Exploiting timing side channel in secure cloud scheduling

Sachin Kadloor, Negar Kiyavash

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Traditionally, scheduling policies used in event schedulers have been designed to optimize performance based metrics such as throughput and delay while maintaining some notion of fairness. In multi-tenancy cloud environments, it is important to ensure privacy of the users because a scheduler creates a timing based side channel through which malicious users can learn about the service usage pattern of the others. In this chapter, we demonstrate the existence of a timing side channel in shared schedulers and discuss the design of secure scheduling policies. When a processor is shared by multiple users, the delays experienced by jobs from one user are a function of the arrival pattern of jobs from other users, and the scheduling policy of the server. Consequently, a scheduling system creates a timing side channel in which information about arrival pattern from one user is inadvertently leaked to another. In this work, this information leakage is studied for a two user scheduling system. We first introduce a measure of privacy and then demonstrate that no scheduler can provide maximum privacy without idling/taking vacations, and consequently no policy can simultaneously be delay and privacy optimal.

Original languageEnglish (US)
Title of host publicationHigh Performance Cloud Auditing and Applications
PublisherSpringer
Pages147-168
Number of pages22
Volume9781461432968
ISBN (Electronic)9781461432968
ISBN (Print)1461432952, 9781461432951
DOIs
StatePublished - Nov 1 2014

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Exploiting timing side channel in secure cloud scheduling'. Together they form a unique fingerprint.

Cite this