DOCSLIB.ORG

Security Analysis of Cloud Control Interfaces

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Security Analysis of Cloud Control Interfaces How Private is Your Private Cloud? Security Analysis of Cloud Control Interfaces Dennis Felsch Mario Heiderich Frederic Schulz Horst Görtz Institute for Horst Görtz Institute for Horst Görtz Institute for IT-Security IT-Security IT-Security Bochum, Germany Bochum, Germany Bochum, Germany [email protected] [email protected] [email protected] Jörg Schwenk Horst Görtz Institute for IT-Security Bochum, Germany [email protected] ABSTRACT Keywords The security gateway between an attacker and a user's pri- Cloud Security; Cloud Interface; Infrastructure as a Service; vate data is the Cloud Control Interface (CCI): If an at- XSS; CSRF tacker manages to get access to this interface, he controls the data. Several high-level data breaches originate here, the latest being the business failure of the British company 1. INTRODUCTION Code Spaces. According to NIST Special Publication 800-145 [24], cloud In such situations, using a private cloud is often claimed computing can be categorized into three service models: to be more secure than using a public cloud. In this paper, Software as a Service (SaaS), Platform as a Service (PaaS), we show that this security assumption may not be justi- and Infrastructure as a Service (IaaS). In this paper, we fied: We attack private clouds through their rich, HTML5- concentrate on IaaS cloud systems. An IaaS cloud provides based control interfaces, using well-known attacks on web the consumer with full control over the (virtualized) infras- interfaces (XSS, CSRF, and Clickjacking) combined with tructure to use. A consumer has the choice between differ- novel exploitation techniques for Infrastructure as a Service ent (virtual) hardware configurations and operating systems clouds. (bundled into a Virtual Machine, VM), and may select net- We analyzed four open-source projects for private IaaS work configurations and storage systems. cloud deployment (Eucalyptus, OpenNebula, OpenStack, and openQRM) in default configuration. We were able to com- The Cloud Control Interface (CCI). promise the security of three cloud installations (Eucalyptus, Even if all other components of a cloud system (VMs, vir- OpenNebula, and openQRM) One of our attacks (OpenNeb- tual networks, persistent storage) are protected by perime- ula) allowed us to gain root access to VMs even if full perime- ter security systems (network separation, firewalls, IDS), the ter security is enabled, i.e. if the cloud control interface is Cloud Control Interface (CCI, interface 4 in Figure 1) nec- only reachable from a certain segment of the company's net- essarily must be exposed to the outside world, since it must work, and if all network traffic is filtered through a firewall. allow for \on-demand self-service" [24]. Therefore, CCIs are We informed all projects about the attack vectors and pro- implemented as public web APIs, mostly as a web applica- posed mitigations. As a general recommendation, we pro- tion, but also in form of REST or SOAP-based APIs. pose to make web management interfaces for private clouds This gives an attacker the same type of access as the le- inaccessible from the Internet, and to include this technical gitimate user, thus a user's data is only secure if the CCI is requirement in the definition of a private cloud. secure. Just to mention one serious attack from 2014, the British company Code Spaces went out-of-business because an attacker seized control over their Amazon AWS CCI and, after the company had been blackmailed and refused to pay, deleted all company data including backups in the Cloud.1 Permission to make digital or hard copies of all or part of this work for personal or Because of this impact of a possible security breach of a classroom use is granted without fee provided that copies are not made or distributed CCI, we believe that CCIs should employ any know security for profit or commercial advantage and that copies bear this notice and the full citation measure to protect themselves. Unfortunately, this is not the on the first page. Copyrights for components of this work owned by others than the case: Especially web application CCIs suffer from the com- author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or plexity of the interface, which not only supports the growing republish, to post on servers or to redistribute to lists, requires prior specific permission range of HTML5 standards (Scriptless Attacks), but also im- and/or a fee. Request permissions from [email protected]. CCSW’15, October 16, 2015, Denver, Colorado, USA. plements legacy features going back to DOM Level 0 (DOM Copyright is held by the owner/author(s). Publication rights licensed to ACM. 1 ACM 978-1-4503-3825-7/15/10 ...