Emphasis and emerging trends on virtualization of cloud infrastructure with security challenges

International Journal of Computer Trends and Technology (IJCTT)          
© - August Issue 2013 by IJCTT Journal
Volume-4 Issue-8                           
Year of Publication : 2013
Authors :Akula Santosh Kumar, C. Srinivasulu, B. Sudeep Kumar, D. Priyanka


Akula Santosh Kumar, C. Srinivasulu, B. Sudeep Kumar, D. Priyanka"Emphasis and emerging trends on virtualization of cloud infrastructure with security challenges"International Journal of Computer Trends and Technology (IJCTT),V4(8):2716-2722 August Issue 2013 .ISSN 2231-2803.www.ijcttjournal.org. Published by Seventh Sense Research Group.

Abstract:- The cloud computing model is rapidly transforming the IT landscape. Cloud computing is a new computing paradigm that delivers computing resources as a set of reliable and scalable internet-based services allowing customers to remotely run and manage these services. Infrastructure-as-a-service (IaaS) is one of the popular cloud computing services. IaaS allows customers to increase their computing resources on the fly without investing in new hardware. IaaS adapts virtualization to enable on-demand access to a pool of virtual computing resources. Although there are great benefits to be gained from cloud computing, cloud computing also enables new categories of threats to be introduced. These threats are a result of the cloud virtual infrastructure complexity created by the adoption of the virtualization technology. Breaching the security of any component in the cloud virtual infrastructure significantly impacts on the security of other components and consequently affects the overall system security. This paper explores the security problem of the cloud platform virtual infrastructure identifying the existing security threats and the complexities of this virtual infrastructure. The paper also discusses the existing security approaches to secure the cloud virtual infrastructure and their drawbacks. Finally, we propose and explore some key research challenges of implementing new virtualization-aware security solutions that can provide the pre-emptive protection for complex and ever-dynamic cloud virtual infrastructure.



[1] Alexander Lenk, Markus Klems, Jens Nimis, Stefan Tai, and Thomas Sandholm, "What`s inside the Cloud? An architectural map of the Cloud landscape," in Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, 2009, pp. 23-31.
[2] Luis Vaquero, Luis Rodero-Merino, Juan Caceres, et al, "A break in the clouds: towards a cloud definition," ACM SIGCOMM Computer Communication Review, vol. 39, pp. 50-55, 2009.
[3] Wesam Dawoud, Ibrahim Takouna and Christoph Meinel, "Infrastructure as a service security: Challenges and solutions," in
2010 The 7th International Conference on Informatics and Systems, 2010, pp. 1-8.
[4] Kevin Skapinetz, "Virtualisation as a Blackhat Tool," in Network Security, Elsevier., 2007, pp. 4-7.
[5] W. Dawoud, , Takouna, I., Meinel, C., "Infrastructure as a service security: Challenges and solutions," in he 7th International Conference on Informatics and Systems, Cairo, May 2010.
[6] Kai Hwang, Sameer Kulkareni, Yue Hu, "Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement," Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009, pp.717-722.
[7] Bernd Grobauer, Tobias Walloschek and Elmar Stöcker, "Understanding Cloud-Computing Vulnerabilities," IEEE Security and Privacy, 10 Jun. 2010. IEEE computer Society Digital Library. IEEE Computer Society, pp.1-8.
[8] Martim Carbone, Diego Zamboni, Wenke Lee, "Taming Virtualization," IEEE Security and Privacy, 2008, vol. 6, pp. 65-67. [9] Edward Ray, and Eugene Schultz, "Virtualization security," in Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, Oak Ridge, Tennessee, 2009, pp. 1-5.
[10] Joanna Rutkowska, "Subverting VistaTM Kernel for Fun and Profit, ," Black Hat Conference, 2006.
[11] Dino Dai Zovi, "Hardware Virtualization Rootkits," in BlackHat Conference, USA, 2009.
[12] Samuel King, Peter Chen, Yi-Min Wang, et al, "SubVirt: Implementing malware with virtual machines," 2006 IEEE Symposium on Security and Privacy, 2006, pp.314-327.
[13] Sina Bahram, Xuxian Jiang, Zhi Wang, Mike Grace, et al, "DKSM: Subverting Virtual Machine Introspection for Fun and Profit," Proceedings ofthe 29th IEEE International Symposium on Reliable Distributed Systems, New Delhi, India, October 2010.
[14] Xen Open Source, "How Does Xen Work?," in http://www.xen.org/files/Marketing/HowDoesXenWork.pdf, Access on July 2010, 2009.
[15] Serdar Cabuk, Chris Dalton, Aled Edwards, et al, "A Comparative Study on Secure Network Virtualization," in Technical Report No. HPL-2008-57, HP Labs, 2008, http://www.hpl.hp.com/techreports/2008/HPL-2008-57.pdf, Accessed on June 2010.
[16] Tavis Ormandy, Google, "An Empirical Study into the Security Exposure to Host of Hostile Virtualized Environments. ," in Applied Security Conference, Vancouver,

Keywords : cloud computing, cloud virtual infrastructure security, virtualization security