Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...最新文献
In this paper we introduce the novel notion called Verifiable Private Equality Test (VPET) and propose an efficient 2-party protocol for its implementation. VPET enables two parties to securely perform an arbitrary number of comparisons on a fixed collection of (key, value) pairs and thus it is more generic than existing techniques such as Private Equality Test and Private Set Intersection.� In addition, we demonstrate how higher-level protocols such as Privacy-Preserving Reconciliation on Ordered Sets (PROS) can be implemented using VPET.� Using simulation-based techniques, our new protocols are proven secure in the malicious model. Furthermore, we present a theoretical complexity analysis as well as a thorough experimental performance evaluation of the C++ implementation of our new VPET and PROS protocols.
{"title":"Verifiable private equality test: enabling unbiased 2-party reconciliation on ordered sets in the malicious model","authors":"D. Mayer, S. Wetzel","doi":"10.1145/2414456.2414482","DOIUrl":"https://doi.org/10.1145/2414456.2414482","url":null,"abstract":"In this paper we introduce the novel notion called Verifiable Private Equality Test (VPET) and propose an efficient 2-party protocol for its implementation. VPET enables two parties to securely perform an arbitrary number of comparisons on a fixed collection of (key, value) pairs and thus it is more generic than existing techniques such as Private Equality Test and Private Set Intersection.\u0000 In addition, we demonstrate how higher-level protocols such as Privacy-Preserving Reconciliation on Ordered Sets (PROS) can be implemented using VPET.\u0000 Using simulation-based techniques, our new protocols are proven secure in the malicious model. Furthermore, we present a theoretical complexity analysis as well as a thorough experimental performance evaluation of the C++ implementation of our new VPET and PROS protocols.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88748277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Web browsers are undoubtedly one of the most popular user applications. This is even more evident in recent times, with Google introducing a platform where the browser is the only application provided to the user. With their modular and extensible architecture, modern browsers are also an appealing platforms for third-party software developers, who can easily publish new extensions to extend any standard web browser functionality. Extendability is a crucial feature that makes web browsers a very attractive service platform. From a security perspective, however, extensions opened up new opportunities for attacks. Most extensions do not require any special privilege to be installed, despite their ability to access all the user private data. Delegating the decision about extension's security to trusted parties is not a conclusive solution, given that privacy-breaching behavior has been found even in store-approved extensions [1].
{"title":"Memoirs of a browser: a cross-browser detection model for privacy-breaching extensions","authors":"Cristiano Giuffrida, Stefano Ortolani, B. Crispo","doi":"10.1145/2414456.2414461","DOIUrl":"https://doi.org/10.1145/2414456.2414461","url":null,"abstract":"Web browsers are undoubtedly one of the most popular user applications. This is even more evident in recent times, with Google introducing a platform where the browser is the only application provided to the user. With their modular and extensible architecture, modern browsers are also an appealing platforms for third-party software developers, who can easily publish new extensions to extend any standard web browser functionality. Extendability is a crucial feature that makes web browsers a very attractive service platform. From a security perspective, however, extensions opened up new opportunities for attacks. Most extensions do not require any special privilege to be installed, despite their ability to access all the user private data. Delegating the decision about extension's security to trusted parties is not a conclusive solution, given that privacy-breaching behavior has been found even in store-approved extensions [1].","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74374854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Call-record analysis is one of the oldest tools used in defense, law-enforcement, and business intelligence. For example, the NSA collected over 1.9 trillion call records between 2001 and 2004 [1]. A call-record database allows both single link (e.g., time, initiation, frequency of a call) and cluster analysis of calls in the temporal, spatial, and frequency domains. It can also indicate overlaps among different clusters, such as those obtained from different investigations, and similarity of clusters, such as those obtained when a group of targets changes their phone numbers but not their communication habits [10, 12].