$15.00. http://www.infoworld.com/article/2608076/ DOI: http://dx.doi.org/10.1145/2808425.2808432. data-center/murder-in-the-amazon-cloud.html 5 hps://admin.cloud.tld nario 2, a firewall is used to block direct access to the CCI from the Internet. The latter may be seen as a straightfor- Start new VM Store Data persistently ward \provisioning" of a cloud implementation for private Change SSH key use. Monitor all VMs Persistent Data Storage 2 Attacking Private Clouds. 4 Cloud Management Since private clouds are provisioned for use by a single en- Plaorm (CMP), e.g. OpenStack, tity only, attacks on the virtualization layer may only be Eucalyptus, DHCP 3 performed by insiders, i. e. employees of the entity using OpenNebula DNS the cloud. We therefore concentrate on attacks on the CCI 1 itself, which can be accessed through a variety of APIs. In this paper, we concentrate on the Web API, i. e. the API VM VM VM VM VM VM VM VM VM accessible through a standard web browser. On a high level, the success of some of our attacks even Hypervisor Hypervisor Hypervisor in the presence of perimeter security mechanism like Fire- OS OS OS ... walls can be explained as follows: We use a web browser Compute Node 1 Compute Node 2 Compute Node 3 as our "malicious insider" within the company network. The browser receives instructions through port 80 (HTTP), which is open in any firewall, and may transfer stolen data through Figure 1: IaaS cloud building blocks the same port. The transformation of a "trusted browser" into a "mali- Clobbering), undocumented browser behaviour (mXSS) and cious insider" is done through standard web attacks: Either large 3rd party libraries (e.g. jQuery). we directly control browser actions (CSRF) invisible to the user, or we execute malicious script code in the web interface The Promises of Private Clouds. (XSS). Private Clouds are often advertised as being more secure than their Public Cloud counterparts, and thus as a solution Attacks on Web Interfaces. for securely protecting company data. [24] describes these Web browsers are often used as the user's interface to a different deployment models, which are mostly applied to cloud: They are available for any operating system, the the IaaS service model: Private Clouds, provisioned for the markup (HTML5, XHTML), data (XML, JSON), script- use of a single entity, Public Clouds which are accessible for ing (JavaScript, XSLT) and style (CSS) languages are plat- open use by the general public, and two intermediate models, form independent, their communication protocols (HTTP, Community and Hybrid Clouds. In this paper, we concen- HTTPS, WebSockets) should pass through any firewall, and trate on private cloud deployments. According to [24] this is they are free-of-charge. defined as follows: \Private cloud. The cloud infrastructure However, this wealth of features (which grows steadily) is provisioned for exclusive use by a single organization com- comes at the price of enhanced vulnerabilities: Scripting prising multiple consumers (e.g., business units). It may be functionality may be misused through inserting malicious owned, managed, and operated by the organization, a third JavaScript into a web page (XSS, Scriptless Attacks), auto- party, or some combination of them, and it may exist on or matic rendering features may be misused to remotely control off premises." the browser in a malicious way (CSRF), style languages may ISO/IEC 17788 [15] gives more or less the same descrip- be used to mask attacks (UI Redressing), and simple fire- tion of this deployment model: \A private cloud may be walls do not protect against these attacks. All these attacks owned, managed, and operated by the organization itself or are described in Section 4.2. a third party [...]. Private clouds seek to set a narrowly con- By using the same browser both for browsing the Web trolled boundary around the private cloud based on limiting and for accessing security critical applications, attack vec- the customers to a single organization" [15]. tors may be carried from the web through the firewall to the Both NIST and ISO definitions are organizational in their application, where they are executed. nature and do not define, how the deployment models differ from a technical point of view. For example, the bound- ary mentioned in the ISO definition could be realized using Results. firewalls and network separation techniques. However, if a Of the four systems investigated, we were able to break se- private cloud is operated by a third party, as mentioned in curity of the web interfaces of Eucalyptus, OpenNebula, and the standard, the security gain of a firewall protection is openQRM. In each of these systems, we found at least one questionable. attack that also worked if access to the web interface was In this paper, we investigate if private clouds really give restricted by a firewall blocking all direct access. All three better security, by investigating the technical features of four major systems were well designed, but the inclusion of a prominent cloud projects (Eucalyptus, OpenNebula, Open- direct data channel through the web browser to each VM Stack) which are also deployed as private clouds, and a small proved to be problematic.
Load more

Recommended publications
  • Based Services Using XRI-Based Apis for Enabling New E-Business
    International Journal of E-Business Development May. 2013, Vol. 3 Iss. 2, PP. 64-74 An Approach for the Composition of Generic Cloud- Based Services Using XRI-Based APIs for Enabling New E-Business Antonio Celesti1, Francesco Tusa2, Massimo Villari3, Antonio Puliafito4 DICIEAMA, Università degli Studi di Messina Contrada Di Dio, S. Agata 98166, Messina, Italia [email protected]; [email protected]; [email protected]; [email protected] Abstract-Nowadays, cloud computing offers more and more business opportunities, and thanks to the concept of virtualization, different types of cost-effective Cloud-based services have been rising. Virtualization of computing, storage, and networking resources, and their interconnection is at the heart of cloud computing, hence enabling new E-Business scenarios. In such a context, APIs for enabling Cloud-based services are strongly required, nevertheless, methods, mechanisms and tools for exploiting virtualized resources and their utilization for developing anything as a service (*aaS) are still ad-hoc and/or proprietary in nature. In this paper, we discuss how to use an adaptive standard protocol, i.e., XRI, for enabling cloud service providers to arrange their own Cloud- based services, building them on top of the IaaS provided by other service providers. Keywords- Cloud Computing; Cloud Management; Federation; Service Composition; E-Business I. INTRODUCTION Today, cloud computing represents a tempting business opportunity for ICT operators of increasing their revenues [1,2]. The cloud ecosystem begins to be clearer and the role played by cloud service providers appears more defined than the past. Moreover, the number of new public, private, and hybrid clouds rising all over the world is continually growing [3].
    [Show full text]
  • 14. Comparison of Cloud Management Platforms
    14. Comparison of cloud management platforms Kimmo Ahokas Aalto University School of Science [email protected] Abstract tion cloud computing is divided into three different service models, namely Software as a Service (SaaS), Platform as a Cloud computing allows fast and efficient resource provi- Service (PaaS) and Infrastructure as a Service (IaaS). In this sioning within data centers. In large companies this can paper we are only interested in IaaS service model, which lead to significant savings, thus creating market for complete is defined as "The capability provided to the consumer is cloud platforms. In addition to commercial products, sev- to provision processing, storage, networks, and other fun- eral open source cloud platforms exist. This paper compares damental computing resources where the consumer is able four cloud management platforms and identifies the factors to deploy and run arbitrary software, which can include op- affecting future success of each of the platforms. We also es- erating systems and applications. The consumer does not timate the future development of the cloud platform market. manage or control the underlying cloud infrastructure but has control over operating systems, storage, and deployed KEYWORDS: cloud platform, IaaS, CloudStack, Open- applications; and possibly limited control of select network- Stack, OpenNebula, Eucalyptus, VMware ing components (e.g., host firewalls)." [10] Cloud management platform is a software system that 1 Introduction controls the allocation of physical resources on the data cen- ter. In the IaaS model users can launch virtual machines us- Cloud computing has rapidly changed the way in which re- ing the management console, which causes the platform to sources in data centers can be provisioned.
