David Hadas

Reservoir - When One Cloud Is Not Enough

As cloud computing becomes more predominant, the problem of scalability has become critical for cloud computing providers. The cloud paradigm is attractive because it offers a dramatic reduction in capital and operation expenses for consumers.

Secure Logical Isolation for Multi-tenancy in cloud storage

Storage cloud systems achieve economies of scale by serving multiple tenants from a shared pool of servers and disks. This leads to the commingling of data from different tenants on the same devices. Typically, a request is processed by an application running with sufficient privileges to access any tenants data; this application authenticates the user and authorizes the request prior to carrying it out. Since the only protection is at the application level, a single vulnerability threatens the data of all tenants, and could lead to cross-tenant data leakage, making the cloud much less secure than dedicated physical resources. To provide security close to physical isolation while allowing complete resource pooling, we propose Secure Logical Isolation for Multi-tenancy (SLIM). SLIM incorporates the first complete security model and set of principles for the safe logical isolation between tenant resources in a cloud storage system, as well as a set of mechanisms for implementing the model. We show how to implement SLIM for OpenStack Swift and present initial performance results.

Plugging the hypervisor abstraction leaks caused by virtual networking

Virtual machines are of very little use if they cannot access the underlying physical network. Virtualizing the network has traditionally been considered a challenge best met by such network-centric measures as VLANs, implemented by switches. We begin by arguing that network virtualization is best done by hypervisors, not switches. We then show that modern hypervisors do a poor job in virtualizing the network, leaking details of the physical network into virtual machines. For example, IP addresses used across the hosts physical network, are exposed to guest virtual machines. We then propose a method for plugging the network-related leaks by ensuring that the virtual network traffic is encapsulated inside a host envelope prior to transmission across the underlying physical network. In order to overcome the performance hit related to traffic encapsulation, we analyze the unique case of virtual machine traffic encapsulation, exploring the problems arising from dual networking stacks --- the guests and the hosts. Using a number of simple optimizations, we show how an unmodified guest under the KVM hypervisor can reach throughput of 5.5Gbps for TCP and 6.6Gbps for UDP for encapsulated traffic, compared to 280Mbps and 510Mbps respectively when using the default guest and host networking stacks.

Availability Assessment of a Vision Cloud Storage Cluster

VISION Cloud is a European Commission funded project, whose aim is to design and propose a new architecture for a scalable and flexible cloud environment. The VISION Cloud reference architecture considers a single cloud as composed by multiple distributed data centers each of which can be composed by a great number of storage clusters. On top of the storage rich nodes forming each cluster, a distributed file system is built. In this paper, we provide an stochastic reward net model for a storage cluster in the context of the storage cloud environment proposed by the VISION Cloud project. The proposed model represents a first step in the direction of obtaining a quantification of the availability level reached through the use of the VISION Cloud proposed architecture from a user perspective.