{"title":"Discovering records of private VoIP calls without wiretapping","authors":"C. Jong, V. Gligor","doi":"10.1145/2414456.2414495","DOIUrl":"https://doi.org/10.1145/2414456.2414495","url":null,"abstract":"Call-record analysis is one of the oldest tools used in defense, law-enforcement, and business intelligence. For example, the NSA collected over 1.9 trillion call records between 2001 and 2004 [1]. A call-record database allows both single link (e.g., time, initiation, frequency of a call) and cluster analysis of calls in the temporal, spatial, and frequency domains. It can also indicate overlaps among different clusters, such as those obtained from different investigations, and similarity of clusters, such as those obtained when a group of targets changes their phone numbers but not their communication habits [10, 12].","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75588800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To meet the demand of scalability and usability, many real-world authentication systems have adopted the idea of responsibility shifting, explicitly or implicitly, where a user's responsibility of authentication is shifted to another entity, usually in case of failure of the primary authentication method. One example of responsibility shifting is in the fourth-factor authentication [1] whereby a user gets the crucial authentication assistance from a helper who takes over the responsibility. In the fourth-factor authentication system [1], subverting/coercing the helper (trustee) allows the adversary to log in without capturing the password of the user.
{"title":"Coercion resistance in authentication responsibility shifting","authors":"Payas Gupta, Xuhua Ding, Debin Gao","doi":"10.1145/2414456.2414512","DOIUrl":"https://doi.org/10.1145/2414456.2414512","url":null,"abstract":"To meet the demand of scalability and usability, many real-world authentication systems have adopted the idea of responsibility shifting, explicitly or implicitly, where a user's responsibility of authentication is shifted to another entity, usually in case of failure of the primary authentication method. One example of responsibility shifting is in the fourth-factor authentication [1] whereby a user gets the crucial authentication assistance from a helper who takes over the responsibility. In the fourth-factor authentication system [1], subverting/coercing the helper (trustee) allows the adversary to log in without capturing the password of the user.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80255043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Acker, Nick Nikiforakis, Lieven Desmet, W. Joosen, F. Piessens
The last fifteen years have transformed the Web in ways that would seem unimaginable to anyone of the "few" Internet users of the year 1995 [8]. What began as a simple set of protocols and mechanisms facilitating the exchange of static documents between remote computers is now an everyday part of billions' of users life, technical and non-technical alike. The sum of a user's daily experience is composed of open standards, such as HTML, JavaScript and Cascading Style Sheets as well as proprietary plugins, such as Adobe's Flash [1] and Microsoft's Silverlight [6].
{"title":"FlashOver: automated discovery of cross-site scripting vulnerabilities in rich internet applications","authors":"S. Acker, Nick Nikiforakis, Lieven Desmet, W. Joosen, F. Piessens","doi":"10.1145/2414456.2414462","DOIUrl":"https://doi.org/10.1145/2414456.2414462","url":null,"abstract":"The last fifteen years have transformed the Web in ways that would seem unimaginable to anyone of the \"few\" Internet users of the year 1995 [8]. What began as a simple set of protocols and mechanisms facilitating the exchange of static documents between remote computers is now an everyday part of billions' of users life, technical and non-technical alike. The sum of a user's daily experience is composed of open standards, such as HTML, JavaScript and Cascading Style Sheets as well as proprietary plugins, such as Adobe's Flash [1] and Microsoft's Silverlight [6].","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79483739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
At Eurocrypt 2005, Sahai and Waters [7] introduced the concept of attribute-based encryption (ABE). ABE enables public key based one-to-many encryption and is envisioned as a promising cryptographic primitive for realizing scalable and fine-grained access control systems. There are two kinds of ABE schemes [1], key-policy ABE (KP-ABE) and ciphertext-policy ABE (CP-ABE) schemes. This paper, our concern is on the latter.
{"title":"Expressive CP-ABE with partially hidden access structures","authors":"Junzuo Lai, R. Deng, Yingjiu Li","doi":"10.1145/2414456.2414465","DOIUrl":"https://doi.org/10.1145/2414456.2414465","url":null,"abstract":"At Eurocrypt 2005, Sahai and Waters [7] introduced the concept of attribute-based encryption (ABE). ABE enables public key based one-to-many encryption and is envisioned as a promising cryptographic primitive for realizing scalable and fine-grained access control systems. There are two kinds of ABE schemes [1], key-policy ABE (KP-ABE) and ciphertext-policy ABE (CP-ABE) schemes. This paper, our concern is on the latter.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74033172","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In a virtualization-based cloud infrastructure, customers of the cloud deploy virtual machines (VMs) with their own applications and customized runtime environments. The cloud provider supports the execution of these VMs without detailed knowledge of the guest applications and operating systems in the VMs. In addition to elastic resource provisioning for the VMs, a desirable "value-added" service the cloud provider can provide is the emergency response to runtime incidences of software bugs and vulnerabilities. The challenge is to facilitate the automatic runtime detection, location, and patching of the software vulnerability -- outside the VMs and without the source code. In this paper, we present CloudER, a cloud "emergency room" architecture that automatically detect, locate, and patch software vulnerabilities in cloud application binaries at runtime. CloudER leverages an existing taint-based system (Demand Emulation) for runtime anomaly detection, employs new algorithms for software vulnerability location and patch generation, and adapts a virtual machine introspection system (XenAccess) for dynamic patching. Our preliminary evaluation experiments with a number of real-world server applications show that CloudER achieves timely response to runtime software faults or attacks from outside the VMs. The main contributions of this paper are highlighted as follows: (1) CloudER is an integrated architecture that improves the runtime reliability of cloud applications. It covers the full life cycle of exploit detection, culprit instruction location, patch generation and application, and execution state recording and reset -- all performed from outside the protected VM and without the source code of the applications. (2) While leveraging existing techniques for taint-based exploit detection, CloudER involves new methods for culprit instruction location and binary patch generation. The methods cover some of the most common types of software vulnerabilities and the patches generated are of small size (tens of bytes). (3) CloudER incurs reasonable performance overhead to the application in comparison with running the application in an unprotected VM. The interruption to the production VM's execution (for culprit instruction location and patch generation) is less than half a minute in our experiments with real-world applications.
{"title":"CloudER: a framework for automatic software vulnerability location and patching in the cloud","authors":"Ping Chen, Dongyan Xu, Bing Mao","doi":"10.1145/2414456.2414485","DOIUrl":"https://doi.org/10.1145/2414456.2414485","url":null,"abstract":"In a virtualization-based cloud infrastructure, customers of the cloud deploy virtual machines (VMs) with their own applications and customized runtime environments. The cloud provider supports the execution of these VMs without detailed knowledge of the guest applications and operating systems in the VMs. In addition to elastic resource provisioning for the VMs, a desirable \"value-added\" service the cloud provider can provide is the emergency response to runtime incidences of software bugs and vulnerabilities. The challenge is to facilitate the automatic runtime detection, location, and patching of the software vulnerability -- outside the VMs and without the source code. In this paper, we present CloudER, a cloud \"emergency room\" architecture that automatically detect, locate, and patch software vulnerabilities in cloud application binaries at runtime. CloudER leverages an existing taint-based system (Demand Emulation) for runtime anomaly detection, employs new algorithms for software vulnerability location and patch generation, and adapts a virtual machine introspection system (XenAccess) for dynamic patching. Our preliminary evaluation experiments with a number of real-world server applications show that CloudER achieves timely response to runtime software faults or attacks from outside the VMs. The main contributions of this paper are highlighted as follows: (1) CloudER is an integrated architecture that improves the runtime reliability of cloud applications. It covers the full life cycle of exploit detection, culprit instruction location, patch generation and application, and execution state recording and reset -- all performed from outside the protected VM and without the source code of the applications. (2) While leveraging existing techniques for taint-based exploit detection, CloudER involves new methods for culprit instruction location and binary patch generation. The methods cover some of the most common types of software vulnerabilities and the patches generated are of small size (tens of bytes). (3) CloudER incurs reasonable performance overhead to the application in comparison with running the application in an unprotected VM. The interruption to the production VM's execution (for culprit instruction location and patch generation) is less than half a minute in our experiments with real-world applications.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89897709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
H. Vijayakumar, Guruprasad Jakka, S. Rueda, Joshua Schiffman, T. Jaeger
Protecting host system integrity in the face of determined adversaries remains a major problem. Despite advances in program development and access control, attackers continue to compromise systems forcing security practitioners to regularly react to such breaches. While security practitioners may eventually learn which entry points in programs must be defended over a software's lifetime, new software and configuration options are frequently introduced, opening additional vulnerabilities to adversaries. The application developers' problem is to identify the program entry points accessible to adversaries and provide necessary defenses at these entry points before the adversaries use these to compromise the program. Unfortunately, this is a race that developers often lose. While some program vulnerable entry points are well-known (mostly network), the complexity of host systems makes it difficult to prevent local exploits should attackers gain control of any unprivileged processing. The question we explore in this paper is whether the program entry points accessible to adversaries can be found proactively, so defenses at these entry points can also be developed proactively.
{"title":"Integrity walls: finding attack surfaces from mandatory access control policies","authors":"H. Vijayakumar, Guruprasad Jakka, S. Rueda, Joshua Schiffman, T. Jaeger","doi":"10.1145/2414456.2414500","DOIUrl":"https://doi.org/10.1145/2414456.2414500","url":null,"abstract":"Protecting host system integrity in the face of determined adversaries remains a major problem. Despite advances in program development and access control, attackers continue to compromise systems forcing security practitioners to regularly react to such breaches. While security practitioners may eventually learn which entry points in programs must be defended over a software's lifetime, new software and configuration options are frequently introduced, opening additional vulnerabilities to adversaries. The application developers' problem is to identify the program entry points accessible to adversaries and provide necessary defenses at these entry points before the adversaries use these to compromise the program. Unfortunately, this is a race that developers often lose. While some program vulnerable entry points are well-known (mostly network), the complexity of host systems makes it difficult to prevent local exploits should attackers gain control of any unprivileged processing. The question we explore in this paper is whether the program entry points accessible to adversaries can be found proactively, so defenses at these entry points can also be developed proactively.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89610967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cheng-Kang Chu, Joseph K. Liu, Xinyi Huang, Jianying Zhou
A prominent issue in group signatures is revoking a group member's signing capability. To solve this issue, the group manager can send revocation messages only to signature verifiers, known as group signatures with verifier-local revocation (VLR). In existing VLR designs, the cost of revocation check grows linearly with the size of revocation messages. This paper introduces time-bound keys into group signatures to reduce the size of revocation messages and speed up the revocation check. In the new notion, the secret key of each group member is associated with an expiration date, and verifiers can tell (at a constant cost) whether or not a group signature is produced using an expired key. Consequently, revocation messages only need to provide the information about group members revoked prematurely (e.g., due to key compromise) but not those with expired keys. This will lead to a significant saving on revocation check in situations where prematurely revoked members are only a small fraction of revoked members. Following this approach, we give two concrete designs of group signatures with VLR to demonstrate the trade-offs between efficiency and privacy.
{"title":"Verifier-local revocation group signatures with time-bound keys","authors":"Cheng-Kang Chu, Joseph K. Liu, Xinyi Huang, Jianying Zhou","doi":"10.1145/2414456.2414470","DOIUrl":"https://doi.org/10.1145/2414456.2414470","url":null,"abstract":"A prominent issue in group signatures is revoking a group member's signing capability. To solve this issue, the group manager can send revocation messages only to signature verifiers, known as group signatures with verifier-local revocation (VLR). In existing VLR designs, the cost of revocation check grows linearly with the size of revocation messages. This paper introduces time-bound keys into group signatures to reduce the size of revocation messages and speed up the revocation check. In the new notion, the secret key of each group member is associated with an expiration date, and verifiers can tell (at a constant cost) whether or not a group signature is produced using an expired key. Consequently, revocation messages only need to provide the information about group members revoked prematurely (e.g., due to key compromise) but not those with expired keys. This will lead to a significant saving on revocation check in situations where prematurely revoked members are only a small fraction of revoked members. Following this approach, we give two concrete designs of group signatures with VLR to demonstrate the trade-offs between efficiency and privacy.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78843445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sören Bleikertz, Anil Kurmus, Zoltán A. Nagy, M. Schunter
In recent years, Cloud Computing has gained remarkable popularity due to the economic and technical benefits provided by this new way of delivering computing resources. Businesses can offload their IT infrastructure into the cloud and benefit from rapid provisioning, scalability, and cost advantages. While cloud computing can be implemented on different abstraction levels, we focus on Infrastructure Clouds such as Amazon EC2 [1] that provide virtual machines, storage, and networks.
{"title":"Secure cloud maintenance: protecting workloads against insider attacks","authors":"Sören Bleikertz, Anil Kurmus, Zoltán A. Nagy, M. Schunter","doi":"10.1145/2414456.2414505","DOIUrl":"https://doi.org/10.1145/2414456.2414505","url":null,"abstract":"In recent years, Cloud Computing has gained remarkable popularity due to the economic and technical benefits provided by this new way of delivering computing resources. Businesses can offload their IT infrastructure into the cloud and benefit from rapid provisioning, scalability, and cost advantages. While cloud computing can be implemented on different abstraction levels, we focus on Infrastructure Clouds such as Amazon EC2 [1] that provide virtual machines, storage, and networks.","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2012-05-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77508963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: