On Trustworthiness of CPU Usage Metering and Accounting

In the envisaged utility computing paradigm, a user taps a service provider´s computing resources to accomplish her tasks, without deploying the needed hardware and software in her own IT infrastructure. To make the service profitable, the service provider charges the user based on the resources consumed. A commonly billed resource is CPU usage. A key factor to ensure the success of such a business model is the trustworthiness of the resource metering scheme. In this paper, we provide a systematic study on the trustworthiness of CPU usage metering. Our results show that the metering schemes in commodity operating systems should not be used in utility computing. A dishonest server can run various attacks to cheat the users. Many of the attacks are surprisingly simple and do not even require high privileges or sophisticated techniques. To demonstrate that, we experiment with several types of attacks on Linux and show their adversarial effects. We also suggest that source integrity, execution integrity and fine-grained metering are the necessary properties for a trustworthy metering scheme in utility computing.