Security and reliability of N-version cloud-based task solvers with individual version cancellation under data theft attacks

Abstract

As one of the enabling technologies for cyber-physical systems and Internet of Things systems, the cloud computing provides cost-effective resources in an on-demand manner. This merit lends the cloud to running critical services that need redundancy to achieve high reliability. This paper models a cloud service using the N-version programming (NVP) redundancy technique that creates and runs multiple task solver versions (TSVs) in parallel to perform a requested service and decides the output using the threshold voting. A malicious attacker may get an unauthorized access to a user's data when the user's and attacker's virtual machines co-reside in the same cloud server. To reduce the chance of the co-residence attack success and users’ expense, an individual TSV cancellation policy is implemented, which removes a TSV's virtual machine from its host server immediately once this TSV completes the task execution. A probabilistic method is proposed to evaluate the task reliability and data security under the considered cloud service model. Constrained optimization problems are further formulated and solved, which find the optimal number of TSVs maximizing the task reliability subject to providing a desired level of data security. Examples are presented to demonstrate interactions and impacts of different parameters on the task reliability and data security, as well as on the optimization solutions.