Advertisement

Analysing Virtual Machine Security in Cloud Systems

  • Taimur Al Said
  • Omer F. Rana
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8993)

Abstract

The cloud computing concept has significantly influenced how information is delivered and managed in large scale distributed systems today. Cloud computing is currently expected to reduce the economic cost of using computational and data resources, and is therefore particularly appealing to small and medium scale companies (who may not wish to maintain in-house IT departments). To provide economies of scale, providers of Cloud computing infrastructure make significant use of virtualisation techniques – in which processes of various tenants sharing the same physical resources are separated logically using a hypervisor. In spite of its wide adoption in Cloud computing systems, virtualisation technology suffers from many security and privacy issues. We outline security challenges that remain in the use of virtualisation techniques to support multiple customers on the same shared infrastructure. We also illustrate, using an experiment, how data leakage occurs when multiple VMs are executed on the same physical infrastructure, leading to unauthorised access to (previously) deleted data.

Keywords

Cloud Computing Virtual Machine Cloud Provider Cloud Computing Environment Virtual Machine Migration 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Anand, R., Sarswathi, S., Regan, R.: Security issues in virtualization environment. In: 2012 International Conference on Radar, Communication and Computing (ICRCC), pp. 254–256. IEEE (2012)Google Scholar
  2. 2.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)CrossRefGoogle Scholar
  3. 3.
    Balduzzi, M., Zaddach, J., Balzarotti, D., Kirda, E., Loureiro, S.: A security analysis of amazon’s elastic compute cloud service. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 1427–1434. ACM (2012)Google Scholar
  4. 4.
    Chaves, S., Westphall, C., Westphall, C., Geronimo, G.: Customer security concerns in cloud computing. In: The Tenth International Conference on Networks, ICN 2011, pp. 7–11 (2011)Google Scholar
  5. 5.
    Chen, Y., Katz, R.H.: Glimpses of the brave new world for cloud security (2011), http://www.hpcinthecloud.com/hpccloud/2011-02-22/glimpses_of_the_brave_new_world_for_cloud_security.html
  6. 6.
    Chen, Y., Sion, R.: On securing untrusted clouds with cryptography. In: Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, pp. 109–114. ACM (2010)Google Scholar
  7. 7.
    Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud security is not (just) visualization security: a short paper. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pp. 97–102. ACM (2009)Google Scholar
  8. 8.
    Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digital Invest. 9, S90–S98 (2012)CrossRefGoogle Scholar
  9. 9.
    Garber, L.: The challenges of securing the virtualized environment. Computer 45(1), 17–20 (2012)CrossRefGoogle Scholar
  10. 10.
    Gurav, U., Shaikh, R.: Virtualization: a key feature of cloud computing. In: Proceedings of the International Conference and Workshop on Emerging Trends in Technology, pp. 227–229. ACM (2010)Google Scholar
  11. 11.
    Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: deduplication in cloud storage. Secur. Priv. IEEE 8(6), 40–47 (2010)CrossRefGoogle Scholar
  12. 12.
    Hurwitz, J., Bloor, R., Kaufman, M., Halper, F.: Cloud Computing for Dummies, vol. 1. Wiley, Hoboken (2009)Google Scholar
  13. 13.
    Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: IEEE International Conference on Cloud Computing, CLOUD 2009, pp. 109–116. IEEE (2009)Google Scholar
  14. 14.
    Jordon, M., Forshaw, J.: Dirty disks raised new questions about cloud security (2012). http://www.contextis.com/resources/blog/dirty-disks-raise-new-questions-about-cloud/
  15. 15.
    Kazim, M., Masood, R., Shibli, M.A.: Securing virtual machine images in cloud computing (2013)Google Scholar
  16. 16.
    Kazim, M., Masood, R., Shibli, M.A., Abbasi, A.G.: Security aspects of virtualization in cloud computing. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 229–240. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  17. 17.
    King, S.T., Chen, P.M.: Subvirt: implementing malware with virtual machines. In: 2006 IEEE Symposium on Security and Privacy, pp. 314–327. IEEE (2006)Google Scholar
  18. 18.
    Li, J., Li, B., Wo, T., Hu, C., Huai, J., Liu, L., Lam, K.: Cyberguarder: a virtualization security assurance architecture for green cloud computing. future Gener. Comput. Syst. 28(2), 379–390 (2012)CrossRefGoogle Scholar
  19. 19.
    Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: 2010 Proceedings IEEE INFOCOM, pp. 1–5. IEEE (2010)Google Scholar
  20. 20.
    Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: 2011 International Conference on Cloud and Service Computing (CSC), pp. 174–179. IEEE (2011)Google Scholar
  21. 21.
    Martucci, L.A., Zuccato, A., Smeets, B., Habib, S.M., Johansson, T., Shahmehri, N.: Privacy, security and trust in cloud computing: the perspective of the telecommunication industry. In: 2012 9th International Conference on Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), pp. 627–632. IEEE (2012)Google Scholar
  22. 22.
    Mell, P., Grance, T.: The NIST definition of cloud computing. Natl. Inst. Stand. Technol. 53(6), 50 (2009)Google Scholar
  23. 23.
    Pearce, M., Zeadally, S., Hunt, R.: Virtualization: issues, security threats, and solutions. ACM Comput. Surv. (CSUR) 45(2), 17 (2013)CrossRefGoogle Scholar
  24. 24.
    Perrons, R.K., Hems, A.: Cloud computing in the upstream oil & gas industry: a proposed way forward. Energy Policy 56, 732–737 (2013)CrossRefGoogle Scholar
  25. 25.
    Ray, E., Schultz, E.: Virtualization security. In: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, p. 42. ACM (2009)Google Scholar
  26. 26.
    Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199–212. ACM (2009)Google Scholar
  27. 27.
    Rutkowska, J.: Subverting vistatm kernel for fun and profit. Black Hat Briefings, Las Vegas (2006)Google Scholar
  28. 28.
    Sehrawat, A., Bishnoi, N.: Security: a key requirement of cloud. Int. J. Adv. Res. Comput. Sci. Softw. Eng. (IJARCSSE) 3(6), 1044–1048 (2013)Google Scholar
  29. 29.
    Smith, J.E., Nair, R.: The architecture of virtual machines. Computer 38(5), 32–38 (2005)CrossRefGoogle Scholar
  30. 30.
    Studnia, I., Alata, E., Deswarte, Y., Kaâniche, M., Nicomette, V., et al.: Survey of security problems in cloud computing virtual machines. In: Proceedings of Computer and Electronics Security Applications Rendez-vous (C&ESAR 2012) (2012)Google Scholar
  31. 31.
    Vaughan-Nichols, S.J.: Virtualization sparks security concerns. Comput. 41(8), 13–15 (2008)CrossRefGoogle Scholar
  32. 32.
    Wang, L., Tao, J., Kunze, M., Castellanos, A.C., Kramer, D., Karl, W.: Scientific cloud computing: early definition and experience. In: HPCC, vol. 8, pp. 825–830 (2008)Google Scholar
  33. 33.
  34. 34.
    Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and communications security, pp. 305–316. ACM (2012)Google Scholar
  35. 35.
    Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.School of Computer Science and InformaticsCardiff UniversityCardiffUK

Personalised recommendations