Optimizing dynamic survivability and security of replicated data in cloud systems under co-residence attacks

Abstract

Utilizing the virtualization technology, multiple virtual machines (VMs) can be created on a single physical server for different tasks, enabling cost-effective resource sharing in cloud computing systems. However, this co-resident VM architecture can be exploited by malicious attackers, posing unique survivability and security risks for cloud users. This paper addresses one of such risks called co-residence attacks, where a malicious attacker can steal or corrupt a user's sensitive information through co-residing the attacker's VM with the target user's VM on the same physical server. We model users’ data protection policy in which sensitive data are replicated and stored on different VMs to enhance data survivability. Both user's and attacker's VMs are distributed among cloud servers at random. The arrival of attacker's requests for creating VMs is modeled by a Poisson stochastic process. We propose a probabilistic model to obtain dynamic data survivability and security indices. Based on the suggested evaluation model, dynamic data replication policies are analyzed and optimized. Numerical examples are presented to demonstrate impacts of different model parameters on the dynamic data survivability and security.