The cloud is a shared computing environment with a value beyond the sum of its parts. The number of customers that data-centers can serve, comparative advantages, and the ability to manage depreciation allow computing at economies of scale. The cloud allows for every element of factors of production to translate into goods and services. This shared environment spans across a vast clientele, introducing self-sustaining security risks. The vulnerabilities extend beyond the traditional gaps in computer security, through exploitation of the cloud’s efficiency structures.
Shared computing resources enable the existence of co-resident attack vectors on cloud platforms. This study considered the result of modeling co-resident threats in simulation at the boundaries of game-theory using real-world workloads, scalable hardware specifications, and recognized attack parameters. Both attacker and benign user variables were adapted to an extended-time and geographically defined game-space and the results of the co-resident risk determined on an ecological scale.
This study sought to determine the applicability of this technique to emergent cloud structures. The current cloud trend is toward finer granularity programming of applications, where decoupling of data and algorithms into developer customized programming is ceded to by monolithic applications. This phasing into micro-service based limited purpose coding is called Functions-as-a-Service (FaaS). Supporting this feature is provider management, configuration, and patching which anchors FaaS in a serverless interface.
This cloud evolution of code, storage, and presentation into distinct sectors has altered the security environment into discrete sectors by reducing state, ephemeral hosting, and transient runtimes to enable the sought after economic efficiency. Where this increased the cloud dynamism, it also redistributed the cost to benefit analysis. The effective implementation of the game-theory principles required validation on this economic structure.
Index Terms – Cloud computing, data leakage, game-theory, mutli-tenancy, securit
