A Study on the Virtualization Security Management in the Cloud

Computing Environment

INTRODUCTION
Cloud computing is turning out to be the key component in the future of Internet. Virtualization is the
term referred to the abstraction of resources. Cloud computing refers to the computing resources
wherein service providers provide virtualized IT resources by using Internet technologies and users
use the IT resources as much as they want and pay the corresponding fee. This is one of the essential
characteristics of cloud computing (Pay Per Use).
Cloud computing technology may ease the burden of large-scale initial investments at the earlier stage
of business. Recently published CSA (Cloud Security Alliance) includes data encryption, access
control and storage security.
In this paper, we provide an overview of the major security technologies necessary for building a safe
cloud computing environment, monitoring and analysis of cloud security situations. Also discuss the
virtualization security management. There are different types of cloud technologies in this paper i.e.
Cloud computing security threats and technologies, virtualization security management technologies,
VM lifecycle and Tracing.
CLOUD COMPUTING SECURITY THREATS AND TECHNOLOGIES
Cloud provide a powerful computing platform that enables organisations and individuals to perform
various levels of activities such as: use of online storage space like google drive, development of
customized computer software and creation of network environment.
There are different cloud service types (IaaS, PaaS, SaaS). The concept of security threads for
different cloud services types involves in virtualization, multi-tenancy, information consignment at
remote locations, unwanted data transfer to overseas and safety of data centres.
The scope of security management has expanded according to the construction of virtualization
environment, managers of virtual machines also want to communicate between virtual machines, such
changed environment has given rise to new types of security threads, such as exchange of malicious
codes between virtual machines, MITM (Man-In-The-Middle) attack against live VM (Virtual
Machine) Migration, VM Rollback attack and so on.
Technologies respond to attacks against the cloud computing environment include various commercial
products processing security management capabilities such as vShiled of VMware, vSecurity of
catbird, VMC of reflex systems and so on.
VIRTUALIZATION SECURITY MANAGEMENT TECHNOLOGIES
Virtualization is a term that means the abstraction of the computer resources. The purpose of the
virtual computing environment is to improve the utilization of the computer resources by providing a
unified integrated operating system for users and applications.
CLOUD VSM (Virtualization Security Management)
Concept of cloud virtualization security management illustrates that service providers that have built
cloud infrastructure need technologies for the real-time detection like analysis of cloud security state,
realization of cloud security policies. Such technologies are needed to defend against virtualization
attacks.
A system has been designed consisting of the cloud agent and the cloud virtualization security
management (cloud VSM). IN this frame of virtualization security appliance, the cloud agent
consists of cloud security policy and cloud resource information. It receives information on the
security event and resources generated by the network intrusion prevention system (IPS) and forwards
them to cloud VSM.
Cloud VSM consists of various modules

 Cloud security event analysis / Status monitoring module.

 Cloud security policy / VM zone security management module.
 Cloud collection information management module.
VM LIFECYCLE AND TRACING
VM lifecycle consists of two phases VM lifecycle status and VM running state and these two are
arranged in time series to analyse and trace the changes in virtualized resources.VM lifecycle is a set
of processes that are designed to help administrators oversee the implementation.
VM Lifecycle Status consists of four stages: Created-Running-Migrated-Deleted.
VM Running State consists of four stages: Power Down-Running-Paused-Suspended.
To prevent the modification of VM IDs we define the VM HUID (Hashed Unique ID) as the hash
value of VM UUID (Universally Unique Identifier) and VS (Virtual Host System). VM IID (Index
ID) refers to the VM ID converted into purely numerical value. During the process of VM Lifecycle
changes, “created” and “copy” are controlled by increasing sequentially to prevent overlapping.
Therefore, we can trace specific point of time or change of VM related with virtualization attack
information.
Conclusion
Cloud computing as of now we know that it refers to the sustained storage and the advanced sharing
of data over the internet. There is a need for technologies for detecting internal virtualization attacks
and realising the characteristics of cloud structures. There are new security technologies being added
to the list which are being used to reduce the risks in cloud. The work must be done in order to
support cloud computing and virtualization and also understand the challenges regarding security
issues in cloud computing.