Top

Published in:

2015 | OriginalPaper | Chapter

A Secure Architecture for Inter-cloud Virtual Machine Migration

Authors : Tayyaba Zeb, Abdul Ghafoor, Awais Shibli, Muhammad Yousaf

Published in: International Conference on Security and Privacy in Communication Networks

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Virtual machine migration is an important tool that can be used in cloud computing environment for load balancing, disaster recovery, server consolidation, hardware maintenance, etc. Currently a few techniques have been proposed to secure the virtual machine migration process. However, these techniques have number of limitations e.g. lack of standard access control, mutual authentication, confidentiality, non-repudiation and integrity of VM data. Some of the techniques provide security services such as mutual authentication using TPM (Trusted Platform Module), however, not all the hardware platforms yet possess the TPM capability. This limits the deployment of such solutions in legacy systems. The architecture, presented in this paper, attempts to overcome these limitations with existing hardware support. In particular, we designed a secure and efficient protocol that migrates virtual machine from source cloud domain to destination cloud domain by considering fundamental security services such as confidentiality, integrity, standard access control and non-repudiation.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Inferring the Stealthy Bridges Between Enterprise Network Islands in Cloud Using Cross-Layer Bayesian Networks

next chapter STRE: Privacy-Preserving Storage and Retrieval over Multiple Clouds

The Xen Project. www.xenproject.org. Accessed 11 December 2013

VMware Virtualization for Desktop & Server, Application, Public & Hybrid Clouds. www.vmware.com. Accessed 11 December 2013

Kernel based Virtual Machine. www.linux-kvm.org. Accessed 11 December 2013

Oberheide, J., Cooke, E., Jahanian, F.: Empirical exploitation of live virtual machine migration. In: Proceedings of BlackHat DC Convention (2008)

Zhang, F., Huang, Y., Wang, H.: PALM: security preserving VM live migration for systems with VMM-enforced protection. In: The 3rd Asia-Pacific Trusted Infrastructure Technologies Conference, pp. 9–18 (2008)

Travostino, F., et al.: Seamless live migration of virtual machines over the MAN/WAN. Future Gener. Comput. Syst. 22(8), 901–907 (2006)CrossRef

Devi, Y., Aruna, P., Sudha, D.: Security in virtual machine live migration for KVM. In: International Conference on Process Automation, Control and Computing (PACC), pp. 1–6. IEEE (2011)

Wang, W., Zhang, Y., Lin, B., Wu, X., Miao, K.: Secured and reliable VM migration in personal cloud. In: The 2nd International Conference on Computer Engineering and Technology (ICCET), vol. 1, pp. 705–709. IEEE (2010)

NIST Guide to Security for full Virtualization, Special Publication 800–125 (2011)

10.

eXtensible Access Control Markup Language (XACML) Version 3.0, Candidate OASIS Standard 01 (2012). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cos01-en.html

11.

Wood, T., Ramakrishnan, K.K., Shenoy, P., Merwe, J.V.: CloudNet: dynamic pooling of cloud resources by live WAN migration of virtual machines. In: Proceedings of the 7th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE-11), NY, USA, pp. 121–132 (2011)

12.

Price, M.: The paradox of security in virtual environments. IEEE Comput. 41(11), 22–28 (2008). IEEECrossRef

13.

Schwarzkopf, R., Schmidt, M., Strack, C., Martin, S., Freisleben, B.: Increasing virtual machine security in cloud environments. J. Cloud Comput.: Adv. Syst. Appl. vol. 1. Springer (2012)

14.

Lombardi, F., DiPietro, R.: Secure virtualization for cloud computing. J. Network Comput. Appl. 34(4), 1113–1122 (2010). ElsevierCrossRef

15.

Al-Kiswany, S., Subhraveti, D., Sarkar, P., Ripeanu, M.: VMFlock: virtual machine co-migration for the cloud. In: Proceedings of the 20th International Symposium on High Performance Distributed Computing, pp. 159–170. ACM (2011)

16.

Aslam, M., Gehrmann, C., Bjorkman, M.: Security and trust preserving VM migrations in public clouds. In: IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, (TrustCom), pp. 869–876 (2012)

17.

Danev, B., et al.: Enabling secure VM-vTPM migration in private clouds. In: Proceedings of the 27th Annual Computer Security Applications Conference (ACSAC), pp. 187–196. ACM (2011)

18.

Xianqin, C., et al.: Seamless virtual machine live migration on network security enhanced hypervisor. In: IEEE 2nd International Conference on Broadband Network & Multimedia Technology, (IC-BNMT), pp. 847–853. IEEE (2009)

19.

Recommendation for Pair Wise Key Establishment Schemes using Discrete Logarithm Cryptography (Revised), NIST Special Publication 800–56A (2007)

20.

Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197 (2001)

21.

Secure Hash Standard (SHS), Federal Information Processing Standards Publication 180-4 (2012)

22.

Kaufman, C., Hoffman, P., Nir, Y., Eronen, P.: Internet Key Exchange Protocol Version 2 (IKEv2), IETF RFC-5996 (2010)

23.

Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2, IETF RFC-5246 (2008)

Title: A Secure Architecture for Inter-cloud Virtual Machine Migration
Authors: Tayyaba Zeb
Abdul Ghafoor
Awais Shibli
Muhammad Yousaf
Publisher: Springer International Publishing
Book: International Conference on Security and Privacy in Communication Networks
Print ISBN: 978-3-319-23828-9

Electronic ISBN: 978-3-319-23829-6

Copyright Year: 2015
DOI: https://doi.org/10.1007/978-3-319-23829-6_2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner