Infrastructure as a Service (IaaS) cloud environments use multi-tenancy to take advantage of virtualisation technologies that increase resource utilisation, load balancing, scalability and reliability. This approach allows cloud service providers to maximise use of their infrastructure by multiplexing their physical machines with virtualisation and then assigning the virtual machines (VMs) to different clients when required.
But there is also a downside. With multi-tenancy cloud computing, traditional network security controls become almost useless in protecting one set of users from another. This means an attacker could rent one of these VMs and instantly be shoulder-to-shoulder with several potential targets.
For his MSc thesis at Royal Holloway University of London, Jacobo Ros, under the supervision of lecturer Chez Ciechanowicz, explored the ways in which an attacker might locate a target VM in the cloud, and create a neighbouring VM from which to launch an attack from behind the network firewall.
In an article published on SearchSecurity.co.UK, Ros details the steps an attacker could take to narrow down the search for a target system, and then install a malicious VM on the same hardware as the target. He also proposes some simple steps that cloud service providers could take to prevent this scenario from happening.
Read the article
Download the article by Jacobo on multi-tenancy cloud computing (.pdf).
Read the full thesis (.pdf).
This is essential reading for any company moving to the cloud. It not only explains some of the potential information security dangers, but will also help IT teams ask the right questions about the security offered by prospective cloud service providers.
This feature is one of six SearchSecurity.co.uk is publishing this year in collaboration with RHUL.
This was first published in June 2012