Home // CLOUD COMPUTING 2013, The Fourth International Conference on Cloud Computing, GRIDs, and Virtualization // View article

OpenStack Cloud Security Vulnerabilities from Inside and Outside

Authors:
Sasko Ristov
Marjan Gusev
Aleksandar Donevski

Keywords: Cloud Computing, Security Assessment, Virtualization

Abstract:
As usage of cloud computing increases, customers are mainly concerned about choosing cloud infrastructure with sufficient security. Concerns are greater in the multi-tenant environment on a public cloud. This paper addresses the security assessment of OpenStack open source cloud solution and virtual machine instances with different operating systems hosted in the cloud. The methodology and realized experiments target vulnerabilities from both inside and outside the cloud. We tested four different platforms and analyzed the security assessment. The main conclusions of the realized experiments show that multi-tenant environment raises new security challenges, there are more vulnerabilities from inside than outside and that Linux based Ubuntu, CentOS and Fedora are less vulnerable than Windows. We discuss details about these vulnerabilities and show how they can be solved by appropriate patches and other solutions.

Pages: 101 to 107

Copyright: Copyright (c) IARIA, 2013

Publication date: May 27, 2013

Published in: conference

ISSN: 2308-4294

ISBN: 978-1-61208-271-4

Location: Valencia, Spain

Dates: from May 27, 2013 to June 1, 2013