CFP last date
20 January 2025
Reseach Article

An Architecture for Providing Security to Cloud Resources

Published on None 2011 by Niranjana Padmanabhan, Bijolin Edwin E
International Conference on Emerging Technology Trends
Foundation of Computer Science USA
ICETT2011 - Number 2
None 2011
Authors: Niranjana Padmanabhan, Bijolin Edwin E
01108d1b-8f83-458a-939a-450df78753b9

Niranjana Padmanabhan, Bijolin Edwin E . An Architecture for Providing Security to Cloud Resources. International Conference on Emerging Technology Trends. ICETT2011, 2 (None 2011), 34-37.

@article{
author = { Niranjana Padmanabhan, Bijolin Edwin E },
title = { An Architecture for Providing Security to Cloud Resources },
journal = { International Conference on Emerging Technology Trends },
issue_date = { None 2011 },
volume = { ICETT2011 },
number = { 2 },
month = { None },
year = { 2011 },
issn = 0975-8887,
pages = { 34-37 },
numpages = 4,
url = { /proceedings/icett2011/number2/3504-icett014/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 International Conference on Emerging Technology Trends
%A Niranjana Padmanabhan
%A Bijolin Edwin E
%T An Architecture for Providing Security to Cloud Resources
%J International Conference on Emerging Technology Trends
%@ 0975-8887
%V ICETT2011
%N 2
%P 34-37
%D 2011
%I International Journal of Computer Applications
Abstract

One of the major challenges in Cloud computing is providing security to the cloud resources. In present paper, we make use of the concept of virtualization to protect the cloud components and the integrity of guest virtual machines. To guarantee increased security to cloud resources, an architecture called Cloud Protection System (CPS) is proposed. CPS remains fully transparent to the cloud components and the guest virtual machines since it is implemented on the base machine and monitors the integrity of guest virtual machines. Also, we propose an architecture called HypeSec, which can be integrated in the hypervisor Qemu, where it controls all inter-VM communication according to formal security policies. The architecture CPS is fully implemented using Eucalyptus cloud environment, and Qemu as the hypervisor. The effectiveness of the prototype is shown by testing it against the Sebek rootkit attack.

References
  1. Armbrust M, Fox A, Griffith R. Above the clouds: A Berkeley view of cloud computing. Technical Report UCB/EECS-2009-28, EECS Department, University of California, Berkeley, February 2009.
  2. Bellard F. Qemu, a fast and portable dynamic translator. In ATEC ’05: Proceedings of the annual conference on USENIX annual technical conference, Berkeley, CA, USA, 2005. USENIX Association, p. 41.
  3. Seshadri A, Luk M, Qu N, Perrig A. Secvisor: a tiny hypervisor to provide life time kernel code integrity for commodity oses. In SOSP’07: Proceedings of twenty first ACM SIGOPS symposium on operating systems principles, ACM, New York, NY, USA, 2007. p. 335–50.
  4. Payne BD, Carbone M, Sharif M, Lee W. Lares: An architecture for secure active monitoring using virtualization. In SP ’08: Proceedings of the 2008 IEEE symposium on security and privacy (sp2008), IEEE Computer Society, Washington, DC, USA, 2008. pp. 233- 47.
  5. Lombardi F, Di Pietro R. Kvmsec: a security extension for linux kernel virtual machines. In SAC ’09: Proceedings of the 2009 ACM symposium on applied Computing, ACM, New York, NY, USA, 2009. pp. 2029–34.
  6. Qumranet. Linux kernel virtual machine. http://kvm.qumranet.com.
  7. Peter M, Schild H, Lackorzynski A, Warg A. Virtual machines jailed: virtualization in systems with small trusted computing bases. In VDTS ’09: Proceedings of the 1st EuroSys Workshop on virtualization technology for dependable systems, ACM, New York, NY, USA, 2009. p.18–23.
  8. Rhee J, Riley R, Xu D, Jiang X. Defeating dynamic data kernel rootkit attacks via vmm-based guest transparent monitoring. Availability, Reliability and Security, 2009. ARES ’09.
  9. Lombardi F, Di Pietro R. Transparent security for cloud. In SAC’10: Proceedings of the 2010 ACM symposium on applied computing.
  10. Lombardi F, Di Pietro R. Secure virtualization for cloud computing. In Elsevier, June 2010: Journal of Network and Computer Applications.
Index Terms

Computer Science
Information Sciences

Keywords

Eucalyptus Hypervisor Qemu virtualization