virtualization security in cloud computing seminars report pdf download
#1

thank you hhhhhhhhhhhhhhhhhhhhhhhhhhh hhhhhhh h h hjh h h h h hhhhjhh
Reply
#2
Virtualization Security in Cloud Computing


ABSTRACT

2011 ended with the popularization of an idea: Bringing VMs (virtual machines) onto the cloud. Recent years have seen great advancements in both cloud computing and virtualization On one hand there is the ability to pool various resources to provide software-as-a-service, infrastructure-as-a-service and platform-as-a-service. At its most basic, this is what describes cloud computing. On the other hand, we have virtual machines that provide agility, flexibility, and scalability to the cloud resources by allowing the vendors to copy, move, and manipulate their VMs at will. The term virtual machine essentially describes sharing the resources of one single physical computer into various computers within itself. VMware and virtual box are very commonly used virtual systems on desktops. Cloud computing effectively stands for many computers pretending to be one computing environment. Obviously, cloud computing would have many virtualized systems to maximize resources.

Resource attacks:


These kinds of attacks include manipulating the available resources into mounting a large-scale botnet attack. These kinds of attacks target either cloud providers or service providers.

Data attacks: These kinds of attacks include unauthorized modification of sensitive data at nodes, or performing configuration changes to enable a sniffing attack via a specific device etc. These attacks are focused on cloud providers, service providers, and also on service users.
Denial of Service attacks: The creation of a new virtual machine is not a difficult task, and thus, creating rogue VMs and allocating huge spaces for them can lead to a Denial of Service attack for service providers when they opt to create a new VM on the cloud. This kind of attack is generally called virtual machine sprawling.
Backdoor: Another threat on a virtual environment empowered by cloud computing is the use of backdoor VMs that leak sensitive information and can destroy data privacy.
Having virtual machines would indirectly allow anyone with access to the host disk files of the VM to take a snapshot or illegal copy of the whole System. This can lead to corporate espionage and piracy of legitimate products.

Light weight Directory Access Protocol (LDAP) and Cloud Computing:

LDAP is an extension to DAP (directory access protocol), as the name suggests, by use of smaller pieces of code. It helps by locating organizations, individuals, and other files or resources over the network. Automation of manual tasks in a cloud environment is done using a concept known as virtual system patterns. These virtual system patterns enable fast and repeatable use of systems. Having dedicated LDAP servers is not typically necessary, but LDAP services have to be considered when designing an efficient virtual system pattern. Extending LDAP servers to cloud management would lead a buffering of existing security policies and cloud infrastructure. This also allows users to remotely manage and operate within the infrastructure.
Reply
#3

Security Issues with Cloud Computing Virtualization

Using virtual machines complicates IT security in a big way for both companies running private cloud computing and service providers. Virtualization changes the definition of what a server is, so security is no longer trying to protect a physical server or collection of servers that an application runs on. Instead, it’s protecting virtual machines (or collections of them).

Because most data centers support only static virtualization, it isn’t yet well understood what will happen during dynamic virtualization.

Network monitoring with cloud computing
Current network defenses are based on physical networks. In the virtualized environment, the network is no longer physical; its configuration can actually change dynamically, which makes network monitoring difficult. To fix this problem, you must have software products (available from companies such as VMWare, IBM, Hewlett-Packard, and CA) that can monitor virtual networks and, ultimately, dynamic virtual networks.

Hypervisors and cloud computing security
Just as an OS attack is possible, a hacker can take control of a hypervisor. If the hacker gains control of the hypervisor, he gains control of everything that it controls; therefore, he could do a lot of damage.

Configuration and change management
The simple act of changing configurations or patching the software on virtual machines becomes much more complex if the software is locked away in virtual images; in the virtual world, you no longer have a fixed static address to update the configuration.

Perimeter security in the cloud
Providing perimeter security, such as firewalls, in a virtual environment is a little more complicated than in a normal network because some virtual servers are outside a firewall. This will be the responsibility of the service provider.

This perimeter security problem may not be too hard to solve because you can isolate the virtual resource spaces. This approach places a constraint on how provisioning is carried out, however.

Virtualization is a term that refers to the abstraction of computer resources. The purpose of virtual computing environment is to improve resource utilization by providing a unified integrated operating platform for users and applications based on aggregation of heterogeneous and autonomous resources. More recently, virtualization at all levels (system storage, and network) became important again as a way to improve system security, reliability and availability, reduce costs and provide greater flexibility. In this paper, we address the requirements and solutions for the security of virtualization in cloud computing environment. Moreover, a Virtualization Security framework is presented which contains two parts: virtual system security and virtualization security management.
Virtualization is transitioning from the technology that drives server consolidation and datacenter operations to a key ingredient in creating a flexible, on-demand infrastructure—another way of describing cloud computing. While there are certain issues to address when adopting virtualization in any environment, there are additional security concerns that arise when using virtualization to support a cloud environment.

When adopting virtualization for cloud computing, it becomes evident that the management tools used in a physical server-based deployment won’t suffice in a highly dynamic virtualized one. To begin with, in a physical server deployment model, provisioning automation is generally not as heavily used unless there’s a significant enough number of server OSes to warrant doing so.

The typical strategy for provisioning physical servers involves repetitive steps. In a heavily virtualized environment like the cloud, OS provisioning will rapidly transition to being a highly automated process.

A New Threat
Virtualization alters the relationship between the OS and hardware. This challenges traditional security perspectives. It undermines the comfort you might feel when you provision an OS and application on a server you can see and touch. Some already believe this sense of comfort is misplaced in most situations. For the average user, the actual security posture of a desktop PC with an Internet connection is hard to realistically discern.

Virtualization complicates the picture, but doesn’t necessarily make security better or worse. There are several important security concerns you need to address in considering the use of virtualization for cloud computing.

One potential new risk has to do with the potential to compromise a virtual machine (VM) hypervisor. If the hypervisor is vulnerable to exploit, it will become a primary target. At the scale of the cloud, such a risk would have broad impact if not otherwise mitigated. This requires an additional degree of network isolation and enhanced detection by security monitoring.

In examining this concern, first consider the nature of a hypervisor. As security consultant and founding partner of Nemertes Research Group Inc. Andreas Antonopoulos has observed, “Hypervisors are purpose-built with a small and specific set of functions. A hypervisor is smaller, more focused than a general purpose operating system, and less exposed, having fewer or no externally accessible network ports.

“A hypervisor does not undergo frequent change and does not run third-party applications. The guest operating systems, which may be vulnerable, do not have direct access to the hypervisor. In fact, the hypervisor is completely transparent to network traffic with the exception of traffic to/from a dedicated hypervisor management interface.

“Furthermore, at present there are no documented attacks against hypervisors, reducing the likelihood of attack. So, although the impact of a hypervisor compromise is great (compromise of all guests), the probability is low because both the vulnerability of the hypervisor and the probability of an attack are low.”

Storage Concerns
Another security concern with virtualization has to do with the nature of allocating and de-allocating resources such as local storage associated with VMs. During the deployment and operation of a VM, data is written to physical memory. If it’s not cleared before those resources are reallocated to the next VM, there’s a potential for exposure.

These problems are certainly not unique to virtualization. They’ve been addressed by every commonly used OS. You should note, though, the initial OS may terminate in error before resources are cleared. Also, not all OSes manage data clearing the same way. Some might clear data upon resource release, others might do so upon allocation.

The bottom line: Control how you use storage and memory when using a public cloud. Clear the data yourself, carefully handle operations against sensitive data, and pay particular attention to access and privilege controls. Another excellent security practice is to verify that a released resource was cleared.

A further area of concern with virtualization has to do with the potential for undetected network attacks between VMs collocated on a physical server. Unless you can monitor the traffic from each VM, you can’t verify that traffic isn’t possible between those VMs.

