Security Vulnerability Analysis in Virtualized Computing Environments
Tyson T. Brooks,Carlos Caicedo,Joon S. Park +2 more
- 01 Dec 2012
Vol. 3, Iss: 4, pp 263-277
TL;DR: This paper discusses common exploits of security properties in virtualized computing environments and analyzes their security vulnerabilities from the perspective of attackers and identifies the main areas of virtualized information system design and operation in which security concerns must be addressed.
read more
Abstract: Virtualization brings compelling features to individual computer systems and organizations allowing for the concurrent execution of multiple operating systems and applications on the same physical server. However, for all the performance improvements offered by adopting virtualization technologies, one of the major obstacles to widespread adoption of virtualization is the concern about security in the technology. Therefore, the security implications in virtualization environments must be addressed and understood because of the exploitation to compromise the operation of missioncritical systems. In this paper, we first discuss common exploits of security properties in virtualized computing environments and analyze their security vulnerabilities from the perspective of attackers. Consequently, we identify the main areas of virtualized information system design and operation in which security concerns must be addressed. Finally, we present our recommendations and future trends for trusted virtualized computing environments.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Risk-Based Access Control Model: A Systematic Literature Review
TL;DR: A systematic review and examination of the state-of-the-art of the risk-based access control model to provide a detailed understanding of the topic.
40
Cybercompetitions: A survey of competitions, tools, and systems to support cybersecurity education
TL;DR: In this article , the authors present a survey of the history of game-based cyber-competitions, focusing on the InfoSEC Color Wheel, and explore state-of-the-art technologies that enable these types of competitions.
19
Survivability Analysis of VM-Based Intrusion Tolerant Systems
TL;DR: A scheme of the intrusion tolerant system with virtualization is introduced, and the success probability for one request by a Markov chain under the environment where VMs have been intruded due to a security hole by malicious attacks is derived.
17
Exploring the effects of virtual machine placement on the transmission of infections in cloud
Farzaneh Abazari,Morteza Analoui +1 more
- 01 Sep 2014
TL;DR: An approach based on a combination of graph theory and agent based simulations to study epidemics in the cloud computing and control the transmission of infections and identifies a number of measures that are significant for understanding epidemics and for developing new strategies in virtual machines placement algorithm.
10
•Dissertation
A Dynamic Risk-Based Access Control Approach: Model and Implementation
Sergey Savinov
- 18 May 2017
9
References
The NIST Definition of Cloud Computing
Peter Mell,Timothy Grance +1 more
- 28 Sep 2011
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
17.6K
Xen and the art of virtualization
Paul Barham,Boris Dragovic,Keir Fraser,Steven Hand,Tim Harris,Alex Ho,Rolf Neugebauer,Ian Pratt,Andrew Warfield +8 more
- 19 Oct 2003
TL;DR: Xen, an x86 virtual machine monitor which allows multiple commodity operating systems to share conventional hardware in a safe and resource managed fashion, but without sacrificing either performance or functionality, considerably outperform competing commercial and freely available solutions.
Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds
Thomas Ristenpart,Eran Tromer,Hovav Shacham,Stefan Savage +3 more
- 09 Nov 2009
TL;DR: It is shown that it is possible to map the internal cloud infrastructure, identify where a particular target VM is likely to reside, and then instantiate new VMs until one is placed co-resident with the target, and how such placement can then be used to mount cross-VM side-channel attacks to extract information from a target VM on the same machine.
Survey of virtual machine research
TL;DR: The complete instruction-by-instruction simulation of one computer system on a different system is a well-known computing technique often used for software development when a hardware base is being altered.
1K
Intel virtualization technology
Richard Uhlig,Gilbert Neiger,D. Rodgers,Amy L. Santoni,F.C.M. Martins,Andrew V. Anderson,Steven M. Bennett,Alain Kagi,Felix Leung,Lawrence Beaverton Smith +9 more
TL;DR: Once confined to specialized, proprietary, high-end server and mainframe systems, virtualization is now becoming more broadly available and is supported in off-the-shelf systems based on Intel architecture (IA) hardware.
966