cloud cartography
Cloud cartography is a scheme for pinpointing the physical locations of Web servers hosted on a third-party cloud computing service. The goal of cloud cartography is to map the service provider's infrastructure in order to identify where a particular virtual machine (VM) is likely to reside.
In theory, cloud cartography could be used by an attacker who wanted to place his own VM next to a target's VM and exploit vulnerabilities. To create the map, the attacker would deploy a large number of VMs in the service provider's cloud. He could then use the information he gets back from the service provider about his deployments to get a sense of how the provider assigns IP addresses for different instance types and accounts.
Content Continues Below


6 Multi-Cloud Management Tool Must-Haves
To address issues with managing multi-cloud environments, some teams are turning to a cloud management platform to bring disparate environments under control. In this expert guide, explore key features your tool should have to ensure it can meet your organization’s specific requirements.
Once the attacker establishes where a VM might be located, he could use the information to position his own virtual machine next to his target. This would allow him to perform what is known as a side-channel attack to extract information or corrupt data in the target VM. Side-channel attacks take advantage of weaknesses in virtualization software or firmware.
See also: virtual machine escape
Learn more:
Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds: The term cloud cartography was introduced by Thomas Ristenpart , Eran Tromer, Hovav Shacham and Stefan Savagepaper in a paper at MIT.
Virtualization vulnerabilities leave clouds insecure: The 'cloud cartography' research was carried out with basic network discovery techniques.
Learning to let go: A cloud security primer with George Reese: Programmer and entrepreneur George Reese is the author of "Cloud Application Architectures."