    [Show full text]
  • Automated System and Service Monitoring with Openqrm and Nagios
    Name: Matthias Rechenburg Email: [email protected] Organization: the openQRM project Copyright (C) 2007 Matthias Rechenburg This document is released under the GNU/GPL Automated system and service monitoring with openQRM and Nagios The first step to make sure all systems and services in a data centers are running well is to monitor them. A well-known, proven and widely used monitoring tool is Nagios which is available for openQRM in the flavor of an additional plugin. The second, also essential, step is the automatic handling of errors, what openQRM is famous for. The combination of the enhanced monitoring utility Nagios and the automated error-handling, high-availability and fail-over features of the openQRM data center management platform creates a powerful and dynamic environment which reduces down-time of systems and services in a modern data center to the minimum. Common data center scenarios and their challenges In a common data center setup there are different server “islands” for specific purposes as databases, web-servers, infrastructure and communication systems, network-devices, storage-servers, etc. Also, often there is a separation between production-, QA- and development environment. Each section of the data center has its own specific setup, mostly a very special, static installation, maintained by one or more administrators. To make it worse, each section may have different service-level-agreements (SLA) which generates additional complexity for the service- and system-monitoring infra- structure. Also common for data centers is that new systems are added sequentially while other systems are fully underutilized, just consuming power and producing heat. Turning to fully automated system- and service monitoring With the increasing number of systems and the resulting complexity the goal is to reach a level of fully automated service- and system-monitoring which is easy to setup and maintain and which provides an automated error-handling to gain high-availability at system- and service-level for the complete data center environment.
    [Show full text]
  • Paas Solutions Evaluation
    PaaS solutions evaluation August 2014 Author: Sofia Danko Supervisors: Giacomo Tenaglia Artur Wiecek CERN openlab Summer Student Report 2014 CERN openlab Summer Student Report 2014 Project Specification OpenShift Origin is an open source software developed mainly by Red Hat to provide a multi- language PaaS. It is meant to allow developers to build and deploy their applications in a uniform way, reducing the configuration and management effort required on the administration side. The aim of the project is to investigate how to deploy OpenShift Origin at CERN, and to which extent it could be integrated with CERN "Middleware on Demand" service. The student will be exposed to modern cloud computing concepts such as PaaS, and will work closely with the IT middleware experts in order to evaluate how to address service needs with a focus on deployment in production. Some of the tools that are going to be heavily used are Puppet and Openstack to integrate with the IT infrastructure. CERN openlab Summer Student Report 2014 Abstract The report is a brief summary of Platform as a Service (PaaS) solutions evaluation including investigation the current situation at CERN and Services on Demand provision, homemade solutions, external market analysis and some information about PaaS deployment process. This first part of the report is devoted to the current status of the process of deployment OpenShift Origin at existing infrastructure at CERN, as well as specification of the common issues and restrictions that were found during this process using different machines for test. Furthermore, the following open source software solutions have been proposed for the investigation of possible PaaS provision at CERN: OpenShift Online; Cloud Foundry; Deis; Paasmaster; Cloudify; Stackato; WSO2 Stratos.
    [Show full text]
  • The Okeanos Iaas Cloud