There are several possible approaches here. The first is that the VM user can simply invoke OS-based traffic filtering or a local firewall. There’s one potential complication to doing this if you need multiple VMs communicating and cooperating. These VMs may be dynamically moved around by the service provider to load balance their cloud. If VM Internet Protocol (IP) addresses change during relocation (which is unlikely, but possible) and absolute addressing is used for firewall rules, then firewall filtering will fail.

In essence, network virtualization must deliver an appropriate network interface to the VM. That interface might be a multiplexed channel with all the switching and routing handled in the network interconnect hardware.

Most fully featured hypervisors have virtual switches and firewalls that sit between the server physical interfaces and the virtual interfaces provided to the VMs. You have to manage all these facilities as changes are made to VM locations and the allowable communication paths between them.

Traffic Management
Another theoretical technique that might have potential for limiting traffic flow between VMs would be to use segregation to gather and isolate different classes of VMs from each other. VMs could be traced to their owners throughout their lifecycle. They would only be colocated on physical servers with other VMs that meet those same requirements for colocation.

This approach could include some form of VM tagging or labeling akin to labeling within multilevel OSes (such as Trusted Solaris or SE-Linux). You could also use the configuration management database to track tenant requests for application isolation.

In all these examples, however, the problem occurs “when the tenant also needs the application components to have maximal separation from common mode failures for availability. It’s not that such a scheme couldn’t be made to work, it’s that the cost of all the incompatible and underutilized server fragments (which can’t be sold to someone else) has to be carried in the service cost,” says Bill Meine, software architect and cloud expert at Blackhawk Network.

One actual practice for managing traffic flows between VMs is to use virtual local area networks (VLANs) to isolate traffic between one customer’s VMs from another customer’s VMs. To be completely effective, however, this technique requires extending support for VLANs beyond the core switching infrastructure and down to the physical servers that host VMs. This support is now almost universal with VM technology.

The next problem is scaling VLAN-like capabilities beyond their current limits to support larger clouds. That support will also need to be standardized to allow multi-vendor solutions. It will also need to be tied in with network management and hypervisors.

Certification Matters
Finally, in considering the security issues with VMs, it’s important to recognize that this technology is not new. Several products have undergone formal security evaluations and received certification. What this means in practical terms is that several VM technology vendors have taken pains to obtain independent and recognized security certification.

Virtualization absolutely complicates infrastructure management, but with the cloud, this simply must be automated if you are to use this technology at cloud scale and cloud elasticity. The bottom line with virtualization risk is that using this technology must be better planned and managed.

By automating virtualization management with cloud computing, you can achieve multiple benefits—better security included. Further, the end of the ad hoc use of virtualization is a positive trend for security. It represents a return to infrastructure control.

Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: platform virtualization seminar topic, seminar on topic sandboxing and virtualization, project report on server virtualization, download seminar reports on virtualization, it technician interview tipsdata security on cloud computing with pdf to download, full seminar report on server virtualization, network virtualization seminar report pdf only,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  power plant instrumentation by krishnaswamy pdf free download 3 23,782 10-02-2019, 07:00 PM
Last Post:
  karmakshetra epaper in bengali this week pdf free download 5 12,922 01-02-2019, 11:28 PM
Last Post:
  border security using wins jana 2 9,785 11-01-2019, 01:44 PM
Last Post:
  ambient security expert systems seminars ppt 2 10,991 25-08-2018, 09:19 PM
Last Post: Zik
Photo pdf download of tata steel apprentice exam previous year solved question papers 4 12,327 08-08-2018, 08:23 PM
Last Post: Guest
  free download machine design 2 jbk das book pdf 2 11,019 30-05-2018, 11:39 AM
Last Post: [email protected]
  pdf k53 learners test questions and answers 2015 pdf 2 11,126 18-05-2018, 06:21 PM
Last Post: Guest
  sample impression after seminars elln deped 4 8,362 08-02-2018, 03:55 PM
Last Post: Guest
Smile download wi vi technology seminars report pdf 2 15,697 24-01-2018, 11:27 PM
Last Post: sultan@123
  free download internal combustion engine by mathur sharma pdf 3 9,461 26-12-2017, 10:41 AM
Last Post: jaseela123d

Forum Jump: