Show simple item record

dc.contributor.authorGodfrey, Michael
dc.contributor.otherQueen's University (Kingston, Ont.). Theses (Queen's University (Kingston, Ont.))en
dc.date2013-09-25 18:03:47.737en
dc.date.accessioned2013-09-26T22:09:37Z
dc.date.available2013-09-26T22:09:37Z
dc.date.issued2013-09-26
dc.identifier.urihttp://hdl.handle.net/1974/8320
dc.descriptionThesis (Master, Computing) -- Queen's University, 2013-09-25 18:03:47.737en
dc.description.abstractAs Cloud services become more commonplace, recent works have uncovered vulnerabilities unique to such systems. Specifi cally, the paradigm promotes a risk of information leakage across virtual machine isolation via side-channels. Unlike conventional computing, the infrastructure supporting a Cloud environment allows mutually dis- trusting clients simultaneous access to the underlying hardware, a seldom met requirement for a side-channel attack. This thesis investigates the current state of side-channel vulnerabilities involving the CPU cache, and identifi es the shortcomings of traditional defenses in a Cloud environment. It explores why solutions to non-Cloud cache-based side-channels cease to work in Cloud environments, and describes new mitigation techniques applicable for Cloud security. Speci cally, it separates canonical cache-based side-channel attacks into two categories, Sequential and Parallel attacks, based on their implementation and devises a unique mitigation technique for each. Applying these solutions to a canonical Cloud environment, this thesis demonstrates the validity of these Cloud-specifi c, cache-based side-channel mitigation techniques. Furthermore, it shows that they can be implemented, together, as a server-side approach to improve security without inconveniencing the client. Finally, it conducts a comparison of our solutions to the current state-of-the-art.en_US
dc.languageenen
dc.language.isoenen_US
dc.relation.ispartofseriesCanadian thesesen
dc.rightsThis publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner.en
dc.subjectCPU Cacheen_US
dc.subjectServer Side Defenseen_US
dc.subjectCloud Computingen_US
dc.subjectSecurityen_US
dc.subjectSide Channelen_US
dc.titleOn the Prevention of Cache-Based Side-Channel Attacks in a Cloud Environmenten_US
dc.typethesisen_US
dc.description.degreeMasteren
dc.contributor.supervisorZulkernine, Mohammaden
dc.contributor.departmentComputingen


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record