Abstract
The virtualization technology, particularly virtual machines (VMs) used in cloud computing systems have raised unique security and reliability risks for cloud users. This chapter focuses on the resilience to one of such risks, co-residence attacks where a user’s information in one VM can be accessed/stolen or corrupted through side channels by a malicious attacker’s VM co-residing on the same physical server. Both users’ and attackers’ VMs are distributed among cloud servers at random. We consider different users’ data protection policies with the aim to make the data resilient to the co-residence attacks, including data partition with and without replication of the parts, and attack detection through the early warning mechanism. Probabilistic models are suggested to derive the overall probabilities of an attacker’s success in data theft and data corruption. Based on the suggested probabilistic evaluation models, optimization problems of obtaining the data partition/replication policy to balance data security, data reliability, and a user’s overheads are formulated and solved, leading to the optimal data protection policy to achieve data resilience. The possible user’s uncertainty about the number of attacker’s VMs is taken into account. Numerical examples demonstrating the influence of different constraints on the optimal policy are presented.