Overview
Français
ABSTRACT
Cloud computing has imposed itself as the latest revolution in information technologies by offering on-demand resources and services. Virtualization is a key enabler for the cloud by abstracting away the physical infrastructure.
It also raises many security concerns. What are the threats against a virtualized system? What are available counter-measures to mitigate such threats? What is the status of research today in terms of virtualization security and what are the next steps to enhance security of such systems?
This paper aims to provide answers to such questions by providing an overview of threats, challenges, solutions, and perspectives regarding virtualization security.
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHORS
-
Marc LACOSTE: Systems Security Research Expert, Orange Labs, Security Department, France
-
Aurélien WAILLY: PhD student, Orange Labs, security department, France
INTRODUCTION
Cloud computing seems to be the major recent change in the way IT resources and services are offered, used and managed. Opening up infrastructures and services to third parties, the novelty lies in seeing them as provided and used on demand.
The associated benefits are numerous: reduced costs, improved scalability... This "self-service" vision is based on sharing a set of computing, communication and storage resources. All securely accessible via broadband networks, rapidly provisioned and released as needed. This flexibility is underpinned by virtualization: resources and services are separated from the infrastructure in the form of virtual machines (VMs).
This new context raises many questions about resource protection, making security one of the main obstacles to cloud adoption. For example:
on isolation, as a cloud infrastructure is shared between several tenants with often distinct security objectives;
on the disappearance of organizational boundaries, making it difficult to guarantee perimeter security;
on the loss of control over applications and data that run, are transmitted, or are stored in insecure environments;
on new vulnerabilities linked to virtualization.
Of these questions, the last is probably the least understood:
what are the threats to a virtualized infrastructure?
what is a hypervisor and what virtualization techniques are available?
what mechanisms are available today to protect against these threats?
What is the current state of research, and what prospects does it offer for improving the safety of these systems?
This article aims to provide some answers to some of these questions, on the influence of virtualization on security.
After a brief overview of the various cloud models (§ 1 ), we present the principles, approaches and solutions for system virtualization (§
The Ultimate Scientific and Technical Reference
KEYWORDS
security of informations systems | Software architecture | virtual machine | hypervisor | virtualization
CAN BE ALSO FOUND IN:
Home IT Security of information systems Security of virtualization solutions- Present and future
Home Industrial engineering Industry of the future Security of virtualization solutions- Present and future
Home Environment - Safety Safety and risk management Security of virtualization solutions- Present and future
This article is included in
Software technologies and System architectures
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
The future of security in virtualization solutions
Reminders about cloud computing
Bibliography
The Ultimate Scientific and Technical Reference
