Open Access Open Access  Restricted Access Subscription Access
Open Access Open Access Open Access  Restricted Access Restricted Access Subscription Access

Cloud Computing Virtualization Security Management


Affiliations
1 Communication and Information Technology School, Information Security Department, Graduate Studies and Research, Nile University, Egypt
     

   Subscribe/Renew Journal


The cloud concept was used to denote the segregation point between the responsibility of the provider and the user. Cloud computing overcome this border to cover servers as well as the network infrastructure. Virtualization is one of the most significant technologies to impact computing in the last few years. It is the backbone for cloud computing. Virtualization systems is exposed to some threats inherited from regular computerized systems for example Denial-of-Service (DoS) attacks, Zombies and honeypots. Some types of threats and vulnerabilities is dedicated to virtual machines. The core of VM vulnerabilities comes from a compromised VM can be attack other VMs on the same hypervisor or can be attack the hypervisor itself because they are in the same physical hardware layer. Co-location of multiple VMs increases the attack surface and risk of VM to VM compromise. In this paper, we introduce our novel security management system between virtual machines. We introduce our innovative pilot project to enhance the security between virtual machines and monitor the traffic between VMs. We design three VMs server with different platforms (OS). We implement virtual Endian FirewallvEFW and IDS from converting physical open source EFW to virtual EFW and we deployed it to monitor traffic between virtual servers and allow or deny the traffic between virtual machines and outside the system.

Keywords

Cloud Computing, Virtualization, Architecture, Security Management.
User
Subscription Login to verify subscription
Notifications
Font Size

Abstract Views: 288

PDF Views: 2




  • Cloud Computing Virtualization Security Management

Abstract Views: 288  |  PDF Views: 2

Authors

Mohamed A. Elfiky
Communication and Information Technology School, Information Security Department, Graduate Studies and Research, Nile University, Egypt
Nashwa Abdelbaki
Communication and Information Technology School, Information Security Department, Graduate Studies and Research, Nile University, Egypt

Abstract


The cloud concept was used to denote the segregation point between the responsibility of the provider and the user. Cloud computing overcome this border to cover servers as well as the network infrastructure. Virtualization is one of the most significant technologies to impact computing in the last few years. It is the backbone for cloud computing. Virtualization systems is exposed to some threats inherited from regular computerized systems for example Denial-of-Service (DoS) attacks, Zombies and honeypots. Some types of threats and vulnerabilities is dedicated to virtual machines. The core of VM vulnerabilities comes from a compromised VM can be attack other VMs on the same hypervisor or can be attack the hypervisor itself because they are in the same physical hardware layer. Co-location of multiple VMs increases the attack surface and risk of VM to VM compromise. In this paper, we introduce our novel security management system between virtual machines. We introduce our innovative pilot project to enhance the security between virtual machines and monitor the traffic between VMs. We design three VMs server with different platforms (OS). We implement virtual Endian FirewallvEFW and IDS from converting physical open source EFW to virtual EFW and we deployed it to monitor traffic between virtual servers and allow or deny the traffic between virtual machines and outside the system.

Keywords


Cloud Computing, Virtualization, Architecture, Security Management.