Venti: A New Approach to Archival Storage
FAST '02 Proceedings of the Conference on File and Storage Technologies
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Virtualization aware file systems: getting beyond the limitations of virtual disks
NSDI'06 Proceedings of the 3rd conference on Networked Systems Design & Implementation - Volume 3
Jumbo store: providing efficient incremental upload and versioning for a utility rendering service
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Opening black boxes: using semantic information to combat virtual machine image sprawl
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Communications of the ACM - Web science
Towards a discipline of mission-aware cloud computing
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
Towards a data-centric view of cloud security
CloudDB '10 Proceedings of the second international workshop on Cloud data management
A survey of risks, threats and vulnerabilities in cloud computing
Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications
AmazonIA: when elasticity snaps back
Proceedings of the 18th ACM conference on Computer and communications security
The top ten cloud-security practices in next-generation networking
International Journal of Communication Networks and Distributed Systems
Virtual machine images as structured data: the mirage image library
HotCloud'11 Proceedings of the 3rd USENIX conference on Hot topics in cloud computing
SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing
SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing
A security analysis of amazon's elastic compute cloud service
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Efficient storage of virtual machine images
Proceedings of the 3rd workshop on Scientific Cloud Computing Date
Whispers in the hyper-space: high-speed covert channel attacks in the cloud
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Provenance-Based model for verifying trust-properties
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Towards a richer model of cloud app markets
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
A survey on security issues and solutions at different layers of Cloud computing
The Journal of Supercomputing
Security Issues in Cloud Computing: A Survey of Risks, Threats and Vulnerabilities
International Journal of Cloud Applications and Computing
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Computer Standards & Interfaces
Hi-index | 0.00 |
Cloud computing is revolutionizing how information technology resources and services are used and managed but the revolution comes with new security problems. Among these is the problem of securely managing the virtual-machine images that encapsulate each application of the cloud. These images must have high integrity because the initial state of every virtual machine in the cloud is determined by some image. However, as some of the enefits of the cloud depend on users employing images built by third parties, users must also be able to share images safely. This paper explains the new risks that face administrators and users (both image publishers and image retrievers) of a cloud's image repository. To address those risks, we propose an image management system that controls access to images, tracks the provenance of images, and provides users and administrators with efficient image filters and scanners that detect and repair security violations. Filters and scanners achieve efficiency by exploiting redundancy among images; an early implementation of the system shows that this approach scales better than a naive approach that treats each image independently.