Security in Multi-Tenancy Cloud

Amarnath Jasti, Payal Shah, Rajeev Nagaraj and Ravi Pendse Department of Electrical Engineering and Computer Science, Wichita State University 1845 N Fairmount, Wichita, Kansas 67260 USA {amarnath.jasti, phshah, rxnagaraj, ravi.pendse}@wichita.edu
Abstract - Cloud computing creates exciting opportunities like reduced costs and flexibility to the users. It also comprises of some risks like data security within the cloud. Several common security threats like data leakage, insecure APIs, and malicious inside users are applicable to cloud computing environment as well. In this paper, the authors consider a cloud computing service where multiple Virtual Machines (VMs) are co-located on the same physical server. In such systems, physical resources are transparently shared by the VMs belonging to multiple users. In systems like these, a malicious user having control of a VM can try to gain control over other VMs resources or utilize all system resources leading to denial of resource attack over other VM users. A malicious user can also try to steal the data of other users located on the same server by compromising hypervisor file system (logical volumes). In this paper, security threats associated with cloud computing environment are evaluated. Authors also explore how such co-existent of VMs can be exploited to gain access over other users data or deny service and propose constructive security measures that can be deployed to avoid such attacks. Index Terms Cloud computing, Hypervisor, Virtualization, Virtual Machine (VM), multi-tenancy. This is more of a price model which focuses more on the business aspects of the technology. Cloud computing has overcome the disadvantages of both these two techniques and provides a highly scalable platform than the other two. Cloud computing is a new technology that provides software and platform as a service to the users on the fly. The users request the resources for some period of time, at certain cost, as decided by the Cloud Service Provider (CSP). Examples of the resources shared include the disk space, processing time, memory utilization, network bandwidth, etc. Typically different users are assigned different VMs that are running on the same underlying physical hardware. While this is an effective way of resource sharing, it poses higher levels of threat on data security and might provide a favorable platform for intruders and hackers. Since the end users of the resources could be various reputed organizations or individuals, it is very important to protect the confidentiality, availability and integrity of the data. Another important aspect of cloud computing is the concept of multi tenancy in VMs. Multi tenancy can be viewed as a hierarchical model, where appropriate policies are enforced on the VMs at every level leading to better governance and segmentation of the consumers. Enforcing different policies at different levels of hierarchy also leads to a secure environment for the consumers to store and access their confidential data. The other advantage of multi tenancy include, prioritizing the users at various levels according to their needs and better management of resources. In this research, the authors simulate the possible security threats in a server virtualized environment belonging to a cloud where different VMs are assigned to different users Rest of the paper is organized as follows. Section II explains cloud architectures, section III explains working of Hypervisors and Virtualization, and section IV explains various security threats in a multi-tenancy cloud followed by test bed, simulations and results in section V and VI respectively. II. Before the advent of cloud computing, two other techniques known as the grid computing and utility computing had gained momentum in the area of data storage. In a grid computing platform, resources from different computers are combined to achieve a single goal. Usually these computers are geographically separated. Thus, the resource management within a grid is very complex and needed complex computations to determine the resource requirement for future expansion. Utility computing is a technique in which the resources are measured as a metered service and every organization that makes use of the service is liable to pay. A.

I.

INTRODUCTION

With the exponentially growing data in modern times, there arises a need to efficiently store and manage the data. SANs have become increasingly popular in hosting new and robust technologies such as storage and server virtualization, cloud computing and the like. These techniques have cut the cost of any additional hardware needed and have led to better resource sharing and consolidation. With the advent of virtualization and hypervisors, several operating systems known as Virtual Machines (VMs) are made to run on the same physical hardware. Cloud computing in SAN has revolutionized the way resources are shared and is expanding in new horizons.

CLOUD ARCHITECTURE

Service Layers of Cloud Computing

Cloud Computing offers three types of services: Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) [1] as shown in the fig.1. 1) Software as a Service (SaaS): In a SaaS platform, the applications requested by the users are offered on demand. A single instance of the software is made available to the users over internet. The management and maintenance

978-1-4244-7402-8/10/$26.00 2010 IEEE

of the software is centralized and is not done at the users node. Since single software can be shared by many users, this type of service can be regarded as one-to-many or said to possess multi tenant architecture. The SaaS platform ensures that the latest software is available to its users and the users do not have to explicitly purchase the expensive software. However, since this is a network based service, it should be ensured that the network is up and running at all times for the user to access it. Examples of SaaS include Google Apps, NetSuite, and Oracle CRM on demand, etc.

malicious user is able to get access to the location of the software, then the malicious user will have the ability to make the resource unavailable to all the other users. Similarly, other attacks can be carried out from different services that are provided by the CSP. The paper further discusses about the attacks that can be carried out in a cloud environment in Section IV. B. Building a Cloud.

The Cloud architecture is segregated into seven different layers where each layer has a very significant role. 1) Cloud Ecosystem: The cloud ecosystem module is responsible for maintaining the user account information on the cloud and providing the user with web services. The web portal for the cloud and the process of sign in and processing the submitted order is managed by the Cloud Vendor Dashboard. Cloud Vendor Dashboard offers its interaction interfaces for the value-added services to the client. The integrated view of the front-end and back-end operations such as marketing, business activities, solution design are offered by the Cloud Vendor Dashboard. 2) Virtualization: Servers, data centers, software packages such as WebSphere Application Server (WAS), DB2 database and Lightweight Directory Access Protocol (LDAP) are included in the Cloud Core Infrastructures. LDAP looks after the users and access control information. The hardware virtualization is handled by the Portal Servers. The Cloud Core Infrastructures includes the hardware virtualization and the software virtualization where hardware means to check with the availability of the hardware equipment whereas software checks with the virtualization technology to share the software images, code or application sharing. 3) Service-Orientation Module: The main responsibility of the service orientation module is to enable reusability of services. There are two main types of reusable services namely, cloud vertical and cloud horizontal business services. Horizontal services are used to hide the underlying complexity of using databases and middleware. Horizontal services are also responsible for Customer Relationship Management (CRM) and Enterprise Resource Planning (ERP). The vertical services are responsible for the maintenance of domain specific utility services such as shipping and payment services. 4) Cloud Core Module: Service Provisioning, Service Deprovisioning, extension and termination of a contract are taken care of by the cloud core module. The Cloud Core Module is sub categorized in Cloud Provisioning and the Subscription Service. Cloud vendors use the Cloud Provisioning Services to share the cloud resources and the Subscription Services are used for role definitions, checking the subscriptions agreed by the user. 5) Cloud Offering Module: More value-added services are added to the existing Cloud Provisioning Services without changing the base architecture. This module gives the flexibility for the cloud vendors to share the data centers with clients.

Fig. 1: Cloud Services 2) Platform as a Service (PaaS): Unlike SaaS, in a PaaS platform, the entire hardware is provided to the user as a virtualized entity and the user can deploy his own applications on the hardware provided. PaaS also provides high scalability; the user can request for additional hardware and expand his resources. The service providers in a PaaS support multiple programming languages to be used by the user and that can be ported to different platforms. The user is permitted to manage his infrastructure with the help of programming tools provided, but is denied access to the server, network or the host Operating System. Examples of PaaS include AppEngine from Google, LongJump etc. 3) Infrastructure as a Service (IaaS): IaaS offers a pool of servers, routers, switches and other systems which are necessary for the application components that can host high performance applications. The user interacts with the infrastructure where the functions are provisioned by the service provider. It allows the ability to process, store and perform other fundamental computing on the given resources. A user can deploy and run arbitrary software including the operating systems and applications. The user need not manage the cloud infrastructure but has control on the devices and the applications (software). Security plays an important role irrespective of the service provided by the cloud service provider (CSP) to the clients. When a service such as SaaS is considered, the CSP will host third-party software for all its clients to access. However, if a

6) Cloud Information architecture: Data st structures, project information, business scenarios are defined in this , module. The data and data structures are stored in the DB2 database which is defined for the users. 7) Cloud quality and governance Module This module Module: keeps track of the start and end time of provisioning and de e deprovisioning of a service and also keeps a record of whether the services being offered are as per the contract and terms. This module offers the license to the users, which define the defines limited access of the resources. The user credentials, account details, software and edentials, resource allocation are managed by the different layers of the cloud. Ensuring security in all the above discussed layers plays a vital role in securing the overall cloud. Since the users managing the cloud will have complete access to the different ve layers, an inside user can try to attack from within the cloud and hence providing security at different layers is essential. In the near future VMs will play a very important role; hence providing security to VMs is necessary. In cloud architecture . VMs are an entity in the virtualization layer. In this research authors consider security in virtualization layer III.

virtualization - Para virtualization and full virtualization [3]. 1) Para Virtualization

Para virtualization is a server virtualization technique in which the guest OSs are aware of being executed in a virtual environment. Para virtualization improves the performance of the system. It involves the modification of the OS Kernel to replace non virtualizable instructions with hypercalls that communicates directly with the hypervisor. 2) Full Virtualization

Full Virtualization is used to abstract the physical hardware resources to make a complete virtual system where the Guest OS could be executed. The guest OS is not aware of being executed in the virtualized environment. With the ease of virtualization, the applications and software could be easily streamlined between different are machines. The major advantage of this would be isolation hence providing highly secure systems. XEN consists of two domains Domain 0 and Domain U [8], [14]. The Domain 0, usually denoted as Dom0 is used to manage the other domains. The Domain U is denoted as DomU as shown below in fig. 2. When the hypervisor is . initialized, Dom0 is created as the first VM which has privileged access to use the XEN hypervisor while the other VMs dont have. The system administrator can make the necessary changes, start or stop the other VMs from the Dom0. To run the VM, the hypervisor must have Dom0 to be running. If an attacker can get access to Dom0 then he will be able to gain access to other VMs. The guests which are running in the Domain U are referred as DomU PV Guests and DomU HVM Guests. DomU allows multiple VMs to run on the Hypervisor. DomU is handled and launched by the . Dom0. DomU can consist of unmodified OS or special modified OS. Domain U doesnt have access to the actual acce physical hardware and hence is known as unprivileged.

XEN HYPERVISOR AND VIRTUALIZATION

Hypervisor which is also known as VM Monitor, allows many VMs to be deployed concurrently on a single OS. Hypervisor is a software layer, which is located above the actual physical OS. Hypervisor provides a virtual platform for the guest OS also known as VMs. The major advantage of . having virtualized environment is isolation and maximum ion usage of the resources [7]. The Hypervisors a classified as are two types, type 1 and type 2. Type 1 Hypervisors (native or bare metal) Type 1 metal): hypervisors are used to monitor the guest OS and to control the hardware. Type 1 hypervisors are located on the physical e server. The guest OS runs on another level above the hypervisor. Some examples of type 1 hypervisors are VMware ESXi and Citrix XENServer. Type 2 Hypervisors (hosted): Type 2 hypervisors runs on the host OS. Since the type 2 hypervisor runs on the host OS, ypervisor the guest OS runs two levels above the host OS. Type 2 hypervisors are used in less critical applications such as I/O device support and memory management. Most common type 2 hypervisors are Sun VirtualBox, VMware Server and Microsoft Virtual PC. The simulations carried out in the paper are done by using the XEN Hypervisor and VMWare. The following section gives a brief overview on working of the XEN Hypervisor. A. XEN Hypervisor:

XEN is an open source hypervisor. XEN provide a provides systematic way to manage the resources such as CPU, I/O and memory. An instance in the XEN environment is just an operating system and loaded on the top of the XEN hypervisor. XEN hypervisor is unaware of any external storage devices, network. XEN supports bo orts both types of

Fig 2: Structure of XEN Hypervisor Domain U PV Guests are those guests which run in para virtualized mode and DomU HVM Guests are those which run U in full virtualized mode. The DomU PV Guest is aware that it is running in the virtual environment and knows that there are other VMs running and is sharing the physical hardware with

them whereas the DomU HVM Guest is not aware that it is sharing the physical resources B. Communication between Domains:

cloud computing server virtualization also plays a very important role. When the VMs are deployed on the physical server security threats always play a major role. Even during the everyday routine utilization there is always a way for the attackers to consolidate their VMs and gain control over the OS. VMs could be moved over from one host to another and has a major threat of being collapsed. While the VM is copied over the network, the state of the VM could be On, Off or suspended. The technology of running different VMs is getting ubiquitous. Each VM has its own specific application and data which could be either public or private. To secure this data the service providers have to ensure the security measures between the VMs. Being on the same physical server, it is quite possible that a malicious attacker could take control of the other VM. Depending on the application, the hypervisor on which the VM runs should be capable enough to manage the resources such as the guest memory, physical memory, CPU, network bandwidth among the VMs, etc. The memory available on the hypervisors system is known as the host physical memory [11]; memory allocated to the guest OS is known as the guest physical memory. The guest physical memory is visible only to the applications which are running inside a VM. C. Scheduler:

