Skip to main content
SpringerLink
Log in

Analysing Virtual Machine Security in Cloud Systems

  • Conference paper
  • First Online:
Intelligent Cloud Computing (ICC 2014)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8993))

Included in the following conference series:

Abstract

The cloud computing concept has significantly influenced how information is delivered and managed in large scale distributed systems today. Cloud computing is currently expected to reduce the economic cost of using computational and data resources, and is therefore particularly appealing to small and medium scale companies (who may not wish to maintain in-house IT departments). To provide economies of scale, providers of Cloud computing infrastructure make significant use of virtualisation techniques – in which processes of various tenants sharing the same physical resources are separated logically using a hypervisor. In spite of its wide adoption in Cloud computing systems, virtualisation technology suffers from many security and privacy issues. We outline security challenges that remain in the use of virtualisation techniques to support multiple customers on the same shared infrastructure. We also illustrate, using an experiment, how data leakage occurs when multiple VMs are executed on the same physical infrastructure, leading to unauthorised access to (previously) deleted data.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 34.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 44.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Amazon Web Services - http://aws.amazon.com.

  2. 2.

    Google App Engine - https://console.developers.google.com/start/appengine.

  3. 3.

    Amazon Cloudtrail - http://aws.amazon.com/cloudtrail.

  4. 4.

    OpenSSL website defacement - http://tinyurl.com/luugk25.

  5. 5.

    Commvault: VM Sprawl - http://tinyurl.com/nxukpm4.

  6. 6.

    OSFMount tool- http://www.osforensics.com/tools/mount-disk-images.html.

References

  1. Anand, R., Sarswathi, S., Regan, R.: Security issues in virtualization environment. In: 2012 International Conference on Radar, Communication and Computing (ICRCC), pp. 254–256. IEEE (2012)

    Google Scholar 

  2. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)

    Article  Google Scholar 

  3. Balduzzi, M., Zaddach, J., Balzarotti, D., Kirda, E., Loureiro, S.: A security analysis of amazon’s elastic compute cloud service. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 1427–1434. ACM (2012)

    Google Scholar 

  4. Chaves, S., Westphall, C., Westphall, C., Geronimo, G.: Customer security concerns in cloud computing. In: The Tenth International Conference on Networks, ICN 2011, pp. 7–11 (2011)

    Google Scholar 

  5. Chen, Y., Katz, R.H.: Glimpses of the brave new world for cloud security (2011), http://www.hpcinthecloud.com/hpccloud/2011-02-22/glimpses_of_the_brave_new_world_for_cloud_security.html

  6. Chen, Y., Sion, R.: On securing untrusted clouds with cryptography. In: Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, pp. 109–114. ACM (2010)

    Google Scholar 

  7. Christodorescu, M., Sailer, R., Schales, D.L., Sgandurra, D., Zamboni, D.: Cloud security is not (just) visualization security: a short paper. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, pp. 97–102. ACM (2009)

    Google Scholar 

  8. Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digital Invest. 9, S90–S98 (2012)

    Article  Google Scholar 

  9. Garber, L.: The challenges of securing the virtualized environment. Computer 45(1), 17–20 (2012)

    Article  Google Scholar 

  10. Gurav, U., Shaikh, R.: Virtualization: a key feature of cloud computing. In: Proceedings of the International Conference and Workshop on Emerging Trends in Technology, pp. 227–229. ACM (2010)

    Google Scholar 

  11. Harnik, D., Pinkas, B., Shulman-Peleg, A.: Side channels in cloud services: deduplication in cloud storage. Secur. Priv. IEEE 8(6), 40–47 (2010)

    Article  Google Scholar 

  12. Hurwitz, J., Bloor, R., Kaufman, M., Halper, F.: Cloud Computing for Dummies, vol. 1. Wiley, Hoboken (2009)

    Google Scholar 

  13. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: IEEE International Conference on Cloud Computing, CLOUD 2009, pp. 109–116. IEEE (2009)

    Google Scholar 

  14. Jordon, M., Forshaw, J.: Dirty disks raised new questions about cloud security (2012). http://www.contextis.com/resources/blog/dirty-disks-raise-new-questions-about-cloud/

  15. Kazim, M., Masood, R., Shibli, M.A.: Securing virtual machine images in cloud computing (2013)

    Google Scholar 

  16. Kazim, M., Masood, R., Shibli, M.A., Abbasi, A.G.: Security aspects of virtualization in cloud computing. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 229–240. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  17. King, S.T., Chen, P.M.: Subvirt: implementing malware with virtual machines. In: 2006 IEEE Symposium on Security and Privacy, pp. 314–327. IEEE (2006)

    Google Scholar 

  18. Li, J., Li, B., Wo, T., Hu, C., Huai, J., Liu, L., Lam, K.: Cyberguarder: a virtualization security assurance architecture for green cloud computing. future Gener. Comput. Syst. 28(2), 379–390 (2012)

    Article  Google Scholar 

  19. Li, J., Wang, Q., Wang, C., Cao, N., Ren, K., Lou, W.: Fuzzy keyword search over encrypted data in cloud computing. In: 2010 Proceedings IEEE INFOCOM, pp. 1–5. IEEE (2010)

    Google Scholar 

  20. Luo, S., Lin, Z., Chen, X., Yang, Z., Chen, J.: Virtualization security for cloud computing service. In: 2011 International Conference on Cloud and Service Computing (CSC), pp. 174–179. IEEE (2011)

    Google Scholar 

  21. Martucci, L.A., Zuccato, A., Smeets, B., Habib, S.M., Johansson, T., Shahmehri, N.: Privacy, security and trust in cloud computing: the perspective of the telecommunication industry. In: 2012 9th International Conference on Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), pp. 627–632. IEEE (2012)

    Google Scholar 

  22. Mell, P., Grance, T.: The NIST definition of cloud computing. Natl. Inst. Stand. Technol. 53(6), 50 (2009)

    Google Scholar 

  23. Pearce, M., Zeadally, S., Hunt, R.: Virtualization: issues, security threats, and solutions. ACM Comput. Surv. (CSUR) 45(2), 17 (2013)

    Article  Google Scholar 

  24. Perrons, R.K., Hems, A.: Cloud computing in the upstream oil & gas industry: a proposed way forward. Energy Policy 56, 732–737 (2013)

    Article  Google Scholar 

  25. Ray, E., Schultz, E.: Virtualization security. In: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, p. 42. ACM (2009)

    Google Scholar 

  26. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199–212. ACM (2009)

    Google Scholar 

  27. Rutkowska, J.: Subverting vistatm kernel for fun and profit. Black Hat Briefings, Las Vegas (2006)

    Google Scholar 

  28. Sehrawat, A., Bishnoi, N.: Security: a key requirement of cloud. Int. J. Adv. Res. Comput. Sci. Softw. Eng. (IJARCSSE) 3(6), 1044–1048 (2013)

    Google Scholar 

  29. Smith, J.E., Nair, R.: The architecture of virtual machines. Computer 38(5), 32–38 (2005)

    Article  Google Scholar 

  30. Studnia, I., Alata, E., Deswarte, Y., Kaâniche, M., Nicomette, V., et al.: Survey of security problems in cloud computing virtual machines. In: Proceedings of Computer and Electronics Security Applications Rendez-vous (C&ESAR 2012) (2012)

    Google Scholar 

  31. Vaughan-Nichols, S.J.: Virtualization sparks security concerns. Comput. 41(8), 13–15 (2008)

    Article  Google Scholar 

  32. Wang, L., Tao, J., Kunze, M., Castellanos, A.C., Kramer, D., Karl, W.: Scientific cloud computing: early definition and experience. In: HPCC, vol. 8, pp. 825–830 (2008)

    Google Scholar 

  33. Xen: How does xen work? (2009). http://www-archive.xenproject.org/files/Marketing/HowDoesXenWork.pdf

  34. Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and communications security, pp. 305–316. ACM (2012)

    Google Scholar 

  35. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Informatics, Cardiff University, Cardiff, UK

    Taimur Al Said & Omer F. Rana

Authors
  1. Taimur Al Said
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Omer F. Rana
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taimur Al Said .

Editor information

Editors and Affiliations

  1. Sultan Qaboos University, Muscat, Oman

    Asma Al-Saidi

  2. GUtech, Muscat, Oman

    Rudolf Fleischer

  3. Zayed University, Dubai, Utd.Arab.Emir.

    Zakaria Maamar

  4. Cardiff University, Cardiff, United Kingdom

    Omer F. Rana

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Al Said, T., Rana, O.F. (2015). Analysing Virtual Machine Security in Cloud Systems. In: Al-Saidi, A., Fleischer, R., Maamar, Z., Rana, O. (eds) Intelligent Cloud Computing. ICC 2014. Lecture Notes in Computer Science(), vol 8993. Springer, Cham. https://doi.org/10.1007/978-3-319-19848-4_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19848-4_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19847-7

  • Online ISBN: 978-3-319-19848-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation