On Mitigating the Risk of Cross-VM Covert Channels in a Public Cloud

摘要

Virtualization is one of the key enablers in cloud computing. At the same time, though, it is also widely considered as a double-edged sword that may cause information leakage between virtual machines (VM) co-residing on the same physical server via various cross-VM covert channels. In this paper, we first explore the impact of different bystander workloads on cross-VM covert channels. Then, we use a Continuous Time Markov Process to model the impact of bystanders on the cross-VM covert channel in terms of both the work scheduling of the virtualization platform and the intensity of the bystander workloads. Based on empirical study, we quantify the relationship between the influential factors and the transmission quality of the covert channel. A tailored and lightweight VM provisioning strategy, which aims to ensure that bystander workloads on each server can cause sufficiently high error rates to covert channels, is proposed to mitigate the threat of cross-VM covert channels while maintaining the resource efficiency of virtualization. The efficiency and efficacy of the proposed VM provisioning strategy is evaluated through trace-driven simulations.