direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

Publikationen

Do you get what you pay for? Using Proof-of-Work Functions to Verify Performance Assertions in the Cloud
Zitatschlüssel Koeppe2010
Autor Falk Köppe and Jörg Schneider
Buchtitel Proceedings of International Workshop on Cloud Privacy, Security, Risk & Trust (CPSRT 2010)
Seiten 687
Jahr 2010
ISBN 978-1-4244-9405-7
DOI 10.1109/CloudCom.2010.100
Ort Indianapolis, US
Zusammenfassung In the Cloud, the operators usually offer resources on a pay per use price model. The client gets access to a newly created virtual machine and has no direct access to the underlying hardware. Therefore, the client cannot verify whether the Cloud operator provides the negotiated amount of resources or only a fraction thereof. Especially, the assigned share of CPU time can be easily forged by the operator. The client could use a normal benchmark to verify the performance of his virtual machine. However, as the Cloud operator owns the underlying infrastructure, the operator could also tamper with the benchmark execution. We identified four attack vectors to modify the results of the benchmark. Based on these attack vectors, we showed that using proof-of-work functions can disable three of them. Proof-of-work functions are challenge response systems, where it is simple to generate a challenge and verify the result while solving the challenge is compute intensive. We implemented three proof-of-work functions in a prototype benchmark. Experiments showed that the runtime of the proof-of-work functions sufficiently relates to the results of the reference benchmark suite SPEC CPU2006.
Link zur Publikation Link zur Originalpublikation Download Bibtex Eintrag

Zusatzinformationen / Extras

Direktzugang

Schnellnavigation zur Seite über Nummerneingabe

Ansprechpartner

Jörg Schneider
+49 30 314-73388
Raum EN 357

Webseite