    Η υπηρεσία Public IaaS Cloud @ ΕΔΕΤ ανάπτυξη και λειτουργία για χιλιάδες χρήστες Nectarios Koziris, GRNET Greek Research and Technology Network Cloud Computing Conference 2013 (Plaza, Maroussi) 1 What is Okeanos? ‘Okeanos’ is the Greek word for ‘ocean’ Oceans capture, store and deliver energy, oxygen and life around the planet. Greek Research and Technology Network Cloud Computing Conference 2013 (Plaza, Maroussi) 2 Late 2010: The challenge Goals Production-quality IaaS cloud similar to Amazon AWS Scalability to thousands users/nodes/VMs Persistent VMs Commodity components Everyone can use it No vendor lock-in Low admin costs, manageable by a small team Greek Research and Technology Network Cloud Computing Conference 2013 (Plaza, Maroussi) 3 Late 2010: The available offerings Reviewed open source ones •Eucalyptus •Cloudstack •Opennebula •Openstack ..etc.. Still evolving systems, silo ones (touching every layer) No turnkey solutions Greek Research and Technology Network Cloud Computing Conference 2013 (Plaza, Maroussi) 4 The ∼okeanos approach Features: Production-quality IaaS cloud Everything open source: Ganeti by by Persistent VMs Commodity Hardware – No SAN, No exotic network hw Add plain servers/disks/switches to scale up Three clicks to start 1 or 10s of VMs, in 15 secs Simple to operate Key decision: Decompose the problem into layers Greek Research and Technology Network Cloud Computing Conference 2013 (Plaza, Maroussi) 5 ‘Building a Cloud, cluster by cluster’ OPENSTACK SYNNEFO UI OPENSTACK OPENSTACK API SYNNEFO
    [Show full text]
  • A Comparative Study of Current Open-Source Infrastructure As a Service Frameworks
    A Comparative Study of Current Open-source Infrastructure as a Service Frameworks Theo Lynn, Graham Hunt, David Corcoran, John Morrison and Philip Healy Irish Centre for Cloud Computing, Dublin 9, Ireland Keywords: Cloud Computing, Open Source, IaaS, Openstack, Cloudstack, Opennebula, Eucalyptus. Abstract: With the growth of cloud computing in recent years, several commercial and open source IaaS frameworks have emerged. The development of open source IaaS solutions offers a free and flexible alternative to commercial cloud services. The main contribution of this paper is to provide a qualitative comparative of current open-source IaaS frameworks. Existing research papers examining open source IaaS frameworks have focused on comparing OpenStack with a small number of alternatives. However, current research fails to adequately compare all major open source frameworks in a single study and notably lacks the inclusion of CloudStack. Our research paper provides the first overview of the five main open source cloud IaaS frameworks – OpenStack, CloudStack, OpenNebula, Eucalyptus and Nimbus. As such, this review provides researchers and potential users with an up to date and comprehensive overview of the features of each solution and allows for an easy comparison between the open source solutions. 1 INTRODUCTION the freedom to modify the source code and build a cloud that is pluggable and open to extensions while Cloud Computing technologies have seen significant reducing costs and avoiding vendor lock-in (Zhang adoption in recent years by enterprises, researchers et al., 2013; Wen et al. 2012; Bist et al., 2013). The and individuals. It is forecast that the Cloud development of open source solutions is of particular Computing industry will reach a market size of $241 importance for the further proliferation of private billion by 2020 (Reid and Kilster, 2011).
    [Show full text]
  • A Private Cloud Architecture Designed for High Usability
    THUNDER: A PRIVATE CLOUD ARCHITECTURE DESIGNED FOR HIGH USABILITY by GABRIEL JACOB LOEWEN SUSAN VRBSKY, COMMITTEE CHAIR MONICA ANDERSON JOHN LUSTH ASHRAF SAAD JINGYUAN ZHANG A DISSERTATION Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in the Department of Computer Science in the Graduate School of The University of Alabama TUSCALOOSA, ALABAMA 2015 Copyright Gabriel Jacob Loewen 2015 ALL RIGHTS RESERVED ABSTRACT Cloud computing is a technological strategy for saving time, money, and resources within an organization. Underfunded and understaffed organizations benefit the most from a cloud archi- tecture because it can help to alleviate a cost burden allowing funds to be used more effectively. Therefore, we believe that non-profit organizations, such as schools, libraries, non-profit medical facilities, and others have the most to gain from cloud computing. Cloud computing has played a major role in shaping large for-profit businesses like Google, Amazon, and Microsoft. Research has suggested that cultural barriers make it difficult for professionals in non-profits to adopt cloud computing technology. One key challenge faced by organizations for which a cloud architecture would be benefi- cial is the deployment and management process. In order for private cloud computing to become a viable solution for struggling organizations, much work needs to be done to simplify and im- prove the deployment process. We describe a new cloud architecture called THUNDER, which is a recursive backronym meaning “THUNDER Helps Underfunded Nonprofits Distribute Electronic Resources.” THUNDER introduces strategies which are meant to help struggling organizations to de- crease costs. Virtual machine load balancing attempts to distribute the load across multiple nodes in order to maximize potential performance of virtual machines.
