Detection and isolation of affected elements in a cloud-deployed computer system
This study explores the crucial aspects of identifying and isolating compromised elements within computer systems deployed in cloud environments, focusing on the inherent architectural and functional characteristics of cloud platforms that facilitate resource isolation. The built-in monitoring tools...
Saved in:
| Date: | 2025 |
|---|---|
| Main Author: | |
| Format: | Article |
| Language: | Ukrainian |
| Published: |
Інститут проблем реєстрації інформації НАН України
2025
|
| Subjects: | |
| Online Access: | http://drsp.ipri.kiev.ua/article/view/335755 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Journal Title: | Data Recording, Storage & Processing |
Institution
Data Recording, Storage & Processing| Summary: | This study explores the crucial aspects of identifying and isolating compromised elements within computer systems deployed in cloud environments, focusing on the inherent architectural and functional characteristics of cloud platforms that facilitate resource isolation. The built-in monitoring tools of the Amazon Web Services (AWS) platform are examined as a case study for detecting vulnerabilities and isolating affected components of applications deployed therein.
The investigation emphasizes that ensuring the fault tolerance and availability of cloud-deployed systems necessitates timely detection and isolation of compromised elements, a process influenced by the scalability and virtualization inherent in cloud architectures. The core concept of resource isolation involves distributed services running in virtualized environments, often managed by Auto Scaling Groups across multiple Availability Zones, with Elastic Load Balancing directing user traffic. When a service instance fails or is compromised, it can lead to system-wide instability if not promptly addressed. Thus, identifying and forcibly isolating resources being affected at the system level, often utilizing scaling mechanisms becomes critical.
The «noisy neighbor» problem, where excessive resource consumption by one application degrades the performance of others sharing the same physical infrastructure, is also described, along with the techniques for its prevention.
The work concludes that modern cloud platforms offer a comprehensive suite of mechanisms for the timely detection and isolation of negative impacts on computer system elements. These mechanisms are found on system observability and the concept of elastic cloud computing. Standardization of telemetry data allows for the integration of third-party monitoring and response services, while machine learning and artificial intelligence represent current trends in threat detection. Future research into the propagation mechanisms of negative impacts to the cloud platform system elements is proposed as a potential avenue for developing new methods to enhance the survivability of cloud-deployed systems. Fig.: 6. Refs: 12 titles. |
|---|