• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Computers & Security >Building safe PaaS clouds: A survey on security in multitenant software platforms
【24h】

Building safe PaaS clouds: A survey on security in multitenant software platforms

机译:构建安全的PaaS云:多租户软件平台中的安全性调查

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

This paper surveys the risks brought by multitenancy in software platforms, along with the most prominent solutions proposed to address them. A multitenant platform hosts and executes software from several users (tenants). The platform must ensure that no malicious or faulty code from any tenant can interfere with the normal execution of other users' code or with the platform itself. This security requirement is specially relevant in Platform-as-a-Service (PaaS) clouds. PaaS clouds offer an execution environment based on some software platform. Unless PaaS systems are deemed as safe environments users will be reluctant to trust them to run any relevant application. This requires to take into account how multitenancy is handled by the software platform used as the basis of the PaaS offer. This survey focuses on two technologies that are or will be the platform-of-choice in many PaaS clouds: Java and .NET. We describe the security mechanisms they provide, study their limitations as multitenant platforms and analyze the research works that try to solve those limitations. We include in this analysis some standard container technologies (such as Enterprise Java Beans) that can be used to standardize the hosting environment of PaaS clouds. Also we include a brief discussion of Operating Systems (OSs) traditional security capacities and why OSs are unlikely to be chosen as the basis of PaaS offers. Finally, we describe some research initiatives that reinforce security by monitoring the execution of untrusted code, whose results can be of interest in multitenant systems.
机译:本文调查了软件平台中多租户带来的风险,以及为解决这些问题而提出的最杰出的解决方案。多租户平台托管并执行来自多个用户(租户)的软件。该平台必须确保任何租户的恶意代码或错误代码都不会干扰其他用户代码或平台本身的正常执行。在平台即服务(PaaS)云中,此安全要求特别重要。 PaaS云提供了基于某些软件平台的执行环境。除非将PaaS系统视为安全环境,否则用户将不愿意信任他们运行任何相关应用程序。这需要考虑用作PaaS产品基础的软件平台如何处理多租户。这项调查重点研究了许多PaaS云中将成为或将成为首选平台的两种技术:Java和.NET。我们描述它们提供的安全机制,以多租户平台的形式研究其局限性,并分析试图解决这些局限性的研究工作。在此分析中,我们包括一些标准容器技术(例如Enterprise Java Bean),可用于标准化PaaS云的托管环境。此外,我们还简要讨论了操作系统(OS)的传统安全功能,以及为何不太可能选择OS作为PaaS产品的基础。最后,我们描述了一些研究方案,这些方案通过监视不受信任的代码的执行来增强安全性,其结果可能在多租户系统中引起关注。

著录项

  • 来源
    《Computers & Security》 |2012年第1期|p.96-108|共13页
  • 作者

    Luis Rodero-Merino; Luis M. Vaquero; Eddy Caron; Adrian Muresan; Frederic Desprez;

  • 作者单位

    UMR CNRS - ENS de Lyon - INRIA - UCB Lyon 5668, 46 allee d'ltalie, F-69364 Lyon, France,Universidad Politecnica de Madrid, Facultad de In/ormdtica, B2 L3201,28660 Boadilla del Monte, Madrid, Spain;

    Hewlett-Packard labs, Stoke Gufford BS34 8QZ, Bristol, UK;

    UMR CNRS - ENS de Lyon - INRIA - UCB Lyon 5668, 46 allee d'ltalie, F-69364 Lyon, France,SysFera, 13 cours Albert Einstein, 69100 Villeurbanne, Trance;

    UMR CNRS - ENS de Lyon - INRIA - UCB Lyon 5668, 46 allee d'ltalie, F-69364 Lyon, France;

    UMR CNRS - ENS de Lyon - INRIA - UCB Lyon 5668, 46 allee d'ltalie, F-69364 Lyon, France,SysFera, 13 cours Albert Einstein, 69100 Villeurbanne, Trance;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    security; cloud; paas; multitenancy; container; java; NET;

    机译:安全;云;帕斯多租户;容器;java;净;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号