and deployment tradeoffs. We also consider the design of a permissions-based framework to contain untrusted third-party cloud apps. Finally, we demonstrate the utility of our models by building and evaluating a number of security tools built as cloud apps.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
