{"id":"https://openalex.org/W2400179508","doi":"https://doi.org/10.1145/2897845.2897851","title":"Hardening OpenStack Cloud Platforms against Compute Node Compromises","display_name":"Hardening OpenStack Cloud Platforms against Compute Node Compromises","publication_year":2016,"publication_date":"2016-05-27","ids":{"openalex":"https://openalex.org/W2400179508","doi":"https://doi.org/10.1145/2897845.2897851","mag":"2400179508"},"language":"en","primary_location":{"id":"doi:10.1145/2897845.2897851","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2897845.2897851","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5110123099","display_name":"Wai Kit Sze","orcid":null},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wai Kit Sze","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101961676","display_name":"Abhinav Srivastava","orcid":"https://orcid.org/0000-0003-4995-2646"},"institutions":[{"id":"https://openalex.org/I1283103587","display_name":"AT&T (United States)","ror":"https://ror.org/02bbd5539","country_code":"US","type":"company","lineage":["https://openalex.org/I1283103587"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Abhinav Srivastava","raw_affiliation_strings":["AT&amp;T Labs - Research, Bedminster Township, NJ, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"AT&amp;T Labs - Research, Bedminster Township, NJ, USA","institution_ids":["https://openalex.org/I1283103587"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102886132","display_name":"R. Sekar","orcid":"https://orcid.org/0009-0008-9135-3296"},"institutions":[{"id":"https://openalex.org/I59553526","display_name":"Stony Brook University","ror":"https://ror.org/05qghxh33","country_code":"US","type":"education","lineage":["https://openalex.org/I59553526"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"R. Sekar","raw_affiliation_strings":["Stony Brook University, Stony Brook, NY, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Stony Brook University, Stony Brook, NY, USA","institution_ids":["https://openalex.org/I59553526"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":7.9496,"has_fulltext":false,"cited_by_count":21,"citation_normalized_percentile":{"value":0.97389082,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"341","last_page":"352"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9912999868392944,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.867613673210144},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.7725151777267456},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7459475994110107},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.5687687993049622},{"id":"https://openalex.org/keywords/virtual-machine","display_name":"Virtual machine","score":0.5586703419685364},{"id":"https://openalex.org/keywords/node","display_name":"Node (physics)","score":0.548431396484375},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5321551561355591},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5144875049591064},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.508288562297821},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.48812755942344666},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.48307135701179504},{"id":"https://openalex.org/keywords/virtualization","display_name":"Virtualization","score":0.4302317500114441},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.08323043584823608}],"concepts":[{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.867613673210144},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.7725151777267456},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7459475994110107},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.5687687993049622},{"id":"https://openalex.org/C25344961","wikidata":"https://www.wikidata.org/wiki/Q192726","display_name":"Virtual machine","level":2,"score":0.5586703419685364},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.548431396484375},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5321551561355591},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5144875049591064},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.508288562297821},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.48812755942344666},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.48307135701179504},{"id":"https://openalex.org/C513985346","wikidata":"https://www.wikidata.org/wiki/Q270471","display_name":"Virtualization","level":3,"score":0.4302317500114441},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.08323043584823608},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2897845.2897851","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2897845.2897851","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.6299999952316284}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W72335960","https://openalex.org/W78987640","https://openalex.org/W157928049","https://openalex.org/W180396117","https://openalex.org/W1992291252","https://openalex.org/W2004460663","https://openalex.org/W2048855209","https://openalex.org/W2056073317","https://openalex.org/W2077101621","https://openalex.org/W2106649514","https://openalex.org/W2116272682","https://openalex.org/W2119028650","https://openalex.org/W2122266630","https://openalex.org/W2133718106","https://openalex.org/W2135143063","https://openalex.org/W2160892968","https://openalex.org/W2167088175","https://openalex.org/W2169461225","https://openalex.org/W2169965429"],"related_works":["https://openalex.org/W2088620127","https://openalex.org/W2743348030","https://openalex.org/W2612791064","https://openalex.org/W2900408237","https://openalex.org/W1963799338","https://openalex.org/W2036412865","https://openalex.org/W2542775576","https://openalex.org/W2558538437","https://openalex.org/W2947629119","https://openalex.org/W2545334782"],"abstract_inverted_index":{"Infrastructure-as-a-Service":[0],"(IaaS)":[1],"clouds":[2],"such":[3,71],"as":[4],"OpenStack":[5],"consist":[6],"of":[7,10,32,38,49,58,70,171,180,222],"two":[8],"kinds":[9],"nodes":[11,16,22,28,61],"in":[12],"their":[13,100],"infrastructure:":[14],"control":[15,21,188],"and":[17,41,189,235],"compute":[18,27,39,60,96,167],"nodes.":[19,168],"While":[20],"run":[23],"all":[24,130],"critical":[25],"services,":[26],"host":[29],"virtual":[30],"machines":[31],"customers.":[33,131],"Given":[34],"the":[35,42,59,68,103,125,137,150,210],"large":[36],"number":[37],"nodes,":[40],"fact":[43],"that":[44,56,84,90,115,174,228],"they":[45,116],"are":[46,201],"hosting":[47],"VMs":[48],"(possibly":[50],"malicious)":[51],"customers,":[52],"it":[53],"is":[54,85,230],"possible":[55],"some":[57],"may":[62],"be":[63],"compromised.":[64],"This":[65,132,212],"paper":[66],"examines":[67],"impact":[69],"a":[72,78,94,154,172,177],"compromise.":[73],"We":[74,88],"focus":[75],"on":[76,166,219],"OpenStack,":[77],"popular":[79],"open-source":[80],"cloud":[81,105,127,138],"plat-":[82],"form":[83],"widely":[86],"adopted.":[87],"show":[89],"attackers":[91],"com-":[92],"promising":[93],"single":[95],"node":[97],"can":[98,108,175],"extend":[99],"controls":[101],"over":[102],"entire":[104],"infrastructure.":[106],"They":[107],"then":[109],"gain":[110],"free":[111],"access":[112,187],"to":[113,128,191,209,216],"resources":[114],"have":[117],"not":[118,144],"paid":[119],"for,":[120],"or":[121],"even":[122],"bring":[123],"down":[124],"whole":[126],"affect":[129],"startling":[133],"result":[134],"stems":[135],"from":[136],"platform's":[139],"misplaced":[140],"trust,":[141],"which":[142],"does":[143],"match":[145],"today's":[146],"threats.":[147],"To":[148],"overcome":[149],"weakness,":[151],"we":[152,184],"propose":[153],"new":[155],"system,":[156],"called":[157],"SOS":[158,163,169,205,218,229],",":[159],"for":[160],"hardening":[161],"OpenStack.":[162,211,223],"limits":[164],"trust":[165],"consists":[170],"framework":[173],"enforce":[176],"wide":[178],"range":[179],"security":[181],"policies.":[182],"Specifically,":[183],"applied":[185],"mandatory":[186],"capabilities":[190],"con-":[192],"fine":[193],"interactions":[194],"among":[195],"different":[196],"components.":[197],"Effective":[198],"confinement":[199],"policies":[200],"generated":[202],"automatically.":[203],"Furthermore,":[204],"requires":[206],"no":[207],"modifications":[208],"has":[213],"allowed":[214],"us":[215],"deploy":[217],"multiple":[220],"versions":[221],"Our":[224],"experimental":[225],"results":[226],"demonstrate":[227],"scalable,":[231],"incurs":[232],"negligible":[233],"overheads":[234],"offers":[236],"strong":[237],"protection.":[238]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":8},{"year":2016,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}