Standard
On the feasibility of side-channel attacks in a virtualized environment. / Vateva-Gurova, T.; Luna, J.; Pellegrino, G. et al.
E-Business and Telecommunications: 11th International Joint Conference, ICETE 2014, Vienna, Austria, August 28-30, 2014, Revised Selected Papers. Vol. 554 Springer-Verlag, 2015. p. 319-339.
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
Harvard
Vateva-Gurova, T, Luna, J, Pellegrino, G
& Suri, N 2015,
On the feasibility of side-channel attacks in a virtualized environment. in
E-Business and Telecommunications: 11th International Joint Conference, ICETE 2014, Vienna, Austria, August 28-30, 2014, Revised Selected Papers. vol. 554, Springer-Verlag, pp. 319-339.
https://doi.org/10.1007/978-3-319-25915-4_17
APA
Vateva-Gurova, T., Luna, J., Pellegrino, G.
, & Suri, N. (2015).
On the feasibility of side-channel attacks in a virtualized environment. In
E-Business and Telecommunications: 11th International Joint Conference, ICETE 2014, Vienna, Austria, August 28-30, 2014, Revised Selected Papers (Vol. 554, pp. 319-339). Springer-Verlag.
https://doi.org/10.1007/978-3-319-25915-4_17
Vancouver
Author
Vateva-Gurova, T. ; Luna, J. ; Pellegrino, G. et al. /
On the feasibility of side-channel attacks in a virtualized environment. E-Business and Telecommunications: 11th International Joint Conference, ICETE 2014, Vienna, Austria, August 28-30, 2014, Revised Selected Papers. Vol. 554 Springer-Verlag, 2015. pp. 319-339
Bibtex
@inbook{b9b8b4456b4c46a5bdc984205aa5c169,
title = "On the feasibility of side-channel attacks in a virtualized environment",
abstract = "The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. {\textcopyright} Springer International Publishing Switzerland 2015.",
keywords = "Feasibility analysis, Feasibility factors, Security classifications, Side-channel attacks, Electronic commerce, Java programming language, Virtual reality, Execution environments, Feasibility assessment, Information leakage, Security classification, Virtual machines, Virtualized environment, Side channel attack",
author = "T. Vateva-Gurova and J. Luna and G. Pellegrino and Neeraj Suri",
year = "2015",
doi = "10.1007/978-3-319-25915-4_17",
language = "English",
isbn = "9783319259147",
volume = "554",
pages = "319--339",
booktitle = "E-Business and Telecommunications",
publisher = "Springer-Verlag",
}
RIS
TY - CHAP
T1 - On the feasibility of side-channel attacks in a virtualized environment
AU - Vateva-Gurova, T.
AU - Luna, J.
AU - Pellegrino, G.
AU - Suri, Neeraj
PY - 2015
Y1 - 2015
N2 - The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. © Springer International Publishing Switzerland 2015.
AB - The isolation among physically co-located virtual machines is an important prerequisite for ensuring the security in a virtualized environment (VE). The VE should prevent from exploitation of sidechannels stemming from the usage of shared resources, being hardware or software. However, despite the presumed secure logical isolation, a possible information leakage beyond the boundaries of a virtual machine due to side-channel exploits is a key concern in the VE. Such exploits have been demonstrated in the academic world during the last years. This paper takes into consideration the side-channel attacks threat, and points out that the feasibility of a SCA strongly depends on the specific context of the execution environment. The paper proposes a framework for feasibility assessment of SCAs using cache-based exploits as an example scenario. Furthermore, we provide a proof of concept to show how the feasibility of cache-based SCAs can be assessed using the proposed approach. © Springer International Publishing Switzerland 2015.
KW - Feasibility analysis
KW - Feasibility factors
KW - Security classifications
KW - Side-channel attacks
KW - Electronic commerce
KW - Java programming language
KW - Virtual reality
KW - Execution environments
KW - Feasibility assessment
KW - Information leakage
KW - Security classification
KW - Virtual machines
KW - Virtualized environment
KW - Side channel attack
U2 - 10.1007/978-3-319-25915-4_17
DO - 10.1007/978-3-319-25915-4_17
M3 - Chapter
SN - 9783319259147
VL - 554
SP - 319
EP - 339
BT - E-Business and Telecommunications
PB - Springer-Verlag
ER -