    [Show full text]
  • Comparison on Openstack and Opennebula Performance
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by HAL-ENS-LYON Comparison on OpenStack and OpenNebula performance to improve multi-Cloud architecture on cosmological simulation use case Eddy Caron, Lamiel Toch, Jonathan Rouzaud-Cornabas To cite this version: Eddy Caron, Lamiel Toch, Jonathan Rouzaud-Cornabas. Comparison on OpenStack and Open- Nebula performance to improve multi-Cloud architecture on cosmological simulation use case. [Research Report] RR-8421, INRIA. 2013, pp.23. <hal-00916908> HAL Id: hal-00916908 https://hal.inria.fr/hal-00916908 Submitted on 10 Dec 2013 HAL is a multi-disciplinary open access L'archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destin´eeau d´ep^otet `ala diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publi´esou non, lished or not. The documents may come from ´emanant des ´etablissements d'enseignement et de teaching and research institutions in France or recherche fran¸caisou ´etrangers,des laboratoires abroad, or from public or private research centers. publics ou priv´es. Comparaison de performance entre OpenStack et OpenNebula et les architectures multi-Cloud: Application à la cosmologie. E. Caron, L. Toch, J. Rouzaud-Cornabas RESEARCH REPORT N° 8421 December 2013 Project-Team Avalon ISSN 0249-6399 ISRN INRIA/RR--8421--FR+ENG Comparaison de performance entre OpenStack et OpenNebula et les architectures multi-Cloud: Application la cosmologie. E. Caron∗†, L. Toch‡, J. Rouzaud-Cornabas‡ Project-Team Avalon Research Report n° 8421 — December 2013 — 20 pages Abstract: With the increasing numbers of Cloud Service Providers and the migration of the Grids to the Cloud paradigm, it is necessary to be able to leverage these new resources.
    [Show full text]
  • The Needs of Virtual Machines Implementation in Private Cloud Computing Environment
    THE NEEDS OF VIRTUAL MACHINES IMPLEMENTATION IN PRIVATE CLOUD COMPUTING ENVIRONMENT Edy Kristianto Jurusan Teknik Informatika, Fakultas Teknik dan Ilmu Komputer, Universitas Kristen Krida Wacana Jl. Tanjung Duren Raya no. 4, Jakarta Barat, 11470 [email protected] ABSTRACT The Internet of Things (IOT) becomes the purpose of the development of information and communication technology. Cloud computing has a very important role in supporting the IOT, because cloud computing allows to provide services in the form of infrastructure (IaaS), platform (PaaS), and Software (SaaS) for its users. One of the fundamental services is infrastructure as a service (IaaS). This study analyzed the requirement that there must be based on a framework of NIST to realize infrastructure as a service in the form of a virtual machine to be built in a cloud computing environment. Keywords: cloud computing, virtual machine, virtualisation, iaas ABSTRAK The Internet of Things (IoT) menjadi tujuan perkembangan teknologi informasi dan komunikasi. Komputasi awan memiliki peranan yang sangat penting dalam mendukung terjadinya IoT, karena komputasi awan memungkinkan menyediakan layanan baik berupa infrastuktur (IaaS), platform (PaaS), dan perangkat lunak (SaaS) bagi para penggunanya. Salah satu layanan yang mendasar adalah infrastruktur sebagai layanan (IaaS). Penelitian ini menganalisa kebutuhan yang harus ada berdasarkan kerangka kerja dari NIST untuk mewujudkan infrastruktur sebagai layanan dalam bentuk mesin virtual yang akan dibangun dalam lingkungan komputasi awan. Kata kunci: komputasi awan, mesin virtual, virtualisasi, iaas The Needs of Virtual Machines.… (Edy Kristianto) 525 PENDAHULUAN Perkembangan teknologi informasi mengarah pada The Internet of Things (IoT) dengan meningkatnya penggunaan smartphone dalam kehidupan manusia untuk berkomunikasi dan akses internet.
