Virtualization security threats in cloud computing
Download as PPTX, PDF3 likes2,813 views
Virtualization vulnerabilities, security issues, and solutions: Virtualization is technological revolution that separates functions from underlying hardware and allows us to create useful environment from abstract resources. Virtualization technology has been targeted by attackers for malicious activity. Attackers could compromise VM infrastructures, allowing them to access other VMs on the same system and even the host. This presentation emphasize on the assessment of virtualization specific vulnerabilities, security issues and possible solutions. By-Nitish Awasthi B.Tech.CTIS Invertis University Bareilly
Ad
More Related Content
What's hot (20)
Similar to Virtualization security threats in cloud computing (20)
Ad
Recently uploaded (20)
Ad
Virtualization security threats in cloud computing
- 1. Virtualization vulnerabilities, security issues, and solutions VIRTUALIZATION SECURITY THREATS IN CLOUD COMPUTING Vulnerabilities Security Issues And Solutions
- 2. What is Virtualization? Cloud Computing, Virtualization means to create a virtual version of a device or resources. Where the framework divides the resources into one or more execution environment.
- 3. Why you Should Care? Fewer Physical Machines Lowered CAPEX Centralized Management Higher Utilization Minimized or Eliminate Downtime
- 4. How does virtualization work in cloud computing? Hypervisor software is the secret sauce that makes virtualization possible. _______________________________________________________
- 6. Welcoming Greater flexibility leads to potentially large security risks
- 7. The Security Risks of Virtualization In a Virtualized environment, each of the VMs is detached from the rest of the system by the hypervisor or Virtual Machine Monitor (VMM). A Strong accomplishment can break this confinement and thus point to various concerns respecting the Confidentiality, Integrity, Or Availability of the VMs.
- 8. Virtualization Security Issues VM escape- Enables a hacker/cracker to gain access to the primary hypervisor and its created virtual machines. Hyperjacking- Hacker takes malicious control over the hypervisor that creates the virtual environment within a virtual machine (VM) host. VM sprawl- When the large number of virtual machines exist in the environment without proper management.
- 9. Virtualization Security Issues VM footprint Used for gathering information about target VM like OS installed, packages installed and services running etc. Inside-VM attack VM can get infected with malware or OS rootkits at run- time. Outside-VM attack Attacks from the host OS and co-located VMs are known as outside-VM attacks.
- 10. Virtualization Security Issues Cross VM side channel To maximize resource utilization, multiple VMs are usually placed on the same physical server in the cloud environment. The basic idea is a malicious VM penetrates the isolation between VMs, and then access the shared hardware and cache locations to extract confidential information from the target.
- 11. Virtualization Security Issues Oudated SW packages in VMs Outdated software packages in virtual machines can pose serious security threats in the virtualized environment. Because of the low cost and the ease of creation, users tend to create new virtual machines for different tasks, branch new virtual machines based on the old ones, snapshot machines or even rollback machines to an earlier state.
- 12. Virtualization security measures amd requirements In order to protect the virtualization environment in the cloud, the authority must implement definite security measures. The following measures must be endorsed for a secure cloud execution. Protected network Deactivating the non-essential features Detach unutilized hardware devices Backup of VM images Hardened Configuration. Patch Management Intrusion Detection System.
- 13. Cloud Shared Responsibility model Cloud Always comes as a shared responsibility model between a cloud service provider and cloud customers. Cloud Service Provider Cloud Service Customer Cloud Shared Responsibility Model
- 14. Conclusion Virtualization involves the use of encapsulating software layer (Hypervisor or Virtual Machine Monitor) which surrounds or underlies an operating system and provides the same input, outputs, and behavior that would be expected from an actual physical device. Virtualized systems introduce important security gaps that need to be taken into account when deploying strong and secure virtualized infrastructure. Cloud Virtualization environment can be compromised by different attacks at hypervisor, virtual machines and VM images. We have identified attack scenarios at these components and different existing security schemes that provide security to virtualization.
- 15. List of References/Bibliography • Virtualization vulnerabilities, security issues, and solutions: A critical study and comparison Darshan Tank . Akshai Aggarwal . Nirbhay Chaubey https://doi.org/10.1007/s41870-019-00294 © Bharati Vidyapeeth’s Institute of Computer Applications and Management 2019 • Google.com • Youtube.com • en.Wikipedia.org