Spectre and Cloud : An evaluation of threats in shared computation environments
- The processor flaws used in the Spectre and Meltdown attacks have had uncharacteristically large media impact, even gaining coverage in main-stream media. This is despite the fact that this type of exploit has not been used in any real world attacks and is unlikely to target consumers, as simpler attack vectors still remain highly effective. However, because Spectre affects any processor which uses speculative execution, with little hope for a "silver bullet" in the near future, Spectre seems to be here to stay. While Spectre might not be very relevant to the consumer market, it is quite relevant where safety is usually paramount: the cloud. It promises cost reduction and safety through offloading maintenance and updating tasks to gigantic providers like Amazon’s AWS. But how secure can the most up-to-date platform be, if the used hardware is inherently flawed to the core? This paper provides a high level explanation of the Spectre attack, shows potential Spectre attack vectors in a shared cloud environment and discusses some defensive measures.
Verfasserangaben: | Moritz Mundhenke |
---|---|
URN: | urn:nbn:de:bsz:953-opus-408 |
Dokumentart: | Sonstiges |
Sprache: | Englisch |
Jahr der Fertigstellung: | 2019 |
Beteiligte Körperschaft: | Hochschule Mannheim |
Datum der Freischaltung: | 27.08.2019 |
Freies Schlagwort / Tag: | Cloud; Security; Spectre |
Seitenzahl: | 7 |
Erste Seite: | 1 |
Letzte Seite: | 7 |
Fakultäten / Einrichtungen: | Fakultät für Informatik |
DDC-Sachgruppen: | 000 Allgemeines, Informatik, Informationswissenschaft |
Zugriffsrecht: | Frei zugänglich |
Lizenz (Deutsch): | ![]() |