Secure virtualization for cloud computing

Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In this paper, we show how virtualization can increase the security of cloud computing, by protecting both the integrity of guest virtual machines and the cloud...

Full description

Saved in:
Bibliographic Details
Published in:Journal of network and computer applications 2011-07, Vol.34 (4), p.1113-1122
Main Authors: Lombardi, Flavio, Di Pietro, Roberto
Format: Article
Language:English
Subjects:
Applied sciences
Cloud computing
Computer science
control theory
systems
Computer systems and distributed systems. User interface
Distributed computer systems
Electrical engineering. Electrical power engineering
Electronic equipment and fabrication. Passive components, printed wiring boards, connectics
Electronics
Exact sciences and technology
Hardware
Power electronics, power supplies
Security
Software
Virtualization technologies
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cloud computing adoption and diffusion are threatened by unresolved security issues that affect both the cloud provider and the cloud user. In this paper, we show how virtualization can increase the security of cloud computing, by protecting both the integrity of guest virtual machines and the cloud infrastructure components. In particular, we propose a novel architecture, Advanced Cloud Protection System (ACPS), aimed at guaranteeing increased security to cloud resources. ACPS can be deployed on several cloud solutions and can effectively monitor the integrity of guest and infrastructure components while remaining fully transparent to virtual machines and to cloud users. ACPS can locally react to security breaches as well as notify a further security management layer of such events. A prototype of our ACPS proposal is fully implemented on two current open source solutions: Eucalyptus and OpenECP. The prototype is tested against effectiveness and performance. In particular: (a) effectiveness is shown testing our prototype against attacks known in the literature; (b) performance evaluation of the ACPS prototype is carried out under different types of workload. Results show that our proposal is resilient against attacks and that the introduced overhead is small when compared to the provided features.
ISSN:1084-8045
1095-8592
DOI:10.1016/j.jnca.2010.06.008