5 research outputs found
Replica placement to mitigate attacks on clouds
Execution of critical services traditionally requires multiple distinct replicas, supported by independent networks and
hardware. To operate properly, these services often depend on the correctness of a fraction of replicas, usually over
2/3 or 1/2. Defying the ideal situation, economical reasons may tempt users to replicate critical services onto a single
multi-tenant cloud infrastructure. Since this may expose users to correlated failures, we assess the risks for two kinds of
majorities: a conventional one, related to the number of replicas, regardless of the machines where they run; and a
second one, related to the physical machines where the replicas run. This latter case may exist in multi-tenant
virtualized environments only.
To assess these risks, under crash and Byzantine failures of virtual and physical machines, we resort to theoretical and
experimental evaluation. Contrary to what one might expect, we conclude that it is not always favorable to distribute
replicas evenly over a fixed number of physical machines. On the contrary, we found cases where they should be as
unbalanced as possible. We systematically identify the best defense for each kind of failure and majority to preserve.
We then review the most common real-life attacks on clouds and discuss the a priori placement of service replicas
that minimizes the effects of these attacks