XEN includes two drivers in the Dom0 which can support all the read and write requests coming from the Guest Domains. The two drivers are Network Backend Driver and Block Backend Driver. When a request comes from DomU (VMs), the Network Backend Driver communicates directly with the local physical hardware and the Block Backend Driver further proceeds to establish a connection with the local storage disk depending on the requests from DomU. To access the disk, DomU PV Guest consists of its own drivers called as PV Network Driver and PV Block Driver. A DomU HVM Guest doesnt consist of any drivers within it but has different special daemon. If a DomU PV Guest needs to write on the local disk, then it has to first communicate with the Dom0.

Every time a VM instance is created on a host machine, the hypervisor allocates resources for that particular instance. We can consider the software that is running on the host machine as an application which provides a platform for the VMs to run on it. The user is allowed to allocate a limited size of the resources such as memory and I/O to each VM while creation. Once a user sets the limitations on resources, the VMs segments the drive space on the host machine and dedicates the allocated resources to the VMs for execution. The XENServer uses a fair-share balancing algorithm [10] for sharing the CPU resources between the host machine and the VMs. The scheduler used in the XENserver is a smart processor load balancer which moves automatically between the host machines core and the VMs CPU. There is a provision in the XENserver to control the access time for I/O operations of a VM thus reducing the operation time for switching between the host machine and the VM. However, during the research the authors observed that, when the processors were overloaded with multiple processes running simultaneously the VM's were able to acquire resources more than allocated. The results for the tests are discussed in Section VI. When a VM is launched, required files [12] to invoke the VM are automatically created on the hypervisor. The files that are created include logs, hardware information and configurations of the operating system running on the VM. These files essentially contain all the information that the hypervisor needs to run the VM on the host machine. Each VM creates its own set of files and records any updates made to that on the allocated disk space.

Fig 3: Inter Domain Communication A request from the PV Block Driver is received by the DomU PV Guest to write to the shared memory, is then sent to the Dom0 via the XEN hypervisor as an interrupt, thereby causing access to the appropriate shared memory blocks. The data is then written on the local hard disk which is defined at the desired specific location which is also shared by the Dom0. There exists an event channel between the Dom0 and DomU for communication with each other and write data on the local disk. The event channel consists of specific interrupts which allow both the Domains to quickly share the data from the local memory as shown in fig 3. The different domains in XEN hypervisor are also known as VMs. Thus it is possible to move from one domain to another with the event channel. VMs provide ease of accessing different OS on the same physical machine. We can run multiple VMs on the same physical hardware resulting in the ease of testing, mobility, isolation and less hardware. The disadvantages includes increase in cost for the one physical server instead of multiple physical hardware, slowness of the machine, degraded performance and not the least Security. In

Securing these files would be of primary importance because replication of a particular instance could be performed with the help of these files. Gaining access to these files would result in compromising with the security aspects of the VM. Furthermore, when we consider cloud computing, a vendor providing services to a client ensures to uphold the confidentiality of the host machine. During the initiation of a VM all the information of the VM is stored in the allocated memory. By gaining access to this information, an attacker can launch an attack on the VMs which are hosted on the same server. In case of multitenancy, a single server would host several VMs on it and thus would have the respective configuration files of all VMs stored on the host. Since each VM is separated by a virtual boundary, an attacker gaining access to one of such files could be able to predict the actual hardware configuration of another VM residing on the same host. The primary configuration file contains all the necessary information of a VM. Gaining access to these files and breaking into a VM is known as VM Hijacking. Essentially, with the primary configuration file, a swap file is created which records all the information performed on the VM. The swap file records are changed on a per session basis and this file can be only accessed by the hypervisor. When an operation is performed on a VM, the change is first made on the swap file and then written on to the configuration file for storing. With this background authors are able to understand the security concerns prevailing within VMs. The security would be a main aspect since all these information would be stored on a single host with a common storage system. The attacks that are discussed could be easily performed by getting access to any of the files on the host machine. These attacks seem to be impossible from within a VM because of the fact that the attacker will not be able to gain access to configuration files of another VM. However, an attacker from the inside who has access to the host machine resources could easily execute them. Looking from outside, cloud computing offers different possible independent VMs separated within the host by virtual boundaries. In order to gain access over the VMs or the hypervisor, an attacker can think of different possible ways to break into a VM. The following section discusses the possible attacks that could be performed on the cloud. IV. SECURITY IN CLOUD It is very difficult to secure the VMs because of the upcoming techniques on how-to-attack a VM or gain control over the Hypervisor. VMs are mobile so they could be easily located on different hypervisors as per the availability of the resources. The most risk of being attacked is while are the VMs are moved. So the question here which arises is should the VMs status be off or suspended while moving. The security policies for such mobile VMs should be very secure which needs to be assured with the other hypervisors security policy. If the security policy doesnt accompany then the VM becomes vulnerable. Current security measures dont provide complete security as the measures have become very basic. So we need to think above the cloud to provide security and ensure the cloud is secure and safe. The cloud providers or

