Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Towards a framework for assessing the feasibility of side-channel attacks in virtualized environments
AU - Vateva-Gurova, T.
AU - Luna, J.
AU - Pellegrino, G.
AU - Suri, Neeraj
PY - 2014/8/28
Y1 - 2014/8/28
N2 - Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.
AB - Physically co-located virtual machines should be securely isolated from one another, as well as from the underlying layers in a virtualized environment. In particular the virtualized environment is supposed to guarantee the impossibility of an adversary to attack a virtual machine e.g., by exploiting a side-channel stemming from the usage of shared physical or software resources. However, this is often not the case and the lack of sufficient logical isolation is considered a key concern in virtualized environments. In the academic world this view has been reinforced during the last years by the demonstration of sophisticated side-channel attacks (SCAs). In this paper we argue that the feasibility of executing a SCA strongly depends on the actual context of the execution environment. To reflect on these observations, we propose a feasibility assessment framework for SCAs using cache based systems as an example scenario. As a proof of concept we show that the feasibility of cache-based side-channel attacks can be assessed following the proposed approach.
KW - Feasibility analysis
KW - Feasibility factors
KW - Security classifications
KW - Side-channel attacks
KW - Java programming language
KW - Execution environments
KW - Feasibility assessment
KW - Security classification
KW - Side channel attack
KW - Software resources
KW - Virtualized environment
KW - Virtual reality
M3 - Conference contribution/Paper
SN - 9781467392402
SP - 113
EP - 124
BT - 2014 11th International Conference on Security and Cryptography (SECRYPT)
PB - IEEE
ER -