University of Calgary
UofC Navigation

Side Channels in Multi-Tenant Environments

Date & Time:
November 20, 2014 | 3:00 pm
Biological Sciences, Room 587
Michael Reiter, Lawrence M. Slifkin Distinguished Professor, University of North Carolina at Chapel Hill


With the growth of cloud computing, the security provided by public clouds to their tenants is increasingly being scrutinized, in part because these clouds arrange for mutually distrustful tenants to simultaneously execute tasks on the same hardware.  In this talk we explore a long-suspected but, to date, largely hypothetical attack vector in public clouds, namely "side-channel attacks" in which one tenant might learn sensitive information about another tenant simply by running on the same hardware with it, but without violating the logical access control enforced by the cloud's isolation software (hypervisor or operating system). Specifically, we demonstrate the practicality of damaging cross-tenant side-channel attacks on modern hypervisors and operating systems, including some that we have demonstrated on commercial public clouds. We will then describe various approaches we have developed to defend against side-channel attacks in cloud environments, both inexpensive defenses against our specific attacks and more holistic but expensive protections.


Prof. Reiter's research interests include all areas of computer and communications security and distributed computing. His present research focuses primarily on security of cloud computing and networks, as well as usable security. Prof. Reiter was named an ACM Fellow in 2008 and an IEEE Fellow in 2014.

View Event Poster