organizations which provide services must educate the people, network and server admins regarding the security threats and the preventive measures that can be taken. The VM threats, attacks or vulnerabilities can pose a great impact on the OS. An attacker if able to gain access over the Hypervisor, then the whole Server could be at risk. All the VMs running over the hypervisor would be compromised. Following are the possible threats that could compromise the other VM or the hypervisor itself. A. VM Hopping

VM hopping [4,] [6] is the process of hopping from one VM to another VM as shown in the fig.4. An attacker being on one VM can gain access over the other VM. This can be achieved if both the VMs are running on the same host. An attacker on VM1 can gain access over the other VM2 on the same host by knowing the IP address of the VM2 or gaining access over the host itself. When two VMs are deployed over the same host, and if the attacker gains access over the host, he can monitor the traffic going over the VM2; hence can attack the VM2 by changing the flow of traffic or manipulate the traffic itself. Also the attacker can change the files of the VM2 by changing the configuration file. If VM2 is running since a long time, an attacker can modify the configuration file such that the VM2 goes to off state. Therefore the ongoing communication could be stopped. Also it can abruptly stop, so the communication is incomplete. When the connection is resumed, the VM needs to start the entire communication again.

Fig.4 VM Hopping B. VM Escape

VM Escape [6] means gaining access over the Hypervisor and attacking rest of the other VMs. If an attacker gains access to the host running multiple VMs, the attacker can access the resources which are shared by the other VMs. The host can monitor the memory being allocated and the CPU utilization. If necessary an attacker can bring down these resources and turn off the hypervisor. If the hypervisor fails, all the other VMs turn off eventually. C. Mobility

VMs are portable [4]. We can move the VM from one host to the other. Also we can copy a VM over the Network or copy them through a USB. Since VM are not inherently present on the physical machine, the threat for an attack increases. The contents of the VM are stored in a file on the hypervisor. As

shown in the fig. 5 if the VM is moved to another location, then f the virtual disk is also recreated and hence an attacker can then modify the source configuration file and alter the VMs activities. Also the VM could be compromised if the VM is offline. An attacker can modify the configuration file and turn an off the VM. Gaining access to the virtual disk, attacker has . sufficient time to break in all the security measure such as passwords, important credentials, etc. Since this VM is a copy of the actual VM, it is difficult to trace the attacker with this cult threat.

VI. SIMULATIONS AND RESULTS To determine the resource allocation for the host machines allocatio various experiments on the VMs were conducted and the results are analyzed. The experimental setup is discussed in the Section V. Multiple VMs are created and resources such as CPU, memory and network usage were analyzed. , 1) Network Usage on VM: Fig.7 represents the network share between the host and the VMs. There was no network activity on the host during the entire test and thus the graph for the host remained constant. During the experiment VM1 was initialized and made to download data from remote downloa server and we found that VM1 had the full share of the NIC as seen in graph at point (A). Similarly, after the completion of the download in VM1, a download was initiated in VM2. We could observe that VM2 had the full share of the resources as resour shown in the graph at point (B). Finally, a download was initiated on both the VMs simultaneously and during the initial few seconds of the download VM2 had more share of the bandwidth than VM1. Authors observed a pattern where first initialized VM gets bigger share of bandwidth initially. As the initially download process progresses, all VMs tend to get almost same bandwidth.

Fig 5: VM Mobility V.