    [Show full text]
  • Beolink.Org What Is Cloud Computing
    Beolink.org Build a “Domestic Cloud” Fabrizio Manfredi Furuholmen Beolink.org Agenda Beolink.org . Introduction . Definition . Characteristics . Deployment model . Delivery model . openQRM . Components . Usage . Eucalyptus . Components . Usage What is cloud computing Beolink.org . Wikipedia (2007) Cloud computing is a style of computing in which dynamically scalable and often Virtualized resources are provided as a Service over the internet. Gardner (2009) Cloud computing is a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service to external customers using Internet technologies. NIST Working Definition Beolink.org Definition of Cloud Computing (version 14) Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three delivery models, and four deployment models. Essential Characteristics Beolink.org On-demand self- service Measured Service. Ubiquitous network access. Location Rapid elasticity. independent resource pooling. Delivery model Beolink.org . Cloud Software as a Service (SaaS) . Cloud Platform as a Service (PaaS) . Cloud Infrastructure as a Service (IaaS) Deployment Models Beolink.org . Private cloud The cloud infrastructure is operated solely for an organization
    [Show full text]
  • HPC Management and Engineering in the Hybrid Cloud
    Universidade de Aveiro Departamento de Eletrónica, 2015 Telecomunicações e Informática André Frederico Gestão e engenharia de CAP na Nuvem Híbrida Guilhoto Monteiro HPC Management and Engineering in the Hybrid Cloud Universidade de Aveiro Departamento de Eletrónica, 2015 Telecomunicações e Informática André Frederico Gestão e engenharia de CAP na Nuvem Híbrida Guilhoto Monteiro HPC Management and Engineering in the Hybrid Cloud Tese apresentada às Universidades do Minho, Aveiro e Porto para cumprimento dos requisitos necessários à obtenção do grau de Doutor em Informática no âmbito do doutoramento conjunto MAP-i, realizada sob a orientação científica do Doutor Cláudio Jorge Vieira Teixeira, equiparado a Investigador Auxiliar, e do Doutor Joaquim Manuel Henriques de Sousa Pinto, Professor Auxiliar ambos do Departamento de Eletrónica, Telecomunicações e Informática da Universidade de Aveiro. Ao meu pai, o verdadeiro “engenheiro” que me inspirou na procura das coisas inovadoras, à minha mãe pela seu acompanhamento e exigência na educação e à mulher da minha vida pelo encorajamento, trabalho suplementar e paciência extra. o júri / the jury presidente / president Prof. Doutor Domingos Moreira Cardoso Professor Catedrático da Universidade de Aveiro vogais / examiners committee Prof. Doutor Fernando Manuel Augusto Silva Professor Catedrático da Faculdade de Ciências da Universidade do Porto Prof. Doutor Alfredo Moreira Caseiro Rocha Professor Associado com Agregação da Universidade de Aveiro Prof. Doutor Ignacio Blanquer Professor Associado da Universidade Politécnica de Valência Prof. Doutor José Miguel Oliveira Monteiro Sales Dias Professor Associado Convidado do Instituto Universitário de Lisboa Prof. Doutor Filipe João Boavida Mendonça Machado Araújo Professor Auxiliar da Faculdade de Ciências e Tecnologia da Universidade de Coimbra Prof.
    [Show full text]
  • Opennebula 5.10 Introduction and Release Notes Release 5.10.5
    OpenNebula 5.10 Introduction and Release Notes Release 5.10.5 OpenNebula Systems Sep 21, 2020 This document is being provided by OpenNebula Systems under the Creative Commons Attribution-NonCommercial- Share Alike License. THE DOCUMENT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IM- PLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE DOCUMENT. i CONTENTS 1 Concepts and Terminology 1 1.1 Start Here: OpenNebula Overview....................................1 1.2 OpenNebula Key Features........................................6 1.3 Glossary.................................................9 2 Release Notes 5.10.3 11 2.1 What’s New in 5.10........................................... 11 2.2 Resolved Issues in 5.10.1........................................ 15 2.3 Platform Notes.............................................. 16 2.4 Compatibility Guide........................................... 21 2.5 Known Issues............................................... 22 2.6 Acknowledgements........................................... 24 3 Release Notes 5.10.5 Hotfix 25 3.1 What’s a HotFix Release?........................................ 25 3.2 Resolved Issues in 5.10.2........................................ 25 3.3 Resolved Issues in 5.10.3.......................................
    [Show full text]