Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
On the feasibility of side-channel attacks in a virtualized environment. / Vateva-Gurova, T.; Luna, J.; Pellegrino, G.; Suri, Neeraj.
E-Business and Telecommunications: 11th International Joint Conference, ICETE 2014, Vienna, Austria, August 28-30, 2014, Revised Selected Papers. Vol. 554 Springer-Verlag, 2015. p. 319-339.Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
}
TY - CHAP
T1 - On the feasibility of side-channel attacks in a virtualized environment
AU - Vateva-Gurova, T.
AU - Luna, J.
AU - Pellegrino, G.
AU - Suri, Neeraj
PY - 2015
Y1 - 2015
N2 - The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. © Springer International Publishing Switzerland 2015.
AB - The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. © Springer International Publishing Switzerland 2015.
KW - Feasibility analysis
KW - Feasibility factors
KW - Security classifications
KW - Side-channel attacks
KW - Electronic commerce
KW - Java programming language
KW - Virtual reality
KW - Execution environments
KW - Feasibility assessment
KW - Information leakage
KW - Security classification
KW - Virtual machines
KW - Virtualized environment
KW - Side channel attack
U2 - 10.1007/978-3-319-25915-4_17
DO - 10.1007/978-3-319-25915-4_17
M3 - Chapter
SN - 9783319259147
VL - 554
SP - 319
EP - 339
BT - E-Business and Telecommunications
PB - Springer-Verlag
ER -