TEST BED

The setup used for this paper includes an Ubuntu 9.1 server, an open source cloud platform Eucalyptus, Xen/KVM hypervisor and a node. Eucalyptus is installed on the Ubuntu server and Xen/KVM hypervisor is loaded on the node. The node contains Ubuntu server OS and is connected to the server. The server communicates with the node using the help erver of node controller installed on it. When a user makes a request to fetch a service, the server gets a request and h processes the request before forwarding the information to the node. The node offering the service starts to communicate vice with the user through the front end and thus a session is established. Fig. 6 shows the test-bed used for carrying out bed different simulations. Fig 7: Network Resource sharing in VMs : 2) CPU Sharing on VM: The CPU utilization by the VMs is as shown in the following graphs in fig.8. The VMs were allocated with 30% of CPU and 1GB of memory. VM1 was initialized and several processes were run on the VM. The authors were able to observe that the VM was able to use up all the resources allocated to it. Once the VM exceeded the th allocated memory, the VM started to utilize more resources , than the VM was allocated initially. Simultaneously VM2 was also initiated and several processes were made to run on it. wer The VM2 also showed the same behavior. 2 Hence the authors were able to observe that by overloading thors the VM with active processes, the VM would start utilizing V more resources than the allocated hence breaking the virtual boundaries between them. Such behavior can starve other VMs hosted on the same server from utilizing their share of CPU resources completely leading to an underperforming cloud. This would be one of the drawbacks of multi-tenancy in multi cloud computing. Fig 6: Test Bed setup

used by hypervisors, there is a need for more powerful algorithms to reduce the effect of attacks that can be caused due to process overloading. However, work related to mitigate some of these threats is in progress. The current research that the authors are looking is in the area of writing/reading information into a different VM by gaining access to it. Issues such as user authentication in Cloud Ecosystem and providing Ecosyste security in VM hopping are also currently being studied by the authors. Securing Configuration files to reduce the attacks . such as VM mobility could be prevented. VI. REFERENCES Fig 8: CPU utilization on VM1 and VM2 3) Memory Usage on VM: The tests were conducted to research on the memory utilization of the VMs when on operating on the same host. The graphs as show in Fig 9 and fig 10, the memory utilization of VM1 and VM2. Identical operations were performed on both the VMs and the authors were able to observe that both graphs resembled each other. sembled In fig. 9 there is a steep rise in memory utilization however in ry utilization, fig. 10 we can see that there is a gradual increase. This is due to the fact that both the VMs had different OS running on it. From the results, the authors inferred that VMs were unable to take more memory than the allocated memory. [1] Liang-Jie Zhang, Qun Zhou: CCOA: Cloud Computing Jie Open Architecture, 2009 IEEE international Conference. EEE [2] Shuai Zhang, Shufen Zhang, Xuebin Chen, Xiuzhen Huo: Cloud Computing Research and Development Trend, 2010 Second International Conference on Future Networks. [3] Joel Kirch, Virtual machine Security Guidelines, The Center for Internet Security, September 2007. rnet [4] Doug Hyde, A Survey On the Security of Virtual Machines, April 2009. [5] Jim Carr, Two vulnerabilities found in VMware virtualization products, http://www.scmagazineus.com, February 2008. [6] Ken Owens, Securing Virtual Computer Infrastructure in Infr the Cloud, SavvisCorp. [7] Inigo Goiri, Jordi Guitart: Autonomic resource Guitart management for the XEN Hypervisor. [8] Min Lee, A S Krishnakumar, P Krishnan, Navjot Singh, Shalini Yajnik: Supporting Soft Real- Time in the XEN Real Hypervisor. [9] Tim Ables, Puneet Dhawan, Balasubramanian Chandreshekaran :An Overwier of XEN Virtualization, Dell Inc. [10] Virtual Machine Resource Sharing and Control ID: CTX115814, Citrix Systems Inc. [11] Understanding Memory Resource Management in VMware ESX Server, VMware Inc. Inc [12] VMware Workstation 5.5, VMware Inc. ion Inc [13] Thomas Ristenpart, Eran Tromer, Hovav Shacham, Shacham Stefan Savage: Hey, You, Get off My Cloud: Explloring Information Leakage in Third- Party Compute Clouds, No16th ACM Conference on Computer and Communication Security, November 2009. 2009 [14] XEN, How does XEN Work? , http://www.XEN.org, http://www. December 2009.

Fig 9: Memory Utilization for VM1 :

Fig 10: Memory Utilization for VM2 : VII. CONCLUSIONS This research paper mainly focused on various security threats in Cloud Computing. Authors were able to demonstrate how a malicious VM user can impair other VMs and the data. Although, the algorithms such as fair gorithms fair-share are