• DocumentCode
    650655
  • Title

    Cloud-Based Application Whitelisting

  • Author

    Hizver, Jennia ; Chiueh, Tzi-cker

  • Author_Institution
    Dept. of Comput. Sci., Stony Brook Univ., Stony Brook, NY, USA
  • fYear
    2013
  • fDate
    June 28 2013-July 3 2013
  • Firstpage
    636
  • Lastpage
    643
  • Abstract
    Cloud computing ushers in an era of consolidated information technology infrastructure that is elastic, available and scalable. Virtualization is a critical building block in this evolution and enables centralized, consistent, and policy-driven administration of the underlying computing resources and their protection. This paper presents a cloud-based application whitelisting system called CLAW, which leverages this centralized management flexibility to guarantee that only application binaries in a pre-approved set are allowed to run in each virtual machine under its management. In addition, by applying virtual machine introspection technology, CLAW performs this security policy enforcement without installing any agents inside the managed VMs. We describe the key techniques in the design and implementation of CLAW and compare them with previous hypervisor-based application whitelisting systems. Empirical measurements on a Xen-based CLAW prototype for Windows-based virtual machines show that the run-time performance overhead of out-of-VM application whitelisting is under 10%.
  • Keywords
    cloud computing; security of data; virtual machines; Windows-based virtual machines; Xen-based CLAW prototype; centralized management flexibility; cloud computing; cloud-based application whitelisting system; hypervisor-based application; security policy enforcement; virtual machine introspection technology; Cloud computing; Data structures; Kernel; Libraries; Loading; Monitoring; Process control;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cloud Computing (CLOUD), 2013 IEEE Sixth International Conference on
  • Conference_Location
    Santa Clara, CA
  • Print_ISBN
    978-0-7695-5028-2
  • Type

    conf

  • DOI
    10.1109/CLOUD.2013.48
  • Filename
    6676751