Computational Decoys for Cloud Security

Cloud-based applications benefit from the scalability and efficiency offered by server consolidation and shared facilities. However, the shared nature of cloud infrastructures may introduce threats stemming from the co-location and combination of untrusted components, in addition to typical risks due to the inevitable presence of weaknesses in the infrastructure itself. As a result, adversaries may be able to place themselves in monitoring proximity to high-value targets and gain unauthorized access to sensitive data. In this paper, the authors present DIGIT, a system that employs decoy computation to impede the ability of adversaries to take advantage of unauthorized access to sensitive information. DIGIT introduces uncertainly as to which data and computation is legitimate by generating a mix of real and decoy activity within a cloud application.

Provided by: Columbia University Topic: Cloud Date Added: May 2013 Format: PDF

Download Now

Find By Topic