Storage cloud systems achieve economies of scale by serving multiple tenants from a shared pool of servers and disks. This leads to the commingling of data from different tenants on the same devices. Typically, a request is processed by an application running with sufficient privileges to access any tenant's data; this application authenticates the user and authorizes the request prior to carrying it out. Since the only protection is at the application level, a single vulnerability threatens the data of all tenants, and could lead to cross-tenant data leakage, making the cloud much less secure than dedicated physical resources.
To provide security close to physical isolation while allowing complete resource pooling, we propose Secure Logical Isolation for Multi-tenancy (SLIM). SLIM incorporates the first complete security model and set of principles for the safe logical isolation between tenant resources in a cloud storage system, as well as a set of mechanisms for implementing the model. These principles lead to the potentially costly conclusion that each request should be handled by a new process. We present a detailed design, implementation and performance analysis of a process factory to greatly reduce the cost while still preserving secure isolation. Finally, we show how to implement SLIM for OpenStack Swift and present performance results, showing SLIM with our optimizations provides an order of magnitude improvement over a naive implementation of process isolation.
Authors: Michael Factor, David Hadas, Aner Hamama, Nadav Har'el, Hillel Kolodner, Anil Kurmus, Eran Rom, Alexandra Shulman-Peleg and Alessandro Sorniotti.
Hillel Kolodner is a Senior Technical Staff Member in the Systems Technologies department at the IBM Haifa Research Lab. In the past he has worked on the implementation of Java for multiprocessor servers, especially on automatic memory management (garbage collection). Recently, he has worked on virtualization and management technologies for cloud computing. Currently, he is working on cloud object stores and is the PI for VISION Cloud , an European Commission FP7 Integrated Project developing storage cloud technologies. Hillel holds a Ph.D. and M.S. in Computer Science from the Massachusetts Institute of Technology, and a B.A. in Mathematics and a B.S.E. in Computer Science from the University of Pennsylvania.