Computational Decoys for Cloud Security

Provided by: Columbia University
Topic: Cloud
Format: PDF
Cloud-based applications benefit from the scalability and efficiency offered by server consolidation and shared facilities. However, the shared nature of cloud infrastructures may introduce threats stemming from the co-location and combination of untrusted components, in addition to typical risks due to the inevitable presence of weaknesses in the infrastructure itself. As a result, adversaries may be able to place themselves in monitoring proximity to high-value targets and gain unauthorized access to sensitive data. In this paper, the authors present DIGIT, a system that employs decoy computation to impede the ability of adversaries to take advantage of unauthorized access to sensitive information. DIGIT introduces uncertainly as to which data and computation is legitimate by generating a mix of real and decoy activity within a cloud application.